error 1321, 1317 and what ever

View previous topic View next topic Go down

error 1321, 1317 and what ever

Post by mandrews on Wed 13 Apr 2011, 8:41 am

OTL logfile created on: 4/12/2011 5:25:24 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\musicmatt\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.65 Gb Total Space | 32.47 Gb Free Space | 46.63% Space Free | Partition Type: NTFS
Drive D: | 69.64 Gb Total Space | 62.30 Gb Free Space | 89.47% Space Free | Partition Type: NTFS

Computer Name: MUSICMATT-PC | User Name: musicmatt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/12 17:25:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\musicmatt\Downloads\OTL.com
PRC - [2011/03/24 03:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder 5\FLVSrvc.exe
PRC - [2011/01/16 16:01:10 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\musicmatt\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/09/21 16:09:24 | 000,052,664 | ---- | M] () -- C:\Program Files\Tether\TBService.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/11 18:51:32 | 000,423,200 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2008/02/05 10:47:12 | 000,458,752 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/09 21:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008/01/07 20:25:14 | 004,853,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/07 19:51:46 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/01/03 02:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/01/03 02:55:48 | 000,521,776 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/12/20 12:33:14 | 000,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
PRC - [2007/12/20 12:32:04 | 000,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/11/27 19:54:36 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007/10/01 17:42:36 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/09/20 14:57:28 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/09/10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/09/07 15:35:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/09/06 13:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/06/11 13:53:14 | 000,455,600 | ---- | M] () -- C:\Program Files\Lexmark 4800 Series\lxdemon.exe
PRC - [2007/06/01 08:06:10 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
PRC - [2007/05/29 16:07:58 | 000,598,960 | ---- | M] ( ) -- C:\Windows\System32\lxdecoms.exe
PRC - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2011/04/12 17:25:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\musicmatt\Downloads\OTL.com
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/01 09:56:36 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/11/02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/09/21 16:09:24 | 000,052,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Tether\TBService.exe -- (Tether)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/03 02:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/12/20 12:32:04 | 000,131,072 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/11/27 19:54:36 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/01 17:42:36 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/09/20 14:57:28 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/09/10 16:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/05/29 16:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdecoms.exe -- (lxde_device)
SRV - [2007/05/29 16:06:44 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe -- (lxdeCATSCustConnectService)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - [2011/01/16 17:11:17 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/18 10:53:18 | 000,045,608 | ---- | M] (Tether) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qrkis.sys -- (qrkis)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2008/03/10 02:58:40 | 003,533,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/07/03 11:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007/04/03 14:04:28 | 000,039,680 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2007/04/02 20:11:08 | 000,035,712 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2007/03/09 18:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/30 15:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/09/19 17:47:04 | 000,080,744 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll ()
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files\freecordertoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour Reminder] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder 5\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lxdeamon] C:\Program Files\Lexmark 4800 Series\lxdeamon.exe ()
O4 - HKLM..\Run: [lxdemon.exe] C:\Program Files\Lexmark 4800 Series\lxdemon.exe ()
O4 - HKLM..\Run: [Realtime Audio Engine] C:\Windows\System32\MMRTKRNL.EXE (ALCATech GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 205.152.128.23 205.152.37.23
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f4295731-21c3-11e0-b65b-000000000000}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/12 16:37:15 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2011/04/12 16:34:42 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011/04/12 14:47:25 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\SumatraPDF
[2011/04/12 13:54:34 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011/04/12 13:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011/04/12 06:50:08 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\.thumbnails
[2011/04/12 06:33:37 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\.gimp-2.6
[2011/04/12 06:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2011/04/12 04:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/04/12 03:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2011/04/12 03:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/04/12 03:14:46 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Local\NOS
[2011/04/12 03:03:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/12 01:42:27 | 000,000,000 | ---D | C] -- C:\EGIS_Drive
[2011/04/12 01:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\LTCM Client
[2011/04/11 22:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011/04/11 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011/04/10 21:32:22 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\GRLevel3
[2011/04/10 21:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\GRLevelX
[2011/04/08 15:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/04/08 15:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2011/04/08 13:15:32 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/04/08 13:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\freecordertoolbar
[2011/04/08 13:07:50 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Local\FLVService
[2011/04/08 13:07:44 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freecorder 5
[2011/04/08 13:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder 5
[2011/04/08 13:07:42 | 000,000,000 | ---D | C] -- C:\Windows\Freecorder
[2011/04/08 10:29:26 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Tether
[2011/04/08 10:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
[2011/04/08 10:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2011/04/08 10:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2011/04/08 10:25:24 | 000,045,608 | ---- | C] (Tether) -- C:\Windows\System32\drivers\qrkis.sys
[2011/04/08 10:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tether
[2011/04/08 10:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\Tether
[2011/04/05 03:51:05 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\Desktop\Nate Wedding
[2011/04/01 15:25:59 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2011/04/01 15:25:51 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\lxdehcp.dll
[2011/04/01 15:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 4800 Series
[2011/04/01 15:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 4800 Series
[2011/04/01 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Lexmark Productivity Studio
[2011/03/31 03:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/03/29 20:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011/03/29 20:45:53 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2011/03/29 20:45:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2011/03/29 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/03/29 19:33:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/03/29 19:33:20 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2011/03/29 19:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zortam
[2011/03/29 19:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Zortam Mp3 Media Studio
[2011/03/29 15:01:04 | 000,000,000 | ---D | C] -- C:\lexmark
[2011/03/25 23:38:16 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011/03/25 23:38:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011/03/25 23:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011/03/25 23:37:16 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Winamp
[2011/03/25 23:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2011/03/25 19:28:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2011/03/25 19:28:39 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/03/25 07:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/03/25 07:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/03/23 06:41:12 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/23 06:41:11 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/21 16:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/03/21 16:12:48 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\CyberLink
[2011/03/20 19:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\K1RFD
[2011/03/20 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EchoLink
[2011/03/14 13:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/03/14 13:41:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/03/14 13:41:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/03/14 13:41:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/14 05:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabMP4Converter
[2011/03/14 03:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/03/14 03:38:42 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2011/03/14 03:38:35 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011/03/14 03:38:34 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011/03/14 03:32:37 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/03/14 03:32:15 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/03/14 03:32:14 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/03/14 03:32:13 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/03/14 03:32:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/03/14 03:32:08 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/03/14 03:27:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/03/14 03:27:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2011/03/14 03:27:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2011/03/14 03:27:11 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011/03/14 03:27:10 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011/03/14 03:27:10 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/03/14 03:27:10 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011/03/14 03:27:10 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2011/03/14 03:27:10 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2011/03/14 03:19:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/03/14 03:19:42 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/03/14 03:06:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/14 03:02:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/03/14 03:01:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/03/14 03:01:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/03/14 03:01:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/03/14 03:01:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/03/14 03:01:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/03/14 03:01:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/03/14 03:01:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/03/14 03:01:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/03/14 03:01:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/03/14 03:01:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/03/14 03:01:22 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/03/14 03:01:22 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/03/14 03:01:22 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/03/14 03:01:22 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/03/14 03:01:21 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/03/13 23:33:51 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab MP4 Converter
[2011/03/13 23:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/13 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Moyea
[2011/03/13 23:20:33 | 000,000,000 | ---D | C] -- C:\Users\musicmatt\AppData\Roaming\Leawo
[2011/03/13 23:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2011/03/13 23:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2011/03/13 23:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2011/03/13 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011/03/13 23:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011/03/13 23:05:09 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvidcore.dll
[2011/03/13 23:05:09 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2011/03/13 21:33:30 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/03/13 21:33:09 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/03/13 21:33:08 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/03/13 21:32:57 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/03/13 21:32:56 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/13 21:32:55 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/03/13 21:32:55 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/03/13 21:32:55 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/03/13 21:32:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/03/13 21:32:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/03/13 21:32:54 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/03/13 21:32:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/03/13 21:32:53 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/03/13 21:32:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/03/13 21:32:52 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/03/13 21:32:51 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/03/13 21:32:51 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/03/13 21:32:51 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/03/13 21:32:50 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/03/13 21:32:50 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/03/13 21:32:49 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/03/13 21:32:49 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/03/13 21:32:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/03/13 21:32:45 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/03/13 21:32:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/03/13 21:30:09 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/03/13 21:30:09 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/03/13 21:30:09 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/03/13 21:30:09 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/03/13 21:30:09 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/03/13 21:30:09 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/03/13 21:30:09 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/03/13 21:30:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/03/13 21:30:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/03/13 21:30:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/03/13 21:30:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/03/13 21:30:09 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/03/13 21:30:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/03/13 21:30:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/03/13 21:30:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/03/13 21:30:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/03/13 21:30:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/03/13 21:30:02 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/13 21:30:02 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/13 21:30:02 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/13 21:30:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/03/13 21:28:28 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/03/13 21:28:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/03/13 21:26:25 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/01/16 16:17:52 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007/05/29 12:08:10 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdeih.exe
[2007/05/29 12:07:58 | 000,598,960 | ---- | C] ( ) -- C:\Windows\System32\lxdecoms.exe
[2007/05/29 12:07:48 | 000,365,488 | ---- | C] ( ) -- C:\Windows\System32\lxdecfg.exe
[2007/05/17 17:08:58 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdepmui.dll
[2007/05/17 17:06:40 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\lxdeserv.dll
[2007/05/17 17:00:32 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\lxdelmpm.dll
[2007/05/17 17:00:32 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdecomm.dll
[2007/05/17 17:00:32 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdeinpa.dll
[2007/05/17 16:59:34 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdehbn3.dll
[2007/05/17 16:57:52 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\lxdeusb1.dll
[2007/05/17 16:56:56 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdecomc.dll
[2007/05/17 16:52:56 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdeiesc.dll
[2007/05/17 16:51:30 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdeprox.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/12 17:02:04 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003UA.job
[2011/04/12 16:41:32 | 000,651,210 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/12 16:41:32 | 000,121,692 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 16:33:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 16:33:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 16:33:50 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011/04/12 16:33:42 | 1877,065,728 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/12 05:36:09 | 000,012,008 | ---- | M] () -- C:\Users\musicmatt\Desktop\Untitled.jpg
[2011/04/12 03:03:27 | 109,141,203 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/08 16:02:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003Core.job
[2011/04/08 10:23:32 | 000,000,692 | ---- | M] () -- C:\Users\Public\Desktop\Tether.lnk
[2011/04/07 21:26:22 | 000,027,648 | ---- | M] () -- C:\Users\musicmatt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/04 14:19:11 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011/04/04 14:19:11 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011/04/03 18:46:00 | 000,000,312 | ---- | M] () -- C:\ProgramData\lxde
[2011/04/01 15:27:44 | 000,065,986 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2011/03/29 19:33:20 | 000,000,808 | ---- | M] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\Zortam Mp3 Media Studio.lnk
[2011/03/29 16:56:23 | 000,000,047 | ---- | M] () -- C:\Windows\WinInit.Ini
[2011/03/25 23:38:16 | 000,000,764 | ---- | M] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2011/03/20 21:39:37 | 000,002,026 | ---- | M] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\EchoLink.lnk
[2011/03/18 14:32:10 | 000,071,072 | ---- | M] () -- C:\Windows\CouponPrinter.ocx
[2011/03/14 15:13:43 | 000,000,922 | ---- | M] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\MP4Converter.exe - Shortcut.lnk
[2011/03/14 04:00:22 | 000,396,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/14 03:56:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/13 23:09:19 | 000,000,923 | ---- | M] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\YouTube Downloader.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/12 16:09:44 | 1877,065,728 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/12 05:36:09 | 000,012,008 | ---- | C] () -- C:\Users\musicmatt\Desktop\Untitled.jpg
[2011/04/12 03:03:27 | 109,141,203 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/08 10:23:32 | 000,000,692 | ---- | C] () -- C:\Users\Public\Desktop\Tether.lnk
[2011/04/01 15:25:51 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdeinst.dll
[2011/03/29 20:45:53 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/03/29 19:33:20 | 000,000,808 | ---- | C] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\Zortam Mp3 Media Studio.lnk
[2011/03/29 19:33:19 | 000,580,096 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011/03/29 19:33:19 | 000,496,640 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011/03/29 19:33:19 | 000,307,200 | ---- | C] () -- C:\Windows\System32\Mp3Ctrl.dll
[2011/03/29 19:33:19 | 000,131,176 | ---- | C] () -- C:\Windows\System32\mp3gain.exe
[2011/03/29 19:33:19 | 000,086,016 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[2011/03/29 16:56:23 | 000,000,047 | ---- | C] () -- C:\Windows\WinInit.Ini
[2011/03/29 16:24:12 | 000,000,312 | ---- | C] () -- C:\ProgramData\lxde
[2011/03/25 23:38:16 | 000,000,764 | ---- | C] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2011/03/25 07:47:43 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/03/20 21:39:37 | 000,002,026 | ---- | C] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\EchoLink.lnk
[2011/03/14 15:13:43 | 000,000,922 | ---- | C] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\MP4Converter.exe - Shortcut.lnk
[2011/03/14 03:56:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/14 03:01:27 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/14 03:01:27 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/14 03:01:27 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/13 23:09:19 | 000,000,923 | ---- | C] () -- C:\Users\musicmatt\Application Data\Microsoft\Internet Explorer\Quick Launch\YouTube Downloader.lnk
[2011/03/13 23:05:38 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/01/21 04:51:26 | 000,000,680 | ---- | C] () -- C:\Users\musicmatt\AppData\Local\d3d9caps.dat
[2011/01/19 04:43:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/19 04:43:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/18 02:15:50 | 000,669,002 | ---- | C] () -- C:\Windows\unins000.exe
[2011/01/18 02:15:50 | 000,001,103 | ---- | C] () -- C:\Windows\unins000.dat
[2011/01/17 22:23:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/17 02:56:42 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/01/16 23:26:26 | 000,027,648 | ---- | C] () -- C:\Users\musicmatt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/16 23:15:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2011/01/16 23:15:44 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2011/01/16 18:44:22 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/01/16 18:44:22 | 000,168,886 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/16 18:44:22 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/01/16 18:44:22 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2011/01/16 17:51:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/16 17:12:37 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/01/16 17:12:36 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/01/16 16:17:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2011/01/16 16:17:04 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2011/01/16 16:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2008/03/30 02:41:02 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/29 23:28:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/03/29 23:28:06 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008/03/29 23:28:06 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008/03/29 23:28:05 | 000,000,040 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2008/03/29 22:51:04 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/03/29 22:51:04 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2007/05/28 01:02:38 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdegrd.dll
[2007/05/03 18:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdecoin.dll
[2006/11/02 08:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,396,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,651,210 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,121,692 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/01 04:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdevs.dll
[2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_1VPTV9VVMVFBVLVHKV6FYJ6VDVPMF7LBWK96HUTVVVVKVVBVLVV5
@Alternate Data Stream - 164 bytes -> C:\ProgramData\TEMP:53829683
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:8331D35A
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:EBC2DB92

< End of report >

mandrews

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-02-08
Operating System : Greer, South Carolina

View user profile

Back to top Go down

Re: error 1321, 1317 and what ever

Post by Belahzur on Wed 13 Apr 2011, 9:00 am

Hello.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: error 1321, 1317 and what ever

Post by mandrews on Sat 16 Apr 2011, 6:59 am

ComboFix 11-04-12.01 - musicmatt 04/12/2011 23:07:39.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1789.579 [GMT -4:00]
Running from: c:\users\musicmatt\Desktop\CommyFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\autorun.inf
F:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-13 to 2011-04-13 )))))))))))))))))))))))))))))))
.
.
2011-04-13 03:26 . 2011-04-13 03:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-13 03:10 . 2011-04-13 03:10 1307647 ----a-w- c:\programdata\SPLE0CC.tmp
2011-04-13 02:46 . 2011-04-13 02:46 3425131 ----a-w- c:\programdata\SPL5D71.tmp
2011-04-12 18:47 . 2011-04-12 18:47 -------- d-----w- c:\users\musicmatt\AppData\Roaming\SumatraPDF
2011-04-12 17:54 . 2011-04-12 17:54 -------- d-----w- c:\program files\Unlocker
2011-04-12 10:50 . 2011-04-12 10:50 -------- d-----w- c:\users\musicmatt\.thumbnails
2011-04-12 10:33 . 2011-04-12 10:58 -------- d-----w- c:\users\musicmatt\.gimp-2.6
2011-04-12 10:33 . 2011-04-12 10:33 -------- d-----w- c:\program files\GIMP-2.0
2011-04-12 07:35 . 2011-04-12 20:34 -------- d-----w- c:\programdata\NOS
2011-04-12 07:35 . 2011-04-12 20:32 -------- d-----w- c:\program files\NOS
2011-04-12 07:24 . 2011-03-15 04:05 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8517F4D9-5DB9-4730-AD5F-F7127AC06983}\mpengine.dll
2011-04-12 07:14 . 2011-04-12 07:39 -------- d-----w- c:\users\musicmatt\AppData\Local\NOS
2011-04-12 05:42 . 2011-04-12 05:42 -------- d-----w- C:\EGIS_Drive
2011-04-12 05:09 . 2011-04-12 05:09 -------- d-----w- c:\program files\LTCM Client
2011-04-12 02:19 . 2011-04-12 02:19 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2011-04-12 02:19 . 2011-04-12 02:19 -------- d-----w- c:\program files\DVDVideoSoft
2011-04-11 01:32 . 2011-04-12 05:34 -------- d-----w- c:\users\musicmatt\AppData\Roaming\GRLevel3
2011-04-11 01:23 . 2011-04-11 01:23 -------- d-----w- c:\program files\GRLevelX
2011-04-08 19:28 . 2011-04-08 19:28 -------- d-----w- c:\program files\Coupons
2011-04-08 17:15 . 2011-04-08 17:15 -------- d-----w- c:\windows\Sun
2011-04-08 17:08 . 2011-04-08 17:08 -------- d-----w- c:\program files\freecordertoolbar
2011-04-08 17:07 . 2011-04-12 02:16 -------- d-----w- c:\users\musicmatt\AppData\Local\FLVService
2011-04-08 17:07 . 2011-04-12 11:01 -------- d-----w- c:\program files\Freecorder 5
2011-04-08 17:07 . 2011-04-08 17:07 -------- d-----w- c:\windows\Freecorder
2011-04-08 14:29 . 2011-04-08 14:40 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Tether
2011-04-08 14:28 . 2009-01-09 20:18 27136 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2011-04-08 14:27 . 2011-04-08 14:27 -------- d-----w- c:\program files\Research In Motion
2011-04-08 14:27 . 2011-04-08 14:27 -------- d-----w- c:\program files\Common Files\Research In Motion
2011-04-08 14:25 . 2010-05-18 14:53 45608 ----a-w- c:\windows\system32\drivers\qrkis.sys
2011-04-08 14:23 . 2011-04-12 11:01 -------- d-----w- c:\program files\Tether
2011-04-01 19:25 . 2006-11-29 08:05 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-04-01 19:25 . 2007-05-17 17:53 434176 ----a-w- c:\windows\system32\lxdehcp.dll
2011-04-01 19:25 . 2007-05-17 17:52 348160 ----a-w- c:\windows\system32\lxdeinst.dll
2011-04-01 19:25 . 2011-04-01 19:27 -------- d-----w- c:\program files\Lexmark 4800 Series
2011-04-01 19:25 . 2007-05-26 00:42 113664 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxdedrpp.dll
2011-04-01 18:46 . 2011-04-01 19:03 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Lexmark Productivity Studio
2011-03-31 07:01 . 2011-03-31 07:01 -------- d-----w- c:\program files\MSXML 4.0
2011-03-30 00:45 . 2001-10-28 20:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-03-30 00:45 . 1998-06-24 04:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-30 00:45 . 1998-07-06 04:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-29 23:33 . 2003-04-18 20:29 82432 ----a-w- c:\windows\system32\msxml4r.dll
2011-03-29 23:33 . 2009-11-25 22:40 307200 ----a-w- c:\windows\system32\Mp3Ctrl.dll
2011-03-29 23:33 . 2009-09-26 15:00 580096 ----a-w- c:\windows\system32\lame.exe
2011-03-29 23:33 . 2009-09-26 15:00 496640 ----a-w- c:\windows\system32\lame_enc.dll
2011-03-29 23:33 . 2009-07-23 21:28 86016 ----a-w- c:\windows\system32\akrip32.dll
2011-03-29 23:33 . 2009-07-23 21:28 131176 ----a-w- c:\windows\system32\mp3gain.exe
2011-03-29 23:33 . 2011-03-29 23:33 -------- d-----w- c:\program files\Zortam Mp3 Media Studio
2011-03-29 20:57 . 2011-03-29 20:57 -------- d-----w- c:\windows\system32\config\systemprofile\{4a452778-f0bb-4a38-940c-1cc99117d899}
2011-03-29 20:54 . 2011-03-29 20:55 -------- d-----w- c:\windows\system32\config\systemprofile\{f48ced33-c68e-430f-80ed-9a2ea4ef228f}
2011-03-29 20:30 . 2011-03-29 20:30 1144608 ----a-w- c:\programdata\SPLB730.tmp
2011-03-29 20:27 . 2011-03-29 20:27 1144608 ----a-w- c:\programdata\SPL47AB.tmp
2011-03-29 20:26 . 2011-03-29 20:26 1144608 ----a-w- c:\programdata\SPLE15D.tmp
2011-03-29 19:01 . 2011-03-29 19:01 -------- d-----w- C:\lexmark
2011-03-26 03:38 . 2011-03-26 03:38 -------- d-----w- c:\program files\Winamp Detect
2011-03-26 03:37 . 2011-04-12 08:32 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Winamp
2011-03-26 03:37 . 2011-03-26 03:38 -------- d-----w- c:\program files\Winamp
2011-03-25 23:28 . 2009-09-04 21:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-03-25 23:28 . 2006-09-28 20:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-03-25 11:47 . 2011-03-25 11:47 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-23 10:41 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 10:41 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 10:41 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-21 20:13 . 2011-03-21 20:13 -------- d-----w- c:\users\Public\CyberLink
2011-03-21 20:13 . 2011-03-21 20:13 -------- d-----w- c:\programdata\CyberLink
2011-03-21 20:12 . 2011-03-21 20:12 -------- d-----w- c:\users\musicmatt\AppData\Roaming\CyberLink
2011-03-20 23:56 . 2011-03-21 00:00 53248 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Web_Site._B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 53248 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Support.u_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 45056 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.chm_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe11_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe1_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\ARPPRODUCTICON.exe
2011-03-20 23:56 . 2011-03-20 23:56 -------- d-----w- c:\program files\K1RFD
2011-03-14 17:44 . 2011-03-14 17:44 -------- d-----w- c:\program files\Common Files\Java
2011-03-14 09:20 . 2011-03-14 09:20 -------- d-----w- c:\program files\FoxTabMP4Converter
2011-03-14 07:56 . 2011-03-14 07:56 -------- d-----w- c:\program files\Windows Portable Devices
2011-03-14 07:38 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-03-14 07:38 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-03-14 07:38 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-03-14 07:32 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-03-14 07:32 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-03-14 07:32 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-03-14 07:32 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-03-14 07:32 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-03-14 07:32 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-03-14 07:32 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-03-14 07:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-03-14 07:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-03-14 07:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-03-14 07:02 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-18 18:32 . 2011-02-14 22:05 71072 ----a-w- c:\windows\CouponPrinter.ocx
2011-03-04 19:44 . 2011-01-17 01:27 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-02-03 01:40 . 2011-01-17 20:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 22:11 . 2011-01-17 14:19 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-03-14 01:32 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-03-14 01:32 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-03-14 01:32 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-03-14 01:32 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-03-14 01:32 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-03-14 01:32 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-03-14 01:32 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-03-14 01:32 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-03-14 01:32 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-03-14 01:32 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-03-14 01:32 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-03-14 01:32 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-03-14 01:32 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-03-14 01:32 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-03-14 01:32 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-03-14 01:32 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-03-14 01:32 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-03-14 01:32 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-03-14 01:32 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-03-14 01:32 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-03-14 01:32 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:14 . 2011-03-14 01:32 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:12 . 2011-03-14 01:32 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-03-14 01:32 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-03-14 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-18 07:36 . 2011-01-18 06:15 669002 ----a-w- c:\windows\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 17:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-03-16 11:59 81920 ----a-w- c:\program files\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 17:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files\freecordertoolbar\vmntemplateX.dll" [2011-03-16 81920]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 07:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Google Update"="c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-01-16 136176]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-08 4853760]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-01-22 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-01-03 521776]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-01-07 858632]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"Acer Product Registration"="c:\program files\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
"Realtime Audio Engine"="mmrtkrnl.exe" [2003-09-13 53248]
"Skytel"="Skytel.exe" [2007-11-21 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"lxdemon.exe"="c:\program files\Lexmark 4800 Series\lxdemon.exe" [2007-06-11 455600]
"lxdeamon"="c:\program files\Lexmark 4800 Series\lxdeamon.exe" [2007-06-01 20480]
"Freecorder FLV Service"="c:\program files\Freecorder 5\FLVSrvc.exe" [2011-03-24 167936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-3-29 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdeserv.exe [2007-05-29 99248]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 qrkis;Tether Miniport;c:\windows\system32\DRIVERS\qrkis.sys [2010-05-18 45608]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2007-04-03 35712]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 lxde_device;lxde_device;c:\windows\system32\lxdecoms.exe [2007-05-29 598960]
S2 Tether;Tether;c:\program files\Tether\TBService.exe [2010-09-21 52664]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003Core.job
- c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-16 20:57]
.
2011-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003UA.job
- c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-16 20:57]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {E7FC0445-53E8-4DE0-8BD6-E22182383273} = 208.67.222.222,208.67.220.220
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-04-12 23:26
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-04-12 23:29:51
ComboFix-quarantined-files.txt 2011-04-13 03:29
ComboFix2.txt 2011-04-12 22:59
.
Pre-Run: 35,053,842,432 bytes free
Post-Run: 34,925,559,808 bytes free
.
- - End Of File - - F1E9B4828F1DD245256DFA7F8562E003

mandrews

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-02-08
Operating System : Greer, South Carolina

View user profile

Back to top Go down

Re: error 1321, 1317 and what ever

Post by Belahzur on Sat 16 Apr 2011, 11:55 am

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: error 1321, 1317 and what ever

Post by Sponsored content Today at 7:46 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum