ntuser.dll calc.dll error messages

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

ntuser.dll calc.dll error messages

Post by joffreyj on Sun 18 Jul 2010, 6:46 am

First topic message reminder :

You guys rock, what a community service. Log contents are below.

When I start up I get a rundll32.exe bad image for ntuser.dll

I also get an error that calc.dll cannot be loaded.

Thanks
========OTL.txt
OTL logfile created on: 7/17/2010 3:28:03 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Christina Lovvorn\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 609.00 Mb Available Physical Memory | 60.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.48 Gb Total Space | 40.02 Gb Free Space | 57.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CLOVVORN
Current User Name: Christina Lovvorn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/17 15:27:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL1.exe
PRC - [2010/01/22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 13:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/02/29 10:20:32 | 000,893,952 | ---- | M] () -- C:\Program Files\Bellsouth\HelpCenter\SSGet.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/28 13:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2005/12/28 12:56:16 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/12/28 12:55:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/12/28 12:52:32 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/12/28 12:47:10 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/12/28 12:45:02 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/12/28 12:44:24 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/11/16 22:35:16 | 000,397,312 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/11/11 16:43:04 | 000,548,864 | ---- | M] (McAfee Corporation) -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe
PRC - [2005/10/24 08:33:04 | 000,491,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcicoms.exe
PRC - [2005/10/13 19:56:16 | 000,126,976 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe
PRC - [2005/09/30 10:47:22 | 000,200,704 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 7300 Series\lxcimon.exe
PRC - [2005/08/31 14:14:52 | 001,277,952 | ---- | M] (BellSouth) -- C:\Program Files\Support.com\BellSouth\hcenter.exe
PRC - [2005/08/24 17:01:04 | 000,122,368 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\McTskshd.exe
PRC - [2005/08/01 08:05:04 | 000,094,208 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7300 Series\ezprint.exe
PRC - [2005/06/10 11:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/10/29 03:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [1999/02/01 19:53:24 | 000,405,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\1033\MSOFFICE.EXE


========== Modules (SafeList) ==========

MOD - [2010/07/17 15:27:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL1.exe
MOD - [2007/04/19 14:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/04 06:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/08/04 06:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\PereSvc.exe -- (peresvc)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\BtwSvc.dll -- (BtwSvc)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\6to4v32.dll -- (6to4)
SRV - [2010/07/12 04:55:38 | 001,352,832 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/05/08 05:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 18:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 18:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 18:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/12/28 13:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2005/12/28 12:47:10 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005/12/28 12:45:02 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005/12/28 12:44:24 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/11/11 16:43:04 | 000,548,864 | ---- | M] (McAfee Corporation) [Auto | Running] -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe -- (MpfService)
SRV - [2005/10/24 08:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Running] -- C:\WINDOWS\System32\lxcicoms.exe -- (lxci_device)
SRV - [2005/10/13 19:56:16 | 000,126,976 | ---- | M] (McAfee, Inc) [Auto | Running] -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe -- (McDetect.exe)
SRV - [2005/10/06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2005/08/24 17:01:04 | 000,122,368 | ---- | M] (McAfee, Inc) [Auto | Running] -- c:\Program Files\McAfee.com\Agent\McTskshd.exe -- (McTskshd.exe)
SRV - [2005/07/12 19:10:18 | 000,963,072 | ---- | M] (McAfee Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe -- (MskService)
SRV - [2005/07/01 20:22:50 | 000,245,760 | ---- | M] (McAfee, Inc) [On_Demand | Stopped] -- C:\Program Files\McAfee.com\Agent\mcupdmgr.exe -- (mcupdmgr.exe)
SRV - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/04/14 15:11:49 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/12/28 14:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/12/04 17:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005/11/29 19:36:56 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/11 16:43:52 | 000,080,640 | ---- | M] (McAfee) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MpFirewall.sys -- (MPFIREWL)
DRV - [2005/10/14 16:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 16:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 16:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/10 12:22:10 | 000,114,464 | ---- | M] (McAfee Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1)
DRV - [2005/08/05 17:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 02:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 02:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 02:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 02:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 02:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 02:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 02:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 02:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 02:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 04:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 03:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/11/22 18:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/08/12 18:45:54 | 000,137,728 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/04 06:00:00 | 000,002,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\isapeep.sys -- (isapeep)
DRV - [2004/08/04 00:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 00:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 12:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 12:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 17:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/07/17 13:57:17 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (McAfee VirusScan) - {BA52B914-B692-46c4-B683-905236F6F655} - c:\Program Files\McAfee.com\VSO\mcvsshl.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [calc] C:\WINDOWS\System32\calc.DLL File not found
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [lxcimon.exe] C:\Program Files\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAGE~1.EXE File not found
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShowLOMControl] Reg Error: Invalid data type. File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [tgcmd] C:\Program Files\Support.com\BellSouth\hcenter.exe (BellSouth)
O4 - HKLM..\Run: [VSOCheckTask] C:\Program Files\McAfee.com\VSO\mcmnhdlr.exe (McAfee, Inc.)
O4 - HKCU..\Run: [calc] C:\Documents and Settings\NetworkService\ntuser.dll ()
O4 - HKCU..\Run: [Download] C:\Program Files\Bellsouth\HelpCenter\ssGet.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\Program Files\McAfee\SpamKiller\McApfBHO.dll (McAfee, Inc.)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} [You must be registered and logged in to see this link.] (SupportSoft External Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (pabinula.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Christina Lovvorn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Christina Lovvorn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: BtwSvc - C:\WINDOWS\System32\BtwSvc.dll File not found
NetSvcs: BtwSrv - File not found
NetSvcs: 6to4 - C:\WINDOWS\System32\6to4v32.dll File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe ()

SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe ()

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (58560350072602624)

========== Files/Folders - Created Within 30 Days ==========

[2010/07/17 15:27:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL1.exe
[2010/07/17 13:25:31 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/07/17 13:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/07/17 13:25:26 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/07/17 13:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Christina Lovvorn\Local Settings\Application Data\Sunbelt Software
[2010/07/17 13:14:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/07/17 13:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/07/17 13:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/07/17 11:43:48 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/07/17 11:43:47 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/07/17 11:43:47 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/07/17 11:38:33 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/07/17 11:38:28 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/07/17 11:38:28 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/07/17 11:38:16 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/07/17 11:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/07/17 11:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/07/17 11:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Christina Lovvorn\Application Data\PC Tools
[2010/07/17 11:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/07/17 11:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/17 05:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla Firefox
[2006/09/19 19:43:34 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciserv.dll
[2006/09/19 19:43:34 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciusb1.dll
[2006/09/19 19:43:33 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipmui.dll
[2006/09/19 19:43:33 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxciprox.dll
[2006/09/19 19:43:33 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcipplc.dll
[2006/09/19 19:43:32 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcihbn3.dll
[2006/09/19 19:43:32 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomc.dll
[2006/09/19 19:43:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcicomm.dll
[2006/09/19 19:43:31 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcilmpm.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Documents and Settings\Christina Lovvorn\My Documents\*.tmp files -> C:\Documents and Settings\Christina Lovvorn\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/17 15:27:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL1.exe
[2010/07/17 15:25:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/17 15:25:16 | 000,144,480 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF
[2010/07/17 15:24:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/17 15:24:35 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/17 15:24:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/17 15:23:34 | 003,145,728 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\ntuser.dat
[2010/07/17 15:23:34 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Christina Lovvorn\ntuser.ini
[2010/07/17 15:00:01 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\mtualzhg.job
[2010/07/17 15:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\nhshziok.job
[2010/07/17 14:18:16 | 000,574,976 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL.exe
[2010/07/17 13:53:12 | 000,006,456 | -H-- | M] () -- C:\WINDOWS\System32\febumigo
[2010/07/17 13:40:03 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/07/17 13:29:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ohitacok.dll
[2010/07/17 13:25:26 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/07/17 13:14:16 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/07/17 13:14:16 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/07/17 11:58:12 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\reader_s.exe82
[2010/07/17 11:58:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Christina Lovvorn\reader_s.exe58
[2010/07/17 11:38:24 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/07/17 11:37:18 | 007,672,527 | ---- | M] (ATT Internet Services ) -- C:\Documents and Settings\Christina Lovvorn\HC43SInstaller.exe
[2010/07/17 11:35:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\agesaxovesebevax.dll
[2010/07/17 11:35:20 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\reader_s.exe113
[2010/07/17 11:35:12 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Christina Lovvorn\reader_s.exe87
[2010/07/17 11:34:58 | 000,025,600 | ---- | M] () -- C:\WINDOWS\sysguard.exe85
[2010/07/17 11:22:39 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\reader_s.exe616
[2010/07/17 11:22:22 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\reader_s.exe595
[2010/07/17 11:22:20 | 000,025,600 | ---- | M] () -- C:\WINDOWS\sysguard.exe593
[2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Documents and Settings\Christina Lovvorn\My Documents\*.tmp files -> C:\Documents and Settings\Christina Lovvorn\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/17 14:18:14 | 000,574,976 | ---- | C] () -- C:\Documents and Settings\Christina Lovvorn\Desktop\OTL.exe
[2010/07/17 13:29:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ohitacok.dll
[2010/07/17 13:26:12 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/07/17 13:14:16 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/07/17 13:14:16 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/07/17 12:00:17 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\mtualzhg.job
[2010/07/17 11:43:48 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/07/17 11:43:48 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/07/17 11:43:48 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/07/17 11:43:48 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/07/17 11:43:48 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/07/17 11:38:33 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/07/17 11:38:28 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/07/17 11:38:28 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/07/17 11:38:24 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/07/17 11:38:16 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/07/17 11:35:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\agesaxovesebevax.dll
[2010/04/17 12:00:12 | 000,096,768 | -HS- | C] () -- C:\WINDOWS\System32\bazoveza.dll
[2010/04/17 12:00:12 | 000,065,024 | -HS- | C] () -- C:\WINDOWS\System32\bewijeze.dll
[2010/04/17 12:00:12 | 000,057,344 | -HS- | C] () -- C:\WINDOWS\System32\limowuyu.dll
[2009/10/22 18:40:21 | 000,039,424 | -HS- | C] () -- C:\WINDOWS\System32\tubevare.dll
[2009/10/22 18:40:20 | 000,091,648 | -HS- | C] () -- C:\WINDOWS\System32\mujoviku.dll
[2009/10/22 18:25:23 | 000,015,000 | ---- | C] () -- C:\WINDOWS\System32\p50dk.dll
[2009/10/22 18:03:24 | 000,015,000 | ---- | C] () -- C:\WINDOWS\System32\p77jx.dll
[2009/09/08 00:01:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ransom.INI
[2009/07/22 18:25:29 | 000,052,224 | -HS- | C] () -- C:\WINDOWS\System32\wosawamu.dll
[2009/07/09 13:30:57 | 000,097,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\e602a061.sys
[2009/07/06 16:54:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhantomOfVenice.INI
[2009/01/22 23:18:23 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\efcCssPH.dll
[2008/12/31 12:13:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI
[2008/12/18 10:43:22 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\iifcYpqQ.dll
[2008/09/29 10:38:58 | 000,062,164 | -HS- | C] () -- C:\WINDOWS\System32\zelayira(2).dll
[2008/09/29 10:38:46 | 000,098,937 | -HS- | C] () -- C:\WINDOWS\System32\zotogogo(2).dll
[2008/06/11 15:12:25 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/02/24 23:07:30 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/09/19 19:47:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2006/09/19 19:47:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2006/09/19 19:47:24 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2006/09/19 19:44:10 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\lxcivs.dll
[2006/07/20 17:46:43 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/05/21 06:04:47 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\575D6DB162.sys
[2006/05/21 06:04:46 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/14 16:18:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2006/05/09 17:16:08 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/05/09 17:16:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/04/26 09:27:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/26 09:27:44 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/04/26 09:27:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006/04/14 15:25:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/04/14 15:14:20 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/04/14 14:40:42 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/04/14 14:40:28 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:51:11 | 000,002,304 | ---- | C] () -- C:\WINDOWS\System32\isapeep.sys
[2004/08/10 13:51:06 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\eventlog.dll
[2004/08/04 06:00:00 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\FInstall.sys
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/29 00:31:46 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/04/29 00:31:46 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/10 13:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 13:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 13:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2006/05/21 06:05:36 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\system32\575D6DB162.sys
[2004/08/04 06:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/04 06:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2005/02/07 19:07:08 | 000,004,608 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DDMI64.sys
[2005/02/09 13:08:04 | 000,007,168 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DLPT64.sys
[2004/08/04 06:00:00 | 000,000,005 | ---- | M] () -- C:\WINDOWS\system32\FInstall.sys
[2005/02/08 13:04:46 | 000,005,632 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GPCIEn64.sys
[2005/02/08 12:37:52 | 000,007,626 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GPCIEnum.sys
[2005/02/08 15:46:04 | 000,005,120 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GTKCMO64.sys
[2004/06/15 15:55:56 | 000,007,882 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GTKCMOS.sys
[2004/08/04 06:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/04 06:00:00 | 000,002,304 | ---- | M] () -- C:\WINDOWS\system32\isapeep.sys
[2004/08/04 06:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/04 06:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2006/05/21 06:05:37 | 000,003,766 | -HS- | M] () -- C:\WINDOWS\system32\KGyGaAvL.sys
[2004/08/04 06:00:00 | 000,032,768 | ---- | M] (woldvciqdbnxkufgorr) -- C:\WINDOWS\system32\lsm32.sys
[2004/08/04 06:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/04 06:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/04 06:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/04 06:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/04 06:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 06:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 06:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 06:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 06:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 06:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2004/08/04 06:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2008/09/15 07:57:41 | 001,846,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k(2).sys
[2009/04/17 05:58:57 | 001,846,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/07/09 13:30:32 | 000,000,002 | ---- | M] () -- C:\-1330480510
[2004/08/10 14:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/05/09 17:16:17 | 009,977,478 | ---- | M] () -- C:\BellSouthIW.re~
[2006/04/25 14:18:45 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2006/09/19 19:43:14 | 000,000,242 | ---- | M] () -- C:\CDFE.log
[2004/08/10 14:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/04/14 14:46:56 | 000,005,884 | RH-- | M] () -- C:\dell.sdr
[2009/10/22 18:25:31 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\dtacmawh.exe
[2010/07/17 15:24:35 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2006/07/06 13:17:17 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 14:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/04/14 15:12:23 | 000,000,829 | -H-- | M] () -- C:\IPH.PH
[2009/10/22 18:25:24 | 000,052,224 | ---- | M] () -- C:\ldvx.exe
[2010/07/17 12:10:31 | 000,000,408 | ---- | M] () -- C:\lxci.log
[2006/09/19 19:43:07 | 000,000,000 | ---- | M] () -- C:\lxcifire.csv
[2006/09/19 19:43:48 | 000,000,867 | ---- | M] () -- C:\LXCIINST.csv
[2009/07/07 16:31:15 | 000,039,436 | ---- | M] () -- C:\lxciscan.log
[2004/08/10 14:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006/04/14 15:00:09 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/02/09 06:01:52 | 000,341,504 | R--- | M] (Microsoft Corporation) -- C:\ntldrs
[2010/07/17 15:24:33 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/10/22 18:25:38 | 000,050,176 | ---- | M] (user) -- C:\qsdhs.exe
[2006/09/19 19:49:52 | 000,000,172 | ---- | M] () -- C:\setupfax.log
[2006/04/14 15:12:34 | 000,000,071 | ---- | M] () -- C:\SystemInfo.ini
[2009/07/09 13:30:05 | 000,024,576 | ---- | M] () -- C:\vapa.exe
[2006/08/21 17:43:08 | 000,000,000 | ---- | M] () -- C:\wizard.txt
[2009/07/09 13:30:43 | 000,199,296 | ---- | M] () -- C:\xxqkc.exe
[2009/07/09 13:30:59 | 000,025,600 | ---- | M] () -- C:\yiuvab.exe
[4 C:\*.tmp files -> C:\*.tmp -> ]

< %PROGRAMFILES%\*. >
[2008/11/14 10:29:38 | 000,000,000 | ---D | M] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2009/10/22 20:15:03 | 000,000,000 | ---D | M] -- C:\Program Files\Active Security
[2006/04/14 15:07:58 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/05/21 06:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2006/04/14 15:12:21 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2006/04/14 15:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2007/12/20 14:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Bellsouth
[2006/04/14 15:05:58 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2008/03/10 09:28:23 | 000,000,000 | ---D | M] -- C:\Program Files\Comcast
[2010/07/17 11:38:03 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/10 14:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2006/04/14 15:03:41 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2006/04/14 15:18:52 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2006/04/14 15:19:20 | 000,000,000 | ---D | M] -- C:\Program Files\Corel Corporation
[2006/04/14 15:07:17 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2006/04/14 15:20:00 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2008/03/10 09:47:06 | 000,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2006/04/14 15:07:08 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2006/05/09 19:13:04 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2006/04/14 15:12:30 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink Setup
[2008/06/01 20:20:37 | 000,000,000 | ---D | M] -- C:\Program Files\FastAccessDSL
[2006/06/23 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Funcom
[2010/07/17 05:03:47 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/01/02 16:24:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2006/04/14 15:01:58 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2006/04/14 15:02:36 | 000,000,000 | ---D | M] -- C:\Program Files\Intel, Inc
[2009/06/11 13:34:47 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2006/04/14 15:13:00 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2006/04/14 14:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/07/17 13:13:40 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2006/04/14 15:12:20 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2006/09/19 19:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 7300 Series
[2006/09/19 19:48:03 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Applications
[2010/07/17 14:41:55 | 000,000,000 | ---D | M] -- C:\Program Files\LIVEUPDATE
[2010/07/17 11:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\Lx_cats
[2006/04/14 15:22:04 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2006/04/14 15:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2008/08/15 16:38:00 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2004/08/10 14:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2006/04/26 09:25:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2006/04/14 15:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2006/04/14 15:09:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2006/04/26 09:26:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2006/04/14 15:06:53 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2004/08/10 14:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2008/08/21 17:04:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 14:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/11/20 21:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/08/21 17:05:31 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2009/09/07 23:42:01 | 000,000,000 | ---D | M] -- C:\Program Files\Nancy Drew
[2004/08/10 14:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/07/17 14:41:59 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2006/04/26 19:50:18 | 000,000,000 | ---D | M] -- C:\Program Files\NetZero
[2006/04/14 15:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\NetZeroInstallers
[2006/04/26 19:37:02 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/10 14:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2007/07/01 13:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/04/14 15:12:18 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/04/14 15:11:46 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/04/14 15:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\SearchAssist
[2006/04/14 15:03:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2006/04/26 16:09:33 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2006/04/14 15:14:20 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2007/02/24 23:08:38 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2007/02/24 23:08:27 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Corporation
[2010/07/17 15:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\Spyware Doctor
[2008/06/03 17:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\Support.com
[2006/04/14 15:05:32 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/01/02 16:24:45 | 000,000,000 | ---D | M] -- C:\Program Files\The Adventure Company
[2004/08/10 14:08:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2006/04/14 15:12:19 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2006/05/09 19:07:00 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media
[2006/04/14 15:16:28 | 000,000,000 | ---D | M] -- C:\Program Files\WebCyberCoach
[2006/04/26 15:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2006/04/26 15:54:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2004/08/10 14:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/10 14:02:52 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2006/04/26 19:39:40 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2006/04/14 15:15:42 | 000,000,000 | ---D | M] -- C:\Program Files\WordPerfect Office 12
[2004/08/10 14:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< %appdata%\*.* >
[2009/07/09 13:30:59 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\bcrypt.html
[2004/08/10 13:57:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\desktop.ini
[2009/07/09 13:46:13 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\wiaserva.log
[2009/07/09 13:31:23 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Christina Lovvorn\Application Data\wiaservg.log


< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/04 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/04 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/04 06:00:00 | 000,061,952 | ---- | M] () MD5=F1527490E15F6A1C0DCEB02DF943D74E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: LOGEVENT.DLL >
[2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\logevent.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\sp2qfe\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbstor.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\usbstor.sys


joffreyj

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-18
Operating System : windows xp home edition

View user profile

Back to top Go down


Re: ntuser.dll calc.dll error messages

Post by Sneakyone on Tue 20 Jul 2010, 9:17 am

Hi,


  1. Download Win32kDiag from any of the following locations and save it to your Desktop.

    • Download Win32kDiag (Win32kDiag.exe) - #1
    • Download Win32kDiag (Win32kDiag.exe) - #2
    • Download Win32kDiag (Win32kDiag.exe) - #3

  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.


  • I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: ntuser.dll calc.dll error messages

    Post by joffreyj on Tue 20 Jul 2010, 9:20 am

    Running from: C:\Documents and Settings\Christina Lovvorn\Desktop\Win32kDiag.exe

    Log file at : C:\Documents and Settings\Christina Lovvorn\Desktop\Win32kDiag.txt

    WARNING: Could not get backup privileges!

    Searching 'C:\WINDOWS'...





    Finished!

    joffreyj

    Newbie Surfer
    Newbie Surfer

    Posts : 16
    Joined : 2010-07-18
    Operating System : windows xp home edition

    View user profile

    Back to top Go down

    Re: ntuser.dll calc.dll error messages

    Post by Sneakyone on Tue 20 Jul 2010, 10:31 am

    Hi,

    Download the GMER Rootkit Scanner. Unzip it to your Desktop.

    Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

    Double-click gmer.exe. The program will begin to run.

    **Caution**
    These types of scans can produce false positives. Do NOT take any action on any
    "<--- ROOKIT" entries unless advised!

    If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

    • Click NO
    • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
    • Now click the Scan button.
      Once the scan is complete, you may receive another notice about rootkit activity.
    • Click OK.
    • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
    • Save it where you can easily find it, such as your desktop.

    Post the contents of GMER.txt in your next reply.


    I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: ntuser.dll calc.dll error messages

    Post by Sponsored content Today at 7:46 am


    Sponsored content


    Back to top Go down

    Page 2 of 2 Previous  1, 2

    View previous topic View next topic Back to top


     
    Permissions in this forum:
    You cannot reply to topics in this forum