Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Delayed Write Failure (Second Try)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Delayed Write Failure (Second Try)

Unread postby lehbird » December 12th, 2011, 12:40 pm

Hi:

I booted up my computer and I get several boxes which say "delayed Write Failure."

Can only access my PC through safe mode.

If I go into Windows explorer, I still see all my programs, but my start menu is empty.

I was a little confused by the instructions; I included both .dds logs; hope that is correct.

Also, it seems my Windows user account is corrupt as I can not log in with it. (Not even in safe Mode)

This my second try posting, if this is not correct, let me what I am to be posting as I am trying to comply.

Sorry, I can not zip the "attach file" as I am in limited safe mode and can't figure out how to do it. I have included it however.

Thanks,

Dave

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Run by Administrator at 11:34:30 on 2011-12-12
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2813 [GMT -5:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Sunbelt Personal Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com
uSearch Page = hxxp://red.clientapps.yahoo.com/customi ... .yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customi ... ch/ie.html
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&cli ... channel=us
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title = By D&E Jazzd
uInternet Connection Wizard,ShellNext = hxxp://www.fulldotfinds.com/pubac/ac.ph ... id=clean12
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\ycomp5_6_0_1.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [lxebmon.exe] "c:\program files\lexmark pro200-s500 series\lxebmon.exe"
mRun: [EzPrint] "c:\program files\lexmark pro200-s500 series\ezprint.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SBAMTray] "c:\program files\gfi software\vipre\SBAMTray.exe"
mRun: [pQnPdkMCky.exe] c:\documents and settings\all users\application data\pQnPdkMCky.exe
mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: musicmatch.com\online
DPF: {0000000A-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... wmavax.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
TCP: DhcpNameServer = 192.168.254.254
TCP: Interfaces\{4CC6A2A3-9DA6-4BDE-A594-B5A79C80ED19} : DhcpNameServer = 192.168.254.254
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli scecli
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\tti7e5hu.default\
FF - prefs.js: browser.search.selectedEngine - Search Defender
FF - prefs.js: keyword.URL - hxxp://www.search-results.com/web?o=158 ... &ver=UN&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\pc tools security\bdt\firefox\platform\winnt_x86-msvc\components\libheuristic.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPUploader.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-1-28 270888]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2010-10-9 217976]
R2 SBAMSvc;VIPRE Antivirus;c:\program files\gfi software\vipre\SBAMSvc.exe [2011-11-1 3287472]
R2 SBPIMSvc;SB Recovery Service;c:\program files\gfi software\vipre\SBPIMSvc.exe [2011-11-1 173424]
R3 SaiH0461;SaiH0461;c:\windows\system32\drivers\SaiH0461.sys [2007-2-20 182528]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2011-1-28 65576]
S0 NVStrap;NVStrap;c:\windows\system32\drivers\NVStrap.sys [2006-10-20 3712]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S1 NGS;Norman General Security Driver;c:\virusfighter\nvc\bin\ngs.sys [2009-6-17 22712]
S1 oreans32;oreans32;\??\c:\windows\system32\drivers\oreans32.sys --> c:\windows\system32\drivers\oreans32.sys [?]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2011-5-28 21240]
S1 SBHIPS;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-6-21 66600]
S2 gupdate1ca3fe3dfb19044;Google Update Service (gupdate1ca3fe3dfb19044);c:\program files\google\update\GoogleUpdate.exe [2009-9-27 133104]
S2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [2006-9-2 2560]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe -service --> c:\windows\system32\lxebcoms.exe -service [?]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxebserv.exe [2011-1-22 193192]
S2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-6-24 91456]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-5-28 77816]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\sunbelt software\personal firewall\SbPFLnch.exe [2008-10-31 95528]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\sunbelt software\personal firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\nsdriver.sys --> c:\windows\system32\drivers\NSDriver.sys [?]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\davidn~1.leh\locals~1\temp\alsysio.sys --> c:\docume~1\davidn~1.leh\locals~1\temp\ALSysIO.sys [?]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-27 133104]
S3 HP1319EWS;HP1319EWS;c:\windows\system32\drivers\HP1319EWS.sys [2009-2-28 12800]
S3 HP1319FAX;HP1319MFP FAX;c:\windows\system32\drivers\HP1319FAX.sys [2009-2-28 13824]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S4 HPM1319RcvFaxSrvc;HP M1319 Receive Fax Service;c:\program files\hp\hp laserjet m1319 mfp series\ReceiveFaxUtility.exe [2008-3-27 348160]
S4 Just Flight Limited License Service;Just Flight Limited License Service;c:\program files\common files\just flight limited shared\service\JustFlightLimitedLicSvc.exe [2008-2-20 69632]
.
=============== Created Last 30 ================
.
2011-12-10 16:06:53 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE
2011-12-10 01:09:08 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities
2011-12-10 00:35:25 -------- d--h--w- c:\documents and settings\administrator\application data\Malwarebytes
2011-12-10 00:06:05 370688 ---ha-w- c:\documents and settings\all users\application data\tNg2UrRUbj7rjw.exe
2011-12-10 00:02:56 462848 ---ha-w- c:\documents and settings\all users\application data\pQnPdkMCky.exe
2011-11-26 19:17:51 -------- d-----w- C:\users
2011-11-26 19:17:21 -------- d-----w- c:\program files\Aimersoft
2011-11-16 01:24:43 -------- d-----w- c:\windows\system32\drivers\VDD
2011-11-16 01:24:24 -------- d--h--w- c:\documents and settings\all users\application data\GFI Software
2011-11-16 01:22:25 -------- d-----w- c:\program files\GFI Software
.
==================== Find3M ====================
.
2011-12-10 16:46:54 3681 ----a-w- c:\windows\system32\mmf.sys
2011-11-27 14:13:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:49:41 4756 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-11-01 05:42:10 11632 ----a-w- c:\windows\system32\drivers\vdd\apvdd.dll
2011-11-01 05:42:02 42864 ----a-w- c:\windows\system32\sbbd.exe
2011-11-01 05:08:12 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2011-10-26 20:40:02 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
1998-07-07 16:21:54 196096 ----a-w- c:\program files\MailList.exe
1998-07-06 17:43:38 77824 ----a-w- c:\program files\Textdbs.dbs
1998-07-06 17:42:48 39424 ----a-w- c:\program files\Native.dbs
1998-07-06 17:24:54 37376 ----a-w- c:\program files\AddrCD.rmv
1998-06-26 15:16:12 71168 ----a-w- c:\program files\jeteng.dbs
1998-06-26 15:13:36 28160 ----a-w- c:\program files\oldmaml.dbs
1998-06-03 14:41:30 17408 ----a-w- c:\program files\oldmald.dbs
1998-04-27 11:24:18 128 ----a-w- c:\program files\EREG.BIN
2004-08-04 11:00:00 94784 --sh--w- c:\windows\twain.dll
.
============= FINISH: 11:36:03.48 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume3
Install Date: 3/25/2006 12:00:37 AM
System Uptime: 12/12/2011 11:28:12 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | G31MX-S2
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2333/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 463 GiB total, 347.753 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 149 GiB total, 20.898 GiB free.
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: HP1319FAX
Device ID: USB\VID_03F0&PID_5817&MI_02\7&22C8006&0&0002
Manufacturer: HP
Name: HP1319FAX
PNP Device ID: USB\VID_03F0&PID_5817&MI_02\7&22C8006&0&0002
Service: HP1319FAX
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: HP1319EWS
Device ID: USB\VID_03F0&PID_5817&MI_03\7&22C8006&0&0003
Manufacturer: HP
Name: HP1319EWS
PNP Device ID: USB\VID_03F0&PID_5817&MI_03\7&22C8006&0&0003
Service: HP1319EWS
.
==== System Restore Points ===================
.
RP397: 9/9/2011 3:00:23 AM - Software Distribution Service 3.0
RP398: 9/10/2011 3:00:22 AM - Software Distribution Service 3.0
RP399: 9/10/2011 10:37:27 PM - Software Distribution Service 3.0
RP400: 9/11/2011 3:00:22 AM - Software Distribution Service 3.0
RP401: 9/12/2011 3:00:25 AM - Software Distribution Service 3.0
RP402: 9/13/2011 3:00:24 AM - Software Distribution Service 3.0
RP403: 9/14/2011 3:00:28 AM - Software Distribution Service 3.0
RP404: 9/15/2011 3:00:23 AM - Software Distribution Service 3.0
RP405: 9/16/2011 3:00:25 AM - Software Distribution Service 3.0
RP406: 9/17/2011 3:00:23 AM - Software Distribution Service 3.0
RP407: 9/18/2011 3:00:27 AM - Software Distribution Service 3.0
RP408: 9/19/2011 3:00:23 AM - Software Distribution Service 3.0
RP409: 9/20/2011 3:00:23 AM - Software Distribution Service 3.0
RP410: 9/21/2011 3:00:25 AM - Software Distribution Service 3.0
RP411: 9/22/2011 3:00:26 AM - Software Distribution Service 3.0
RP412: 9/23/2011 3:00:29 AM - Software Distribution Service 3.0
RP413: 9/24/2011 3:00:28 AM - Software Distribution Service 3.0
RP414: 9/25/2011 3:00:35 AM - Software Distribution Service 3.0
RP415: 9/26/2011 3:00:30 AM - Software Distribution Service 3.0
RP416: 9/27/2011 3:00:24 AM - Software Distribution Service 3.0
RP417: 9/28/2011 3:00:26 AM - Software Distribution Service 3.0
RP418: 9/29/2011 3:00:24 AM - Software Distribution Service 3.0
RP419: 9/30/2011 3:00:23 AM - Software Distribution Service 3.0
RP420: 10/1/2011 3:00:25 AM - Software Distribution Service 3.0
RP421: 10/2/2011 3:00:24 AM - Software Distribution Service 3.0
RP422: 10/3/2011 3:00:24 AM - Software Distribution Service 3.0
RP423: 10/4/2011 3:00:25 AM - Software Distribution Service 3.0
RP424: 10/4/2011 8:28:58 PM - Software Distribution Service 3.0
RP425: 10/5/2011 10:25:42 PM - Software Distribution Service 3.0
RP426: 10/6/2011 3:00:28 AM - Software Distribution Service 3.0
RP427: 10/7/2011 3:00:28 AM - Software Distribution Service 3.0
RP428: 10/8/2011 3:00:25 AM - Software Distribution Service 3.0
RP429: 10/9/2011 3:00:29 AM - Software Distribution Service 3.0
RP430: 10/10/2011 3:00:29 AM - Software Distribution Service 3.0
RP431: 10/11/2011 3:00:30 AM - Software Distribution Service 3.0
RP432: 10/12/2011 3:00:24 AM - Software Distribution Service 3.0
RP433: 10/13/2011 3:00:26 AM - Software Distribution Service 3.0
RP434: 10/14/2011 3:00:27 AM - Software Distribution Service 3.0
RP435: 10/15/2011 3:00:24 AM - Software Distribution Service 3.0
RP436: 10/15/2011 5:33:15 PM - Software Distribution Service 3.0
RP437: 10/16/2011 9:03:09 AM - Software Distribution Service 3.0
RP438: 10/17/2011 3:00:22 AM - Software Distribution Service 3.0
RP439: 10/18/2011 3:00:31 AM - Software Distribution Service 3.0
RP440: 10/19/2011 3:00:32 AM - Software Distribution Service 3.0
RP441: 10/20/2011 3:00:31 AM - Software Distribution Service 3.0
RP442: 10/20/2011 7:11:54 PM - Removed VIPRE Antivirus.
RP443: 10/20/2011 7:12:22 PM - Installed VIPRE Antivirus.
RP444: 10/21/2011 3:00:17 AM - Software Distribution Service 3.0
RP445: 10/22/2011 3:00:21 AM - Software Distribution Service 3.0
RP446: 10/23/2011 3:00:21 AM - Software Distribution Service 3.0
RP447: 10/24/2011 3:00:20 AM - Software Distribution Service 3.0
RP448: 10/25/2011 3:00:20 AM - Software Distribution Service 3.0
RP449: 10/26/2011 3:00:20 AM - Software Distribution Service 3.0
RP450: 10/27/2011 3:00:20 AM - Software Distribution Service 3.0
RP451: 10/28/2011 3:00:20 AM - Software Distribution Service 3.0
RP452: 10/29/2011 3:00:20 AM - Software Distribution Service 3.0
RP453: 10/30/2011 3:00:24 AM - Software Distribution Service 3.0
RP454: 10/31/2011 3:00:26 AM - Software Distribution Service 3.0
RP455: 11/1/2011 3:00:25 AM - Software Distribution Service 3.0
RP456: 11/2/2011 3:00:29 AM - Software Distribution Service 3.0
RP457: 11/3/2011 3:00:25 AM - Software Distribution Service 3.0
RP458: 11/4/2011 3:00:25 AM - Software Distribution Service 3.0
RP459: 11/5/2011 3:00:26 AM - Software Distribution Service 3.0
RP460: 11/6/2011 2:00:23 AM - Software Distribution Service 3.0
RP461: 11/6/2011 3:00:20 AM - Software Distribution Service 3.0
RP462: 11/7/2011 3:00:21 AM - Software Distribution Service 3.0
RP463: 11/8/2011 3:00:21 AM - Software Distribution Service 3.0
RP464: 11/8/2011 9:21:57 PM - Installed FWXACARS
RP465: 11/9/2011 3:00:16 AM - Software Distribution Service 3.0
RP466: 11/10/2011 3:00:27 AM - Software Distribution Service 3.0
RP467: 11/11/2011 3:00:22 AM - Software Distribution Service 3.0
RP468: 11/12/2011 3:00:29 AM - Software Distribution Service 3.0
RP469: 11/13/2011 3:00:29 AM - Software Distribution Service 3.0
RP470: 11/14/2011 3:00:22 AM - Software Distribution Service 3.0
RP471: 11/15/2011 3:00:21 AM - Software Distribution Service 3.0
RP472: 11/16/2011 3:00:26 AM - Software Distribution Service 3.0
RP473: 11/17/2011 3:00:27 AM - Software Distribution Service 3.0
RP474: 11/18/2011 3:00:29 AM - Software Distribution Service 3.0
RP475: 11/19/2011 3:00:28 AM - Software Distribution Service 3.0
RP476: 11/20/2011 3:00:26 AM - Software Distribution Service 3.0
RP477: 11/20/2011 11:53:05 AM - Installed PMDG 737 8900 NGX
RP478: 11/20/2011 12:00:31 PM - Installed DirectX
RP479: 11/21/2011 3:00:33 AM - Software Distribution Service 3.0
RP480: 11/22/2011 3:00:26 AM - Software Distribution Service 3.0
RP481: 11/23/2011 3:00:30 AM - Software Distribution Service 3.0
RP482: 11/24/2011 3:00:35 AM - Software Distribution Service 3.0
RP483: 11/25/2011 3:00:28 AM - Software Distribution Service 3.0
RP484: 11/26/2011 3:00:25 AM - Software Distribution Service 3.0
RP485: 11/26/2011 2:20:02 PM - Installed Windows XP -- Software Updates KB952011.
RP486: 11/27/2011 3:00:34 AM - Software Distribution Service 3.0
RP487: 11/28/2011 3:00:25 AM - Software Distribution Service 3.0
RP488: 11/29/2011 3:00:31 AM - Software Distribution Service 3.0
RP489: 11/30/2011 3:00:33 AM - Software Distribution Service 3.0
RP490: 12/1/2011 3:00:27 AM - Software Distribution Service 3.0
RP491: 12/2/2011 3:00:29 AM - Software Distribution Service 3.0
RP492: 12/3/2011 3:00:32 AM - Software Distribution Service 3.0
RP493: 12/4/2011 3:00:34 AM - Software Distribution Service 3.0
RP494: 12/5/2011 3:00:30 AM - Software Distribution Service 3.0
RP495: 12/6/2011 3:00:31 AM - Software Distribution Service 3.0
RP496: 12/7/2011 3:00:31 AM - Software Distribution Service 3.0
RP497: 12/9/2011 6:35:20 PM - Software Distribution Service 3.0
RP498: 12/10/2011 11:48:37 AM - Software Distribution Service 3.0
RP499: 12/10/2011 11:51:38 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Flight One Software Meridian 2004
727-100 Base Pack 2.3
727-200 Expansion Model Upgrade 2.4
727 Freighter Expansion Model 2.3
737 Pilot in Command
757-200 Captain (Base)
AAV Digital Flight Recorder
ABBYY FineReader 6.0 Sprint
Abexo Free Registry Cleaner
Active AirSource v3.27
Active Camera 2004 2.1 for FS 2004 (updated to 9.1)
Active Camera 2004 version 2.1 for FS 9.0
ActiveSky v6.5
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.2
Adobe Shockwave Player
Advanced SystemCare 3
Aerosoft's - DHC-6 Twin Otter X
AFX Demo
Aimersoft DVD Creator(Build 2.5.2.15)
Airbus Series Vol.1 (FS2004)
Airport Chart
Airport Design Editor Version 1.37.5.0 (Patched from 1.20)
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVS Update Manager 1.0
AVS Video Editor 4
AVS Video Recorder 2.4
AVS YouTube Uploader version 2.1
AVS4YOU Software Navigator 1.3
Baseball Mogul 2009 DEMO
BFL Acars
BirdsEyeView
BlackBerry Desktop Software 5.0
Boeing B737NG Deluxe
Bonjour
C-130 X-perience Pro Pack 1.3
Carbonite
CargoPilot (Shared Components)
CASIO USB Driver V1.2.2474.0623
CCScore
Choice Guard
CLOUD9 Washington 1.01
CLS 3 Airbus Pack FSX
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Corel Paint Shop Pro X
Coupon Printer for Windows
Creative Audio Console
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
Data Lifeguard Tools
DefragExpress! V1.49
DeHavilland Dash-8-300 2.004.01
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell System Restore
DellSupport
Delta Virtual Airlines 737NG (FSX)
DH Driver Cleaner Professional Edition
Digital Content Portal
Digital Line Detect
Diskeeper 2007 Home
Disktrix UltimateDefrag XP
DivX Player
DivX Web Player
Douglas DC-4 for FSX or FS2004
Drivers Install For Linksys Easylink Advisor
EditVoicepack X
EducateU
ELIcon
EndItAll 2.0
Error Expert 1.5
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
FaxSendInstaller
FaxSetupInstaller
FeelThere PIC ERJ-145LR 1.2.6
FeelThere PIC ERJ-145LR for FSX 1.2.6
ffdshow [rev 2527] [2008-12-19]
Flight 1 Software Cessna 441 - Conquest II 2.1
Flight 1 Software Cessna 441fsx - Conquest II 2.3
Flight One ATR 72-500
Flight One Software Pilatus PC-12 fsx
Flight One Text-o-Matic
FlightSim Commander
FLV Player 1.3.3
Fly the MADDOG 2006
Fly the MADDOG 2006 liveries
Fly the MADDOG 2008
FriendlyPanels FMC Pack1 for FSX & FS9
FS Flight Keeper
FS FlightTracker
FSacars
FSAutoStart
FSBuild 2.3
FSCheckride by CATIII Software
FSDreamTeam Fort Lauderdale-Hollywood FSX 1.2.2
FSDZigns Lockheed 049A Constellation
FSFDT FSCopilot
FSFDT FSInn
FSFDT VIP Standard 2004
FSNavigator
FSX Booster 3.8.0.0
FWXACARS
Game Booster
Globe Cargo FSACARS
Globe Cargo PIREP
Globe Cargo PIREP v2.3.1
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Ground Environment
Ground Environment X North America
Hawaii Oahu
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 (KB2418240)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB981793)
HP LaserJet M1319 MFP Series
HP LaserJet M1319 MFP Series Toolbox
HP LaserJet Toolbox
HP Photo Printing Software
hp psc 900 series
HP Share-to-Web
hppusgM1310
iFly 747-400
iFly 747-400 Service Pack 3
InCabin Locate for FSX
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
IrfanView (remove only)
iSEEK AnswerWorks English Runtime
iTunes
Java Auto Updater
Java(TM) 6 Update 21
Jet City Aircraft 717-200
Just Flight - Cargo Pilot v1.00
kACARS_Free
KDTW Detroit
kgcbase
KIAD v1.3.1 for FS9 MetroAir Edition
KIAD v1.3.2 for FSX MetroAir Edition
KLGA La Guardia Demo Version
Kodak EasyShare software
Latin VFR MKJP FSX
LatinVFR Cayman Islands for FSX
Learn2 Player (Uninstall Only)
Legacy 'The Luxury Aircraft Collection'
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark Printable Web
Lexmark Pro200-S500 Series
Lexmark Toolbar
LG Android Drivers
LG USB Modem driver
Linksys EasyLink Advisor 1.6 (0032)
Logitech Gaming Software 5.10
Malwarebytes' Anti-Malware
MarketResearch
MaxBlast 3
McAfee Security Scan Plus
MCU
MD80 for AAV
MegaSceneryX Las Vegas
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Flight Simulator X
Microsoft Flight Simulator X SDK SP1A
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft IntelliPoint 6.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Links 2003
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Web Publishing Wizard 1.52
Microsoft Word 2000
MLB 2K9
MobileMe Control Panel
Modem Helper
MotoConnect 1.1.31
Motorola Mobile Drivers Installation 4.7.1
Mozilla Firefox 8.0 (x86 en-US)
MozyHome Remote Backup
MrvlUsgTracking
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
MSXML 6 Service Pack 2 (KB973686)
Musicmatch® Jukebox
MVP Baseball 2005
MySQL Connector/ODBC 3.51
Navigraph nDAC 2
Navigraph nDAC 3
NEMETH DESIGNS - S-76 SPIRIT
netbrdg
NetWaiting
NetZeroInstallers
nHancer
NuRoads Configurator
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
NVIDIA nView 135.50
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
O&O Defrag Professional Edition
Oakland Metro International Airport by M1DG
OfotoXMI
OOTP Baseball 2006
OpenAL
Out of the Park Baseball 8
Out of the Park Baseball 9
Overland - World Airlines (Airbus)
Overland - World Airlines for FSX (Airbus)
Pantech Handset Driver
Perfect Optimizer 5.2
PFPortChecker 1.0.32
PMDG 737 8900 NGX
PMDG 747-400/400F for FSX
PMDG BAe JS4100
PMDG_BAe_JS4100_AX
PMDG_BAe_JS4100_N401TJ
PMDG_BAe_JS4100_OGN
PMDG744X_GE_QF2
PMDG744X_RR_BA
PMDG744XF_GE_5XF
PMDG744XF_GE_5YF
PMDG744XF_GE_POF
PMDG744XF_PW_FXF
Portforward Static IP Address 1.0.45
PS Panels 737NG Version 1.1
PSS B777 Professional 2004 (777-200 LR) 2.1
PSS Boeing 757 Pro 2006 1.2
PVACARS
QualityWings Ultimate 757 Collection FSX 1.2.2
Quicken 2011
QuickTime
Radar Contact Version 4.3
Ready for Pushback V2_10 Full Version
Real Environment Xtreme
Real Environment Xtreme - Overdrive
RealPlayer
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
RealUpgrade 1.0
ReceiveInstaller
RegCure
Registry Toolkit 1.3.0
Rhapsody Player Engine
RivaTuner v2.0 RC 16
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
Saitek SST Programming Software
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
SAS_DC9v50
Scan To
SecondLife (remove only)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 Series (KB969878)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Self-Repair Technician
SFR
SHASTA
Shockwave
Shutterfly Plugin
SideWinder Precision 2
skin0001
SKINXSDK
Sonic Activation Module
Sonic CinePlayer DVD Pack
Sonic Update Manager
Sound Blaster Audigy 4
Sounds Best On Sound Blaster
SquawkBox 3
Squawkbox 3 Model Set (FS2004)
staticcr
Sunbelt Personal Firewall
TeamSpeak 2 RC2
TeamSpeak 3 Client
The Brown Box 1.0.7
The Print Shop 20
Tiger Woods PGA TOUR 08
tooltips
Total 3D Home Deluxe
Tournament Bracket Builder 1.2
TRS2006
TTS_Technology
TuneUp Utilities 2007
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax Basic 2007
TurboTax ItsDeductible 2006
TweakFPS for FSX
Tweakui Powertoy for Windows XP
Ultimate Traffic
UltimateDefrag
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
VAFINANCIALS 4.0.1.26
VAFS4
vasFMC 2.1
VAT-Spy
Ventrilo Client
Verizon V CAST Media Manager
Viewpoint Media Player
VIPRE Antivirus
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
VPRINTOL
WebFldrs XP
WestWind Dassault Falcon 2000EX
WexTech AnswerWorks
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WinPatrol 2008
WinRAR archiver
WinZip
WIRELESS
WordPerfect Office 12
WWA AFG Beechcraft 300
WWA B737-800 FSX
WWA CRJ700 FSX
WWA FSX AI Traffic
WWA Gulfstream 550 for FSX (final)
WWA Lear60 FSX
WWA PAD Dash 8-300
WWA Piper Turbo Arrow III
X-treme King Air B200 v.2.0.1
X Graphics
XAcars for Microsoft Flightsimulator
XML Paper Specification Shared Components Pack 1.0
XPax
XviD MPEG-4 Video Codec
Yahoo! Companion
.
==== Event Viewer Messages From Past Week ========
.
12/12/2011 11:30:12 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm mozyFilter NGS oreans32 sbaphd SBHIPS TfFsMon TfSysMon
12/10/2011 11:50:31 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2478656).
12/10/2011 11:49:46 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Security Update for Windows Server 2003 and Windows XP x86 (KB982865).
12/10/2011 11:49:38 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2416468).
12/10/2011 11:49:30 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for .NET Framework 3.5 on Windows Server 2003 and Windows XP x86 (KB2530095).
12/10/2011 11:49:20 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).
12/10/2011 11:47:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: oreans32 TfFsMon TfSysMon
12/10/2011 11:47:01 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
12/10/2011 11:47:01 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxebCATSCustConnectService service to connect.
12/10/2011 11:47:01 AM, error: Service Control Manager [7000] - The lxebCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/10/2011 11:46:48 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFC. Reference error message: The referenced assembly is not installed on your system. .
12/10/2011 11:46:48 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Logitech\Gaming Software\LWEMon.exe. Reference error message: The operation completed successfully. .
12/10/2011 11:46:48 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFC could not be found and Last Error was The referenced assembly is not installed on your system.
12/10/2011 11:04:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
12/10/2011 11:04:48 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/10/2011 11:04:46 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/10/2011 11:04:02 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips IntelIde intelppm mozyFilter NGS oreans32 sbaphd SBHIPS TfFsMon TfSysMon
.
==== End Of File ===========================
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am
Advertisement
Register to Remove

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 16th, 2011, 11:57 am

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 16th, 2011, 12:02 pm

Hi lehbird,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

I must remind you that running Combofix without supervision is not recommended.

Please post the log from Combofix.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby lehbird » December 16th, 2011, 8:29 pm

Thank you for your reply.

I tried to paste the Combofix log, but it said there is a max of 100,000 character permitted and my log is 900,000 characters. Had to zip & attach. Hope that's ok.

Thanks,

Dave
You do not have the required permissions to view the files attached to this post.
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 17th, 2011, 11:18 am

Hi lehbird,

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Now please run a quick scan with Malwarebytes and post the log in your next reply.

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby lehbird » December 18th, 2011, 12:15 am

Here you go:

ESET Log:

C:\Documents and Settings\David N. Leh\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08 a variant of Java/Rowindal.A trojan
C:\Documents and Settings\David N. Leh\Application Data\Sun\Java\Deployment\cache\6.0\53\7b6c9375-3d5f5fae a variant of Java/Exploit.CVE-2011-3544.C trojan
C:\Documents and Settings\David N. Leh\Desktop\Dave 2010\My Documents\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08 a variant of Java/Rowindal.A trojan
C:\From old C drive\My Documents\Homestore_Desktop_Tour_MLS_ID4326974-Pottstown.exe probably a variant of Win32/TrojanDropper.VB.GWZTJVB trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Dave 2010\My Documents\Local Settings\Temp\jar_cache8206155565353538054.tmp.vir a variant of OSX/Exploit.Smid.D trojan
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP499\A0060546.exe a variant of Win32/Kryptik.XBT trojan
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP499\A0060547.exe a variant of Win32/Kryptik.XBT trojan
G:\Downloads\Flight zips\SoftonicDownloader_for_enditall.exe a variant of Win32/SoftonicDownloader.A application
G:\MGtools\Process.exe Win32/PrcView application

Malaware Bytes:

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Database version: 4638

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/17/2011 11:10:55 PM
mbam-log-2011-12-17 (23-10-55).txt

Scan type: Quick scan
Objects scanned: 164630
Time elapsed: 12 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL.txt & Extras.txt attached.

Thanks,

Dave
You do not have the required permissions to view the files attached to this post.
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 18th, 2011, 7:16 am

Hi lehbird,

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    :otl
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    :files
    C:\Documents and Settings\David N. Leh\Desktop\Dave 2010\My Documents\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08 
    C:\From old C drive\My Documents\Homestore_Desktop_Tour_MLS_ID4326974-Pottstown.exe
    :commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [EMPTYJAVA]
    [RESETHOSTS]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Update Java Runtime

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 30.
  • Download the latest version of Java Runtime Environment (JRE) 6 Here
  • Scroll down to where it says "JDK 6 Update 30 (JDK or JRE)"
  • Click the orange Download JRE button to the right
  • Select the Windows platform from the dropdown menu
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
  • Click on the link to download Windows Offline Installation & save the file to your desktop
  • Close any programs you may have running - especially your web browser
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions
  • Reboot your computer once all Java components are removed
  • Then from your desktop double-click on jre-6u30-windows-i586-p.exe to install the newest version


Uninstall ComboFix

  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby lehbird » December 18th, 2011, 3:36 pm

Here you go...

By the way... When do I remove the items the ESET Online Scanner found?

Thanks!

OTL logfile created on: 12/18/2011 2:27:21 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\David N. Leh\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 64.73% Memory free
7.00 Gb Paging File | 6.10 Gb Available in Paging File | 87.18% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.71 Gb Total Space | 352.61 Gb Free Space | 76.21% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 22.07 Gb Free Space | 14.81% Space Free | Partition Type: NTFS
Drive G: | 465.65 Gb Total Space | 359.11 Gb Free Space | 77.12% Space Free | Partition Type: FAT32

Computer Name: D51LHP91 | User Name: David N. Leh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\David N. Leh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (http://www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
PRC - C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
PRC - C:\WINDOWS\system32\lxebcoms.exe ( )
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (Sunbelt Software, Inc.)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Runservice.exe ()
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - E:\Program Files\SERVINFO\ServInfo.exe (Michael Frantzeskakis)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
MOD - C:\Program Files\Verizon V CAST Media Manager\libexpat.dll ()
MOD - C:\Program Files\Verizon V CAST Media Manager\sqlite3.dll ()
MOD - C:\Program Files\Verizon V CAST Media Manager\avutil-50.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
MOD - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\epoemdll.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\epstring.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\epwizres.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\epwizard.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\customui.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\epfunct.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\eputil.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\imagutil.dll ()
MOD - C:\Program Files\Lexmark\Pro200-S500 Series\lxebdrs.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\lxebdrs.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\lxebscw.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\WINDOWS\system32\LXEBPMON.DLL ()
MOD - C:\Program Files\Lexmark\Pro200-S500 Series\lxebmicro.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\LXEBalm.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\lxebdrpp.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebdatr.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\iptk.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll ()
MOD - C:\Program Files\Lexmark\Pro200-S500 Series\lxebcaps.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\lxebcaps.dll ()
MOD - C:\Program Files\Lexmark Pro200-S500 Series\lxebptp.dll ()
MOD - C:\WINDOWS\system32\LXEBsmr.dll ()
MOD - C:\WINDOWS\system32\LXEBsm.dll ()
MOD - C:\WINDOWS\system32\LXEBoem.dll ()
MOD - C:\Program Files\ffdshow\ffdshow.ax ()
MOD - C:\WINDOWS\system32\qedit.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\dxmasf.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\ctmmactl.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll ()
MOD - C:\WINDOWS\mmfs.dll ()
MOD - C:\WINDOWS\Runservice.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll ()
MOD - C:\Program Files\Google\Google Desktop Search\GoogleDesktopDeskbar2.dll ()
MOD - C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll ()
MOD - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll ()
MOD - C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (http://www.carbonite.com))
SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (lxeb_device) -- C:\WINDOWS\System32\lxebcoms.exe ( )
SRV - (lxebCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe ()
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (SPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (Sunbelt Software, Inc.)
SRV - (SbPF.Launcher) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (Sunbelt Software, Inc.)
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (HPM1319RcvFaxSrvc) -- C:\Program Files\HP\HP LaserJet M1319 MFP Series\ReceiveFaxUtility.exe (Marvell)
SRV - (Just Flight Limited License Service) -- C:\Program Files\Common Files\Just Flight Limited Shared\Service\JustFlightLimitedLicSvc.exe (Just Flight Limited)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()


========== Driver Services (SafeList) ==========

DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (NGS) -- c:\VIRUSfighter\Nvc\Bin\ngs.sys (Norman ASA)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (CTERFXFX) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (CTSBLFX) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (CTAUDFX) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (COMMONFX) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV - (SBHIPS) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - (HP1319FAX) -- C:\WINDOWS\system32\drivers\HP1319FAX.sys (Marvell Semiconductor, Inc.)
DRV - (HP1319EWS) -- C:\WINDOWS\system32\drivers\HP1319EWS.sys (Marvell Semiconductor, Inc.)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (elagopro) -- C:\WINDOWS\system32\drivers\elagopro.sys (Gteko Ltd.)
DRV - (elaunidr) -- C:\WINDOWS\system32\drivers\elaunidr.sys (Gteko Ltd.)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (msloop) -- C:\WINDOWS\system32\drivers\loop.sys (Microsoft Corporation)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiBus.sys (Saitek)
DRV - (SaiH0461) -- C:\WINDOWS\system32\drivers\SaiH0461.sys (Saitek)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.0 RC 16\RivaTuner32.sys ()
DRV - (NVStrap) -- C:\WINDOWS\System32\drivers\NVStrap.sys ()
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&cli ... channel=us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dejazzd.com/my_jazzd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/19 05:59:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/12 10:03:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/22 19:03:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\David N. Leh\Application Data\IDM\idmmzcc3

[2010/09/27 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Extensions
[2011/12/14 18:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\extensions
[2011/12/14 18:11:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/14 07:31:54 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/08/19 13:16:31 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\extensions\DeviceDetection@logitech.com
[2010/09/07 20:41:54 | 000,002,554 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\searchplugins\askcom.xml
[2009/03/08 22:15:34 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Application Data\Mozilla\Firefox\Profiles\3uu73kfu.default\searchplugins\live-search.xml
[2011/11/12 10:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/12 10:03:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/09/08 21:09:17 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/04/27 17:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\mozilla firefox\plugins\NPUploader.dll
[2011/10/03 20:00:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/12 10:03:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! ()
CHR - default_search_provider: search_url = http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... n&command={searchTerms}
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\David N. Leh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.0\

O1 HOSTS File: ([2011/12/13 23:18:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll File not found
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_1.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_1.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxebmon.exe] C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
O4 - Startup: C:\Documents and Settings\David N. Leh\Start Menu\Programs\Startup\V CAST Media Monitor.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... wmavax.CAB (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC6A2A3-9DA6-4BDE-A594-B5A79C80ED19}: DhcpNameServer = 192.168.254.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\David N. Leh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\David N. Leh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/14 00:17:28 | 000,000,000 | -H-D | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 000,000,054 | RHS- | M] () - G:\autorun.in_2.org -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/17 22:21:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\David N. Leh\Desktop\OTL.exe
[2011/12/17 10:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/16 23:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David N. Leh\Start Menu\Programs\Latin VFR Cayman Islands Scenery
[2011/12/16 06:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/15 20:11:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/15 03:29:41 | 000,077,816 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2011/12/15 03:28:22 | 000,021,240 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2011/12/14 20:43:31 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/12/14 20:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David N. Leh\Desktop\Dave 2
[2011/12/14 18:54:25 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/12/14 18:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/12/14 18:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/12/14 18:36:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GFI Software
[2011/12/14 18:36:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\VDD
[2011/12/14 18:28:45 | 000,217,976 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\sbtis.sys
[2011/12/13 23:32:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/12/13 23:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/12/13 23:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/13 22:58:48 | 000,000,000 | ---D | C] -- C:\0a45f3187bc95bc30bee73
[2011/12/13 22:58:39 | 000,000,000 | ---D | C] -- C:\f2074c84deefd58086f663
[2011/12/09 19:58:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David N. Leh\Recent
[2011/12/09 19:06:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David N. Leh\Start Menu\Programs\System Fix
[2011/11/26 14:17:51 | 000,000,000 | ---D | C] -- C:\users
[2011/11/26 14:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Aimersoft
[2011/11/26 14:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David N. Leh\My Documents\Aimersoft DVD Creator
[2011/11/26 14:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Aimersoft
[2011/11/21 10:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David N. Leh\Start Menu\Programs\FSPS
[2011/11/20 12:00:51 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2011/11/20 12:00:51 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2011/11/20 12:00:50 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2011/11/20 12:00:50 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2011/11/20 12:00:49 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2011/11/20 12:00:48 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2011/11/20 12:00:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2011/11/20 12:00:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2011/11/20 12:00:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2011/11/20 12:00:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2011/11/20 12:00:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2011/11/20 12:00:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2011/11/20 12:00:44 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2011/11/20 12:00:43 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2011/11/20 12:00:42 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2011/11/20 12:00:41 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2011/11/20 12:00:41 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2011/11/20 12:00:40 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2011/11/20 12:00:39 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011/11/20 12:00:38 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2011/11/20 12:00:38 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2011/11/20 12:00:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2011/11/20 12:00:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2011/11/20 12:00:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2011/11/20 12:00:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2011/11/20 12:00:35 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2011/01/22 15:40:40 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoin.dll
[2011/01/22 15:39:26 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebinpa.dll
[2011/01/22 15:39:26 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEBhcp.dll
[2011/01/22 15:39:26 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebiesc.dll
[2011/01/22 15:39:25 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebserv.dll
[2011/01/22 15:39:25 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebusb1.dll
[2011/01/22 15:39:25 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomc.dll
[2011/01/22 15:39:25 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebhbn3.dll
[2011/01/22 15:39:25 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebpmui.dll
[2011/01/22 15:39:25 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoms.exe
[2011/01/22 15:39:25 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeblmpm.dll
[2011/01/22 15:39:25 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcfg.exe
[2011/01/22 15:39:25 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomm.dll
[2011/01/22 15:39:25 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebih.exe
[2008/06/27 16:59:50 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[2006/12/28 11:26:12 | 000,028,160 | ---- | C] (MicroCrafts) -- C:\Program Files\oldmaml.dbs
[2006/12/28 11:26:07 | 000,196,096 | ---- | C] (MySoftware) -- C:\Program Files\MailList.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/18 14:32:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C6BF2B74-8D07-41C0-A757-BCF09C6BE98B}.job
[2011/12/18 14:29:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/18 11:53:00 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/12/18 04:53:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2011/12/17 22:20:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David N. Leh\Desktop\OTL.exe
[2011/12/17 21:29:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/17 18:54:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/17 17:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/12/17 12:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/17 00:21:49 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/16 22:27:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2464157562-697926883-618238203-500.job
[2011/12/16 21:30:57 | 000,110,860 | ---- | M] () -- C:\ComboFix.zip
[2011/12/16 17:15:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011/12/16 06:18:30 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to fsx.exe.lnk
[2011/12/15 20:03:34 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/15 20:03:17 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000001-00001102-00000008-10211102}.CDF
[2011/12/15 20:02:36 | 000,003,681 | ---- | M] () -- C:\WINDOWS\System32\mmf.sys
[2011/12/15 20:02:35 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2464157562-697926883-618238203-1006.job
[2011/12/15 20:02:35 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2464157562-697926883-618238203-1007.job
[2011/12/15 20:02:29 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2464157562-697926883-618238203-500.job
[2011/12/15 20:02:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/15 20:02:19 | 3488,075,776 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/15 20:02:18 | 000,137,934 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2011/12/15 08:05:06 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000001-00001102-00000008-10211102}.rfx
[2011/12/15 08:05:06 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000001-00001102-00000008-10211102}.rfx
[2011/12/15 08:05:06 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000001-00001102-00000008-10211102}.rfx
[2011/12/15 08:05:06 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000001-00001102-00000008-10211102}.rfx
[2011/12/15 08:05:06 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000001-00001102-00000008-10211102}.rfx
[2011/12/15 03:27:58 | 000,367,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 03:07:43 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 19:48:28 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to qw.exe.lnk
[2011/12/14 18:54:28 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/12/14 18:36:28 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2011/12/14 18:11:31 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to msimn.exe.lnk
[2011/12/13 23:53:44 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to firefox.exe.lnk
[2011/12/13 23:52:25 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2464157562-697926883-618238203-1006.job
[2011/12/13 23:50:44 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/13 23:50:44 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/13 23:18:58 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/12 10:07:32 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/12/09 19:12:30 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\tNg2UrRUbj7rjw
[2011/12/09 19:10:48 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/09 19:06:58 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\System Fix.lnk
[2011/12/05 23:36:17 | 000,000,080 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Local Settings\Application Data\X-Plane Installer.prf
[2011/12/05 11:14:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2464157562-697926883-618238203-1007.job
[2011/11/27 09:13:03 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/26 14:17:40 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Aimersoft DVD Creator.lnk
[2011/11/23 08:49:41 | 000,004,756 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/11/23 08:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/11/23 08:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2011/11/21 13:09:52 | 000,663,606 | ---- | M] () -- C:\Documents and Settings\David N. Leh\My Documents\X-1756-03-SITE Plan REV.pdf
[2011/11/21 13:06:36 | 001,147,295 | ---- | M] () -- C:\Documents and Settings\David N. Leh\My Documents\X-1756-03-Site Plan.pdf
[2011/11/21 13:02:13 | 001,427,095 | ---- | M] () -- C:\Documents and Settings\David N. Leh\My Documents\2212_001.pdf
[2011/11/21 10:36:31 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\FSX Booster.lnk
[2011/11/20 11:51:13 | 000,001,798 | ---- | M] () -- C:\WINDOWS\winzip.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/16 21:30:56 | 000,110,860 | ---- | C] () -- C:\ComboFix.zip
[2011/12/16 06:18:32 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to fsx.exe.lnk
[2011/12/14 19:48:28 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to qw.exe.lnk
[2011/12/14 18:54:35 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/14 18:54:28 | 000,000,806 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/12/14 18:36:28 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2011/12/14 18:11:31 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to msimn.exe.lnk
[2011/12/13 23:53:44 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\Shortcut to firefox.exe.lnk
[2011/12/13 23:36:22 | 3488,075,776 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/09 19:10:48 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/09 19:06:57 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\System Fix.lnk
[2011/12/09 19:06:53 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tNg2UrRUbj7rjw
[2011/11/26 14:17:40 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\Aimersoft DVD Creator.lnk
[2011/11/21 13:09:52 | 000,663,606 | ---- | C] () -- C:\Documents and Settings\David N. Leh\My Documents\X-1756-03-SITE Plan REV.pdf
[2011/11/21 13:06:35 | 001,147,295 | ---- | C] () -- C:\Documents and Settings\David N. Leh\My Documents\X-1756-03-Site Plan.pdf
[2011/11/21 13:02:11 | 001,427,095 | ---- | C] () -- C:\Documents and Settings\David N. Leh\My Documents\2212_001.pdf
[2011/11/21 10:36:29 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Desktop\FSX Booster.lnk
[2011/03/25 18:24:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/23 16:33:41 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/23 16:33:39 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/23 16:33:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/01/22 15:40:41 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxebvs.dll
[2011/01/22 15:40:36 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxebcui.dll
[2011/01/22 15:40:36 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxebcuir.dll
[2011/01/22 15:40:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxebgcfg.dll
[2011/01/22 15:39:26 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEBinst.dll
[2011/01/22 15:39:25 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxebins.dll
[2011/01/22 15:39:25 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxebinsb.dll
[2011/01/22 15:39:25 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxebcu.dll
[2011/01/22 15:39:25 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxebgrd.dll
[2011/01/22 15:39:25 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxebinsr.dll
[2011/01/22 15:39:25 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxebcub.dll
[2011/01/22 15:39:25 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxebjswr.dll
[2011/01/22 15:39:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxebcur.dll
[2011/01/22 10:24:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LXEBPMON.DLL
[2011/01/22 10:24:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXEBFXPU.DLL
[2011/01/22 10:24:35 | 004,485,120 | ---- | C] () -- C:\WINDOWS\System32\LXEBoem.dll
[2011/01/22 10:17:34 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEBsm.dll
[2011/01/22 10:17:34 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEBsmr.dll
[2010/09/18 00:29:29 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010/09/07 21:39:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/09/07 21:39:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/09/07 21:39:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/07 21:39:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/07 21:39:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/04/26 11:46:30 | 000,000,181 | ---- | C] () -- C:\WINDOWS\qawin32.INI
[2009/11/19 07:33:11 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009/06/18 21:59:46 | 000,072,832 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/04/30 21:02:00 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/02/28 09:37:01 | 000,413,696 | R--- | C] () -- C:\WINDOWS\ZSM1319.EXE
[2009/02/28 09:37:01 | 000,413,696 | R--- | C] () -- C:\WINDOWS\System32\ZSM1319.EXE
[2009/02/28 09:37:00 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\hpsfs.dll
[2009/02/21 13:11:58 | 000,003,681 | ---- | C] () -- C:\WINDOWS\System32\mmf.sys
[2008/08/16 08:14:51 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/06/27 18:05:08 | 000,049,565 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2008/06/27 18:05:06 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/06/27 17:27:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2008/06/27 17:25:02 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2008/06/27 17:09:36 | 000,386,852 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2008/06/27 17:09:36 | 000,051,787 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2008/06/27 17:03:54 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2008/06/27 17:02:56 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2008/06/27 17:00:36 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2008/06/27 17:00:24 | 000,241,084 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2008/06/27 17:00:24 | 000,115,166 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2008/06/27 16:59:56 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2008/06/27 16:59:56 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2008/06/27 16:59:54 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2008/06/12 22:26:41 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Local Settings\Application Data\X-Plane Installer.prf
[2008/02/07 10:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2008/02/03 00:27:21 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\dbcmdb32.dll
[2008/02/03 00:27:21 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\dbcjpg32.dll
[2008/02/03 00:27:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\DBCMEM32.DLL
[2008/02/03 00:27:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dbcgeo32.dll
[2008/01/12 08:29:32 | 000,000,107 | ---- | C] () -- C:\WINDOWS\RFP.ini
[2008/01/04 00:19:51 | 000,355,344 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/12/23 00:08:50 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.bin
[2007/12/15 00:56:45 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/12/15 00:14:29 | 000,928,096 | R--- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007/12/12 07:26:05 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007/12/12 07:24:47 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/22 10:35:32 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2007/11/03 09:09:46 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\flt1chk4.dll
[2007/08/19 22:22:04 | 000,000,436 | ---- | C] () -- C:\WINDOWS\jpegcrop.INI
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2007/07/31 22:13:26 | 000,000,082 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2007/07/14 01:34:34 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\myodbc3i.exe
[2007/07/14 01:34:34 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\myodbc3m.exe
[2007/06/19 21:11:26 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/03/30 13:11:28 | 000,000,025 | ---- | C] () -- C:\WINDOWS\LM.ini
[2007/02/23 00:06:34 | 000,010,840 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/02/21 23:50:25 | 000,001,798 | ---- | C] () -- C:\WINDOWS\winzip.ini
[2007/02/20 22:02:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\nY.exe
[2007/02/20 22:00:39 | 001,126,400 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461.Dll
[2007/02/20 22:00:39 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_10.dll
[2007/02/20 22:00:39 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0C.dll
[2007/02/20 22:00:39 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0A.dll
[2007/02/20 22:00:39 | 000,007,680 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_07.dll
[2007/02/20 22:00:39 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_09.dll
[2007/02/20 22:00:39 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\SaiC0461_0402.dll
[2006/12/29 10:47:28 | 000,000,147 | ---- | C] () -- C:\Program Files\RedStat.sts
[2006/12/28 11:28:43 | 000,000,000 | ---- | C] () -- C:\Program Files\HPSW.CKI
[2006/12/28 11:27:26 | 000,000,041 | ---- | C] () -- C:\Program Files\eregreg.ini
[2006/12/28 11:26:12 | 004,039,699 | ---- | C] () -- C:\Program Files\MailList.pdf
[2006/12/28 11:26:12 | 000,361,239 | ---- | C] () -- C:\Program Files\maillist.wth
[2006/12/28 11:26:12 | 000,264,192 | ---- | C] () -- C:\Program Files\Hotelsmml.bcf
[2006/12/28 11:26:12 | 000,264,192 | ---- | C] () -- C:\Program Files\Car Rentalsmml.bcf
[2006/12/28 11:26:12 | 000,262,656 | ---- | C] () -- C:\Program Files\Airlinesmml.bcf
[2006/12/28 11:26:12 | 000,201,934 | ---- | C] () -- C:\Program Files\Airlines.mml
[2006/12/28 11:26:12 | 000,077,824 | ---- | C] () -- C:\Program Files\Textdbs.dbs
[2006/12/28 11:26:12 | 000,066,034 | ---- | C] () -- C:\Program Files\Hotels.mml
[2006/12/28 11:26:12 | 000,045,196 | ---- | C] () -- C:\Program Files\Car Rentals.mml
[2006/12/28 11:26:12 | 000,039,424 | ---- | C] () -- C:\Program Files\Native.dbs
[2006/12/28 11:26:12 | 000,017,408 | ---- | C] () -- C:\Program Files\oldmald.dbs
[2006/12/28 11:26:12 | 000,006,344 | ---- | C] () -- C:\Program Files\Airlinesmml.fsif
[2006/12/28 11:26:12 | 000,004,568 | ---- | C] () -- C:\Program Files\Airlinesmml.msif
[2006/12/28 11:26:12 | 000,002,144 | ---- | C] () -- C:\Program Files\Hotelsmml.fsif
[2006/12/28 11:26:12 | 000,001,568 | ---- | C] () -- C:\Program Files\Hotelsmml.msif
[2006/12/28 11:26:12 | 000,001,500 | ---- | C] () -- C:\Program Files\Car Rentalsmml.fsif
[2006/12/28 11:26:12 | 000,001,108 | ---- | C] () -- C:\Program Files\Car Rentalsmml.msif
[2006/12/28 11:26:12 | 000,000,385 | ---- | C] () -- C:\Program Files\webmain.url
[2006/12/28 11:26:12 | 000,000,061 | ---- | C] () -- C:\Program Files\WebSurf.ini
[2006/12/28 11:26:12 | 000,000,000 | ---- | C] () -- C:\Program Files\maillist.sup
[2006/12/28 11:26:11 | 000,233,980 | ---- | C] () -- C:\Program Files\FORMDEF.FDL
[2006/12/28 11:26:11 | 000,231,248 | ---- | C] () -- C:\Program Files\FORMOPS.FDL
[2006/12/28 11:26:11 | 000,181,616 | ---- | C] () -- C:\Program Files\FORMMETA.FDL
[2006/12/28 11:26:11 | 000,071,168 | ---- | C] () -- C:\Program Files\jeteng.dbs
[2006/12/28 11:26:11 | 000,002,609 | ---- | C] () -- C:\Program Files\ereginfo.ini
[2006/12/28 11:26:11 | 000,000,128 | ---- | C] () -- C:\Program Files\EREG.BIN
[2006/12/28 11:26:10 | 000,000,018 | ---- | C] () -- C:\Program Files\bmUpd.ddm
[2006/12/28 11:26:07 | 000,037,376 | ---- | C] () -- C:\Program Files\AddrCD.rmv
[2006/12/28 11:26:06 | 000,267,268 | ---- | C] () -- C:\Program Files\3602pr1.emf
[2006/12/28 11:26:06 | 000,252,884 | ---- | C] () -- C:\Program Files\3602r1.emf
[2006/12/28 11:26:06 | 000,252,272 | ---- | C] () -- C:\Program Files\3600r1.emf
[2006/12/28 11:26:06 | 000,248,460 | ---- | C] () -- C:\Program Files\3601app.emf
[2006/12/28 11:26:06 | 000,241,988 | ---- | C] () -- C:\Program Files\3602n1.emf
[2006/12/28 11:26:06 | 000,235,248 | ---- | C] () -- C:\Program Files\3602pn1.emf
[2006/12/28 11:26:06 | 000,179,312 | ---- | C] () -- C:\Program Files\3602r2.emf
[2006/12/28 11:26:06 | 000,170,364 | ---- | C] () -- C:\Program Files\3602pr2.emf
[2006/12/28 11:26:06 | 000,155,776 | ---- | C] () -- C:\Program Files\3602n2.emf
[2006/12/28 11:26:06 | 000,146,524 | ---- | C] () -- C:\Program Files\3602pn2.emf
[2006/12/28 11:26:06 | 000,122,104 | ---- | C] () -- C:\Program Files\3600p2.emf
[2006/12/28 11:26:06 | 000,121,092 | ---- | C] () -- C:\Program Files\3620app.emf
[2006/12/28 11:26:06 | 000,119,480 | ---- | C] () -- C:\Program Files\3600r2.emf
[2006/12/28 11:26:05 | 000,265,408 | ---- | C] () -- C:\Program Files\3600p1.emf
[2006/12/28 11:26:05 | 000,000,406 | ---- | C] () -- C:\Program Files\MailList.dmn
[2006/12/17 03:00:59 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/10/29 10:44:00 | 000,004,756 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/20 19:52:21 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\NVStrap.sys
[2006/10/02 17:25:18 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2006/09/02 13:10:59 | 000,048,640 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2006/09/02 13:10:59 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe
[2006/07/07 18:40:49 | 000,002,934 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/06/17 12:41:31 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.David N. Leh.ini
[2006/06/01 17:10:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/05/18 22:43:21 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Klmamsqo.ini
[2006/04/02 19:19:59 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Application Data\dvd.bmk
[2006/04/02 13:00:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/04/02 11:20:14 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Local Settings\Application Data\fusioncache.dat
[2006/04/02 00:15:45 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2006/04/01 16:59:09 | 000,000,152 | ---- | C] () -- C:\WINDOWS\CoolPlay.ini
[2006/03/31 21:10:23 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/31 20:40:12 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat
[2006/03/31 20:26:49 | 000,001,369 | ---- | C] () -- C:\WINDOWS\GARMINWT.INI
[2006/03/27 22:17:18 | 000,000,751 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/03/25 10:17:04 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/03/25 08:49:27 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\501AA94F16.sys
[2006/03/25 01:21:09 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Application Data\PFP120JPR.{PB
[2006/03/25 01:21:09 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Application Data\PFP120JCM.{PB
[2006/03/25 00:02:55 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\David N. Leh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/03/20 22:45:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/20 22:39:32 | 000,000,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/03/20 22:35:03 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/03/20 22:28:34 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/03/20 22:07:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/03/20 22:07:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/03/20 22:07:12 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/18 01:41:32 | 000,046,593 | ---- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
[2005/06/18 01:01:42 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2004/10/28 09:38:10 | 000,315,728 | ---- | C] () -- C:\WINDOWS\System32\flt1chk3.dll
[2004/08/20 01:28:00 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\TSRemote.dll
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,367,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/06/06 12:53:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/06/05 12:56:16 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/07/14 19:57:20 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\flt1chk2.dll
[2002/12/19 14:04:56 | 003,050,298 | ---- | C] () -- C:\WINDOWS\System32\PDFREPORT_XP.dll
[2002/07/23 11:13:58 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/03/13 18:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Custom Scans ==========


< :processes >

< killallprocesses >

< :otl >

< FF - prefs.js..browser.search.defaultengine: "Ask.com" >

< FF - prefs.js..browser.search.defaultenginename: "Ask.com" >

< FF - prefs.js..browser.search.order.1: "Ask.com" >

< :files >

< C:\Documents and Settings\David N. Leh\Desktop\Dave 2010\My Documents\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08 >
[2010/09/01 21:22:17 | 000,009,262 | ---- | M] () -- C:\Documents and Settings\David N. Leh\Desktop\Dave 2010\My Documents\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08

< C:\From old C drive\My Documents\Homestore_Desktop_Tour_MLS_ID4326974-Pottstown.exe >
[2004/03/17 19:11:04 | 000,806,929 | ---- | M] (Homestore) -- C:\From old C drive\My Documents\Homestore_Desktop_Tour_MLS_ID4326974-Pottstown.exe
[1 C:\From old C drive\My Documents\*.tmp files -> C:\From old C drive\My Documents\*.tmp -> ]

< :commands >

< [EMPTYTEMP] >

< [EMPTYFLASH] >

< [EMPTYJAVA] >

< [RESETHOSTS] >

< [REBOOT] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:74603393

< End of report >
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 18th, 2011, 3:47 pm

Hi lehbird,

It looks like you hit the Run Scan button instead of the Run Fix button.

Image

Please follow the Run OTL Script instructions above and post the log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby lehbird » December 18th, 2011, 4:41 pm

Oops!! you are correct, sorry about that. Here you go...


All processes killed
========== PROCESSES ==========
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
========== FILES ==========
C:\Documents and Settings\David N. Leh\Desktop\Dave 2010\My Documents\Application Data\Sun\Java\Deployment\cache\6.0\29\6bd9979d-29268b08 moved successfully.
C:\From old C drive\My Documents\Homestore_Desktop_Tour_MLS_ID4326974-Pottstown.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 58222120 bytes
->Apple Safari cache emptied: 891904 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: David N. Leh
->Temp folder emptied: 641117037 bytes
->Temporary Internet Files folder emptied: 198733475 bytes
->Java cache emptied: 13573580 bytes
->FireFox cache emptied: 106885180 bytes
->Google Chrome cache emptied: 28572125 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 3136865 bytes

User: DAVIDN~1~LEH

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 1964368 bytes
->Flash cache emptied: 348 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2022046 bytes
%systemroot%\System32 .tmp files removed: 54364 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14736232 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 819594 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 4933034 bytes
RecycleBin emptied: 252346848 bytes

Total Files Cleaned = 1,267.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: David N. Leh
->Flash cache emptied: 0 bytes

User: DAVIDN~1~LEH

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: David N. Leh
->Java cache emptied: 0 bytes

User: DAVIDN~1~LEH

User: Default User

User: LocalService

User: NetworkService

User: Owner

Total Java Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 12182011_152622

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7b0.dat not found!

Registry entries deleted on Reboot...
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 18th, 2011, 4:50 pm

Hi lehbird,

Now that you are clean, please follow these steps in order to keep your computer clean and secure.

Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.

Happy surfing and stay clean!
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby lehbird » December 18th, 2011, 5:00 pm

Thank you very much for your help and quick responses !!
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 18th, 2011, 5:03 pm

You're welcome!

Glad we could help.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Delayed Write Failure (Second Try)

Unread postby deltalima » December 18th, 2011, 5:07 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 500 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware