taskeng.exe

View previous topic View next topic Go down

taskeng.exe

Post by lolaplow on Tue Jun 21, 2011 9:03 am

Hello,
My name is James and when I plug in my friends flash drive, I began copying files into it. After a few minutes, I my cursor started to show the loading thing. Then something ran on my computer. It was like the CMD thing but with only a black screen. I saw the name, which was taskeng.exe I would like some help removing this from my laptop (if its harmful). I scanned the flash drive with avira but it didnít find anything.
Cheers
James

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Tue Jun 21, 2011 9:04 am

OTL logfile created on: 6/21/2011 8:53:31 PM - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\James\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

3.80 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 50.77% Memory free
7.60 Gb Paging File | 5.37 Gb Available in Paging File | 70.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.40 Gb Total Space | 73.96 Gb Free Space | 16.61% Space Free | Partition Type: NTFS
Drive D: | 20.06 Gb Total Space | 2.92 Gb Free Space | 14.54% Space Free | Partition Type: NTFS

Computer Name: JAMES-HP | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/07 22:58:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/05/01 21:28:41 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/17 11:43:32 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/04 13:36:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/04 13:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/02/19 12:04:12 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011/02/16 19:23:40 | 001,759,232 | ---- | M] (TODO: ) -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011/01/05 21:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/14 16:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/06/30 14:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/30 13:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/25 17:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/05/01 13:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/05/01 13:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/04/27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
PRC - [2010/04/14 15:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
PRC - [2010/04/10 11:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe


========== Modules (SafeList) ==========

MOD - [2011/06/07 22:58:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
MOD - [2010/08/21 17:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/16 21:01:06 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/06/30 06:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2010/06/22 17:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/19 11:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/18 17:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/05/21 08:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010/05/21 08:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2009/07/14 13:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/09 07:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/01 21:28:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/17 11:43:32 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/04 13:36:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/10/14 16:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/09/16 21:01:05 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/30 14:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/05/01 13:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/05/01 13:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/04/04 11:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/11 09:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/04 13:37:13 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/03/04 13:37:12 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/01/16 20:44:18 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/07/27 10:09:29 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/07/27 10:09:29 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/30 05:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2010/06/25 17:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/24 16:37:24 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/06/22 19:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/22 17:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/06/22 17:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/22 17:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/06/18 17:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/28 11:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/07 01:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/05/01 13:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/10 11:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010/03/23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2010/03/05 17:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/12 10:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/02 21:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 21:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 21:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 21:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/10/27 08:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/08/10 15:25:32 | 000,047,104 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CYUSB.sys -- (CYUSB)
DRV:64bit: - [2009/07/14 13:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 13:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 13:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 13:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/09 07:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/09 07:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/11 09:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 09:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 09:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/11 08:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 08:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 08:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/11 08:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 08:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 08:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 08:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/firefox?client=firefox-a&rls=org.mozilla:en-GB:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2010/09/16 21:26:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/16 21:26:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010/12/28 17:07:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/14 21:26:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/18 12:34:28 | 000,000,000 | ---D | M]

[2011/01/11 16:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2011/05/14 21:39:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\extensions
[2011/01/16 20:44:14 | 000,002,059 | ---- | M] () -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\searchplugins\daemon-search.xml
[2011/06/12 03:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/12 03:49:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/14 21:26:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/06/12 03:49:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/14 21:26:10 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/05/14 21:26:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2011/05/14 21:26:10 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/05/14 21:26:10 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/05/14 21:26:10 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/11 09:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/06/18 15:14:34 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/18 12:38:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/18 12:38:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/18 12:38:13 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/18 12:38:13 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/18 12:38:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/18 12:38:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/18 12:38:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/18 12:38:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/18 12:38:12 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/18 12:38:12 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/18 12:38:12 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/18 12:38:12 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/18 12:38:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/18 12:38:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/18 12:38:11 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011/06/18 12:38:11 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011/06/18 12:38:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/18 12:38:10 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/18 12:38:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/18 12:34:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/06/18 12:34:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/13 15:56:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sr-fable3.iso
[2011/06/12 15:40:17 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\removing htmlfakeav.y stuff
[2011/06/12 03:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/12 03:49:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/12 03:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/12 03:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/12 03:49:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/06/10 18:56:22 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011/06/10 18:56:22 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011/06/10 18:56:22 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011/06/10 18:56:22 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011/06/10 18:56:22 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011/06/10 18:56:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011/06/10 18:56:22 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011/06/10 18:56:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011/06/10 18:56:21 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011/06/10 18:56:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011/06/10 18:56:21 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011/06/10 18:56:21 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011/06/10 18:56:21 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011/06/10 18:56:21 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011/06/10 18:56:21 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011/06/10 18:56:21 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011/06/10 18:56:20 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011/06/10 18:56:20 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011/06/10 18:56:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011/06/10 18:56:20 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011/06/10 18:56:20 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011/06/10 18:56:20 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011/06/10 18:56:19 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011/06/10 18:56:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011/06/10 18:22:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo
[2011/06/10 15:49:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/06/09 19:56:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/09 19:50:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/06/09 19:28:57 | 000,000,000 | ---D | C] -- C:\commy
[2011/06/09 19:17:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/09 19:17:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/09 19:17:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/09 19:17:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/09 19:17:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/08 15:17:39 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Malwarebytes
[2011/06/08 15:17:33 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/08 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/08 15:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/08 15:17:29 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/08 15:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/07 23:18:37 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2011/06/07 22:58:03 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2011/06/05 17:13:27 | 000,353,840 | ---- | C] (RealNetworks, Inc.) -- C:\Users\James\Desktop\RealPlayer11GOLD.exe
[2011/06/04 16:00:26 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\EPSON
[2011/05/26 23:37:13 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/05/26 23:37:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/05/26 23:37:13 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/05/26 23:37:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/05/26 23:37:11 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/05/26 23:37:11 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/05/26 23:37:11 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/05/26 23:36:26 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/05/26 23:36:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/05/26 23:36:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/05/26 23:36:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/05/26 23:36:24 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/05/26 23:36:23 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/26 23:36:23 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/05/26 23:36:22 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/05/26 23:36:22 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/05/26 23:36:20 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/05/26 23:36:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/05/26 23:36:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/05/26 23:36:16 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/05/26 23:36:15 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/05/26 23:36:11 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/05/26 23:36:11 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/05/26 23:36:11 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/05/26 23:36:10 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/05/26 23:36:10 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/05/26 23:36:10 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/05/26 23:36:10 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/05/26 23:33:49 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/05/26 23:33:49 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/05/26 23:32:21 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/05/26 19:26:43 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Tue Jun 21, 2011 9:04 am


========== Files - Modified Within 30 Days ==========

[2011/06/21 20:52:53 | 000,000,512 | ---- | M] () -- C:\Users\James\Desktop\MBR.dat
[2011/06/21 18:50:42 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJames.job
[2011/06/21 18:47:10 | 000,001,854 | ---- | M] () -- C:\Users\James\AppData\Roaming\GhostObjGAFix.xml
[2011/06/21 18:44:39 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/21 18:44:39 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/21 18:40:04 | 000,740,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/21 18:40:04 | 000,637,672 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/21 18:40:04 | 000,114,824 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/21 18:36:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/21 18:36:31 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/19 21:48:58 | 008,712,372 | ---- | M] () -- C:\Users\James\Desktop\Enko Drawer.pdf
[2011/06/18 17:18:41 | 000,000,206 | ---- | M] () -- C:\Users\James\Desktop\hwmonitorw.ini
[2011/06/18 15:14:34 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/18 12:43:57 | 000,425,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/18 12:34:29 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/12 03:49:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/12 03:49:40 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/12 03:49:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/12 03:49:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/07 23:18:39 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2011/06/07 22:58:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2011/06/07 00:19:11 | 1047,527,427 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part7.rar
[2011/06/06 22:38:50 | 835,706,956 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part8.rar
[2011/06/06 21:29:19 | 1047,527,427 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part6.rar
[2011/06/06 20:11:57 | 1047,527,427 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part5.rar
[2011/06/06 18:02:26 | 1047,527,430 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part4.rar
[2011/06/06 16:21:17 | 1047,527,436 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part3.rar
[2011/06/06 14:50:07 | 1047,527,442 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part2.rar
[2011/06/06 13:32:29 | 1047,527,442 | ---- | M] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part1.rar
[2011/06/06 11:01:49 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part7.rar
[2011/06/06 09:51:46 | 627,213,134 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part8.rar
[2011/06/06 03:59:38 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part6.rar
[2011/06/06 01:42:48 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part5.rar
[2011/06/05 23:40:27 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part4.rar
[2011/06/05 21:06:56 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part3.rar
[2011/06/05 19:44:30 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part2.rar
[2011/06/05 18:28:27 | 1073,741,824 | ---- | M] () -- C:\Users\Public\Documents\sr-fable3.iso.part1.rar
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/06/21 20:52:53 | 000,000,512 | ---- | C] () -- C:\Users\James\Desktop\MBR.dat
[2011/06/19 21:48:58 | 008,712,372 | ---- | C] () -- C:\Users\James\Desktop\Enko Drawer.pdf
[2011/06/18 12:34:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/18 12:34:29 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/13 15:54:50 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part5.rar
[2011/06/09 19:17:58 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/09 19:17:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/09 19:17:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/09 19:17:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/09 19:17:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/07 21:03:56 | 000,001,854 | ---- | C] () -- C:\Users\James\AppData\Roaming\GhostObjGAFix.xml
[2011/06/06 23:03:41 | 1047,527,427 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part7.rar
[2011/06/06 21:47:42 | 835,706,956 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part8.rar
[2011/06/06 20:29:47 | 1047,527,427 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part6.rar
[2011/06/06 19:11:41 | 1047,527,427 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part5.rar
[2011/06/06 16:52:31 | 1047,527,430 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part4.rar
[2011/06/06 15:07:36 | 1047,527,436 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part3.rar
[2011/06/06 13:50:30 | 1047,527,442 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part2.rar
[2011/06/06 12:36:35 | 1047,527,442 | ---- | C] () -- C:\Users\Public\Documents\The_Witcher_2_Assassins_of_Kings-k1koo.part1.rar
[2011/06/06 10:13:48 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part7.rar
[2011/06/06 09:26:12 | 627,213,134 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part8.rar
[2011/06/06 02:10:46 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part6.rar
[2011/06/05 21:18:14 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part4.rar
[2011/06/05 19:55:35 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part3.rar
[2011/06/05 18:42:20 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part2.rar
[2011/06/05 17:08:28 | 1073,741,824 | ---- | C] () -- C:\Users\Public\Documents\sr-fable3.iso.part1.rar
[2011/03/31 20:02:48 | 000,000,093 | ---- | C] () -- C:\Users\James\AppData\Local\fusioncache.dat
[2011/03/30 21:51:55 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/30 21:51:54 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/30 21:51:54 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/02/20 16:53:53 | 000,748,584 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/07 18:42:47 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/02/07 18:42:47 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/02/07 18:42:47 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/02/07 18:42:47 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/02/07 18:42:47 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/02/07 18:42:47 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/02/07 18:42:47 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/02/07 18:42:47 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/02/07 18:42:47 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/02/07 18:42:47 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011/02/07 18:42:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/02/07 18:42:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/02/07 18:42:47 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/02/07 18:42:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/02/07 18:42:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/02/07 18:42:47 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011/02/07 18:42:47 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011/02/07 18:42:47 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/02/07 18:42:47 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/02/07 18:38:53 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX3900EC.ini
[2011/01/16 22:37:12 | 000,000,341 | ---- | C] () -- C:\Windows\game.ini
[2011/01/14 20:05:32 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011/01/14 20:05:32 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011/01/14 20:05:32 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011/01/14 19:49:41 | 000,049,187 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011/01/01 21:17:13 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2010/09/16 21:03:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/16 21:00:51 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/09/16 20:57:17 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010/09/16 20:55:36 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/09/16 20:55:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/09/16 20:55:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/09/16 20:55:35 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/09/16 20:55:35 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/09/16 20:55:34 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/09/16 20:55:18 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/16 20:55:18 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/07/27 12:22:49 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/07/27 11:22:20 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/02/10 13:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 17:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 14:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 14:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 12:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 11:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 09:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/14 09:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 09:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/06/07 23:18:39 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2010/12/31 19:44:25 | 001,750,504 | ---- | M] (CPUID) -- C:\Users\James\Desktop\HWMonitor.exe
[2008/11/09 12:18:16 | 000,353,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\James\Desktop\RealPlayer11GOLD.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/05/14 21:26:08 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2011/05/14 21:26:10 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[2011/05/14 21:26:10 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/06/21 18:39:29 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\log.txt
[2009/07/14 11:43:53 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\stdole2.tlb

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/06/18 12:34:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/06/13 19:14:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\All games
[2010/12/28 17:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2010/09/16 20:57:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2011/03/26 21:00:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira
[2010/09/16 21:26:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2011/06/18 12:34:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/09/16 21:18:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2011/01/16 20:44:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011/02/07 19:56:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EPSON
[2011/06/10 15:49:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
[2011/01/04 21:07:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/09/16 21:01:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2010/09/16 21:24:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2010/07/27 11:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Photo Creations
[2011/05/21 11:13:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/09/16 20:58:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/06/18 12:42:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/06/12 03:49:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/06/08 15:17:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/07/27 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/02/20 16:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011/03/28 21:49:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/07/27 11:32:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/07/27 09:28:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/03/28 21:49:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/03/28 21:47:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/03/28 21:50:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/03/28 21:49:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/05/14 21:26:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2011/03/28 21:49:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/09/16 21:26:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010/12/29 21:51:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010/12/26 01:33:04 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2010/09/16 21:00:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ralink
[2011/05/21 11:13:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Razer
[2010/09/16 20:59:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 17:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/09/16 21:04:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SoftStylus
[2011/03/30 20:49:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2009/07/14 16:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/07/14 17:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/07/27 09:28:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/07/27 09:27:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/12/29 21:59:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/12/29 21:59:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 17:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/14 17:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/14 17:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/12/26 01:32:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/01/14 18:56:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR


< MD5 for: AGP440.SYS >
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_0dbde3119acb22ca\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_dab2e93700ba2683\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys

< MD5 for: DISK.SYS >
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTOR.SYS >
[2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\SysNative\drivers\nvstor.sys
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_c09ee40f078b4594\nvstor.sys
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 13:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 13:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2010/07/27 10:09:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/05/14 21:26:10 | 000,711,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/05/14 21:26:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)

< End of report >

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Tue Jun 21, 2011 9:07 am

umm i scaned with OTL twice but niether came up with extras txt, n i couldnt find it.

asw MBR Log


aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-21 20:51:50
-----------------------------
20:51:50.598 OS Version: Windows x64 6.1.7600
20:51:50.598 Number of processors: 4 586 0x2505
20:51:50.598 ComputerName: JAMES-HP UserName: James
20:51:52.268 Initialize success
20:52:12.204 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:52:12.204 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
20:52:12.236 Disk 0 MBR read successfully
20:52:12.236 Disk 0 MBR scan
20:52:12.236 Disk 0 unknown MBR code
20:52:12.236 Service scanning
20:52:13.172 Disk 0 trace - called modules:
20:52:13.203 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
20:52:13.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006fd8060]
20:52:13.203 3 CLASSPNP.SYS[fffff88001a4943f] -> nt!IofCallDriver -> [0xfffffa80050feb10]
20:52:13.218 5 hpdskflt.sys[fffff88001677289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fe3050]
20:52:13.218 Scan finished successfully
20:52:53.794 Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\MBR.dat"
20:52:53.794 The log file has been saved successfully to "C:\Users\James\Desktop\aswMBR log.txt"



lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Tue Jun 21, 2011 9:10 am

also i have my avira log if its help full





Avira AntiVir Personal
Report file date: Tuesday, 21 June 2011 19:17

Scanning for 2801301 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : JAMES-HP

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 1/04/2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 1/05/2011 09:28:41
AVSCAN.DLL : 10.0.3.0 46440 Bytes 31/03/2010 23:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 4/03/2011 01:36:59
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 10:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 20:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 01:37:07
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9/02/2011 01:37:08
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7/04/2011 03:26:52
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31/05/2011 08:58:42
VBASE005.VDF : 7.11.8.179 2048 Bytes 31/05/2011 08:58:42
VBASE006.VDF : 7.11.8.180 2048 Bytes 31/05/2011 08:58:43
VBASE007.VDF : 7.11.8.181 2048 Bytes 31/05/2011 08:58:43
VBASE008.VDF : 7.11.8.182 2048 Bytes 31/05/2011 08:58:44
VBASE009.VDF : 7.11.8.183 2048 Bytes 31/05/2011 08:58:45
VBASE010.VDF : 7.11.8.184 2048 Bytes 31/05/2011 08:58:46
VBASE011.VDF : 7.11.8.185 2048 Bytes 31/05/2011 08:58:46
VBASE012.VDF : 7.11.8.186 2048 Bytes 31/05/2011 08:58:47
VBASE013.VDF : 7.11.8.222 121856 Bytes 2/06/2011 08:58:55
VBASE014.VDF : 7.11.9.7 134656 Bytes 4/06/2011 08:59:05
VBASE015.VDF : 7.11.9.42 136192 Bytes 6/06/2011 08:59:13
VBASE016.VDF : 7.11.9.72 117248 Bytes 7/06/2011 06:39:22
VBASE017.VDF : 7.11.9.107 130560 Bytes 9/06/2011 06:39:27
VBASE018.VDF : 7.11.9.143 132096 Bytes 10/06/2011 06:39:35
VBASE019.VDF : 7.11.9.172 141824 Bytes 14/06/2011 06:39:41
VBASE020.VDF : 7.11.9.214 144896 Bytes 15/06/2011 06:39:49
VBASE021.VDF : 7.11.9.244 196608 Bytes 16/06/2011 06:39:56
VBASE022.VDF : 7.11.10.28 152576 Bytes 20/06/2011 06:40:03
VBASE023.VDF : 7.11.10.29 2048 Bytes 20/06/2011 06:40:03
VBASE024.VDF : 7.11.10.30 2048 Bytes 20/06/2011 06:40:04
VBASE025.VDF : 7.11.10.31 2048 Bytes 20/06/2011 06:40:04
VBASE026.VDF : 7.11.10.32 2048 Bytes 20/06/2011 06:40:05
VBASE027.VDF : 7.11.10.33 2048 Bytes 20/06/2011 06:40:05
VBASE028.VDF : 7.11.10.34 2048 Bytes 20/06/2011 06:40:05
VBASE029.VDF : 7.11.10.35 2048 Bytes 20/06/2011 06:40:06
VBASE030.VDF : 7.11.10.36 2048 Bytes 20/06/2011 06:40:06
VBASE031.VDF : 7.11.10.42 66560 Bytes 21/06/2011 06:40:09
Engineversion : 8.2.5.20
AEVDF.DLL : 8.1.2.1 106868 Bytes 4/03/2011 01:36:49
AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 31/05/2011 10:54:34
AESCN.DLL : 8.1.7.2 127349 Bytes 4/03/2011 01:36:48
AESBX.DLL : 8.2.1.34 323957 Bytes 7/06/2011 09:01:37
AERDL.DLL : 8.1.9.9 639347 Bytes 26/03/2011 09:02:57
AEPACK.DLL : 8.2.6.9 557429 Bytes 21/06/2011 06:41:28
AEOFFICE.DLL : 8.1.1.25 205178 Bytes 7/06/2011 09:01:28
AEHEUR.DLL : 8.1.2.128 3547512 Bytes 21/06/2011 06:41:16
AEHELP.DLL : 8.1.17.2 246135 Bytes 25/05/2011 05:55:10
AEGEN.DLL : 8.1.5.6 401780 Bytes 25/05/2011 05:54:44
AEEMU.DLL : 8.1.3.0 393589 Bytes 4/03/2011 01:36:40
AECORE.DLL : 8.1.21.1 196983 Bytes 25/05/2011 05:54:00
AEBB.DLL : 8.1.1.0 53618 Bytes 4/03/2011 01:36:39
AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/03/2011 01:36:53
AVPREF.DLL : 10.0.0.0 44904 Bytes 4/03/2011 01:36:52
AVREP.DLL : 10.0.0.10 174120 Bytes 19/05/2011 06:49:32
AVREG.DLL : 10.0.3.2 53096 Bytes 4/03/2011 01:36:52
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 1/05/2011 09:28:41
AVARKT.DLL : 10.0.22.6 231784 Bytes 4/03/2011 01:36:50
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 4/03/2011 01:36:51
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 01:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/03/2011 01:36:53
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 01:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 4/03/2011 01:37:12
RCTEXT.DLL : 10.0.58.0 97128 Bytes 4/03/2011 01:37:12

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, Q:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Tuesday, 21 June 2011 19:17

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'WINWORD.EXE' - '79' Module(s) have been scanned
Scan process 'plugin-container.exe' - '63' Module(s) have been scanned
Scan process 'avscan.exe' - '80' Module(s) have been scanned
Scan process 'avscan.exe' - '30' Module(s) have been scanned
Scan process 'avcenter.exe' - '99' Module(s) have been scanned
Scan process 'firefox.exe' - '128' Module(s) have been scanned
Scan process 'IELowutil.exe' - '31' Module(s) have been scanned
Scan process 'UNS.exe' - '59' Module(s) have been scanned
Scan process 'LMS.exe' - '29' Module(s) have been scanned
Scan process 'HPAdvisor.exe' - '106' Module(s) have been scanned
Scan process 'btplayerctrl.exe' - '29' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '38' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '76' Module(s) have been scanned
Scan process 'vdDaemon.exe' - '36' Module(s) have been scanned
Scan process 'razerofa.exe' - '18' Module(s) have been scanned
Scan process 'razertra.exe' - '30' Module(s) have been scanned
Scan process 'jusched.exe' - '26' Module(s) have been scanned
Scan process 'razerhid.exe' - '42' Module(s) have been scanned
Scan process 'ArcCon.ac' - '62' Module(s) have been scanned
Scan process 'avgnt.exe' - '57' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '43' Module(s) have been scanned
Scan process 'HPMSGSVC.exe' - '47' Module(s) have been scanned
Scan process 'mswinext.exe' - '101' Module(s) have been scanned
Scan process 'YCMMirage.exe' - '36' Module(s) have been scanned
Scan process 'DTLite.exe' - '46' Module(s) have been scanned
Scan process 'sftlist.exe' - '71' Module(s) have been scanned
Scan process 'sftvsa.exe' - '28' Module(s) have been scanned
Scan process 'LightScribeControlPanel.exe' - '34' Module(s) have been scanned
Scan process 'SeaPort.exe' - '51' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '27' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '25' Module(s) have been scanned
Scan process 'HPWMISVC.exe' - '32' Module(s) have been scanned
Scan process 'HPDrvMntSvc.exe' - '19' Module(s) have been scanned
Scan process 'avguard.exe' - '69' Module(s) have been scanned
Scan process 'armsvc.exe' - '25' Module(s) have been scanned
Scan process 'ACService.exe' - '24' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Starting to scan executable files (registry).
The registry was scanned ( '134' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
Begin scan in 'D:\'
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.

Beginning disinfection:
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
[WARNING] The file was ignored!


End of the scan: Tuesday, 21 June 2011 20:35
Used time: 1:17:29 Hour(s)

The scan has been done completely.

35800 Scanned directories
1424933 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1424932 Files not concerned
6842 Archives were scanned
1 Warnings
2 Notes
566207 Objects were scanned with rootkit scan
2 Hidden objects were found



thanks,
James
Im not sure what taskeng.exe is but i just didnt want to take anychances so i decided to chexk it here thanks.

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Wed Jun 22, 2011 1:20 am

Hi,

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Wed Jun 22, 2011 2:33 am

ComboFix 11-06-21.05 - James 22/06/2011 14:25:43.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.64.1033.18.3894.2406 [GMT 12:00]
Running from: c:\users\James\Desktop\commy.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-05-22 to 2011-06-22 )))))))))))))))))))))))))))))))
.
.
2011-06-22 02:29 . 2011-06-22 02:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-18 03:14 . 2011-06-18 03:14 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-18 00:40 . 2011-05-18 00:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30F5C0FC-C557-4A3A-9D95-60F2746EE623}\mpengine.dll
2011-06-18 00:34 . 2011-06-18 00:34 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-06-11 15:50 . 2011-06-11 15:50 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-11 15:49 . 2011-06-11 15:49 -------- d-----w- c:\program files (x86)\Java
2011-06-10 03:49 . 2011-06-10 03:49 -------- d-----w- c:\program files (x86)\ESET
2011-06-09 07:28 . 2011-06-09 07:29 -------- d-----w- C:\commy
2011-06-08 03:17 . 2011-06-08 03:17 -------- d-----w- c:\users\James\AppData\Roaming\Malwarebytes
2011-06-08 03:17 . 2011-05-28 21:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-08 03:17 . 2011-06-08 03:17 -------- d-----w- c:\programdata\Malwarebytes
2011-06-08 03:17 . 2011-06-08 03:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-08 03:17 . 2011-05-28 21:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-06 00:55 . 2011-06-06 00:55 183696 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-06-04 04:00 . 2011-06-04 04:00 -------- d-----w- c:\users\James\AppData\Roaming\EPSON
2011-05-26 11:37 . 2011-02-18 06:37 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-05-26 11:37 . 2011-03-11 06:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-05-26 11:37 . 2011-02-18 05:36 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-26 11:37 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-05-26 11:37 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-05-26 11:37 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-05-26 11:33 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-26 11:33 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-26 11:33 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-05-26 11:32 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-05-26 07:26 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 15:49 . 2010-07-26 23:43 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-24 07:14 . 2011-02-26 19:37 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-04-16 23:43 . 2011-03-30 09:51 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-04-16 23:43 . 2011-03-30 09:51 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-04-16 23:43 . 2011-03-30 09:51 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-04-16 00:02 . 2011-03-30 09:21 792 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-03-30 09:26 . 2011-03-30 09:26 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-10 06:56 . 2010-06-01 16:55 74072 c:\windows\SysWOW64\XAPOFX1_5.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 74072 c:\windows\SysWOW64\XAPOFX1_4.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 22360 c:\windows\SysWOW64\X3DAudio1_7.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 67072 c:\windows\SysWOW64\mshtmled.dll
- 2011-05-26 11:36 . 2011-02-24 05:30 67072 c:\windows\SysWOW64\mshtmled.dll
- 2011-05-26 11:36 . 2011-02-24 05:27 12800 c:\windows\SysWOW64\msfeedssync.exe
+ 2011-06-18 00:38 . 2011-04-22 19:30 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2011-05-26 11:36 . 2011-02-24 05:30 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 64512 c:\windows\SysWOW64\msfeedsbs.dll
- 2011-05-26 11:36 . 2011-02-24 05:32 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-05-26 11:36 . 2011-02-24 05:30 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-05-26 11:36 . 2011-02-24 05:30 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-21 20:41 . 2011-06-21 20:41 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-06-08 12:23 . 2011-06-08 12:23 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2011-06-22 01:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-09 07:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-22 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-09 07:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-22 01:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-09 07:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-10 06:56 . 2010-06-01 16:55 77656 c:\windows\system32\XAPOFX1_5.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 78680 c:\windows\system32\XAPOFX1_4.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 24920 c:\windows\system32\X3DAudio1_7.dll
+ 2010-07-26 21:25 . 2011-06-22 01:16 55958 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-22 01:16 43892 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-25 13:33 . 2011-06-22 01:16 11002 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4024759652-3840768782-4020672648-1001_UserData.bin
- 2011-05-26 11:36 . 2011-02-24 06:25 97280 c:\windows\system32\mshtmled.dll
+ 2011-06-18 00:38 . 2011-04-22 20:14 97280 c:\windows\system32\mshtmled.dll
- 2011-05-26 11:36 . 2011-02-24 06:21 12288 c:\windows\system32\msfeedssync.exe
+ 2011-06-18 00:38 . 2011-04-22 20:09 12288 c:\windows\system32\msfeedssync.exe
+ 2011-06-18 00:38 . 2011-04-22 20:14 82944 c:\windows\system32\msfeedsbs.dll
- 2011-05-26 11:36 . 2011-02-24 06:25 82944 c:\windows\system32\msfeedsbs.dll
- 2011-05-26 11:36 . 2011-02-24 06:29 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-06-18 00:38 . 2011-04-22 20:18 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-06-18 00:38 . 2011-04-22 20:14 57856 c:\windows\system32\licmgr10.dll
- 2011-05-26 11:36 . 2011-02-24 06:24 57856 c:\windows\system32\licmgr10.dll
+ 2011-06-18 00:38 . 2011-04-22 20:13 64512 c:\windows\system32\jsproxy.dll
- 2011-05-26 11:36 . 2011-02-24 06:24 64512 c:\windows\system32\jsproxy.dll
- 2010-12-26 08:21 . 2011-06-03 09:30 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 08:21 . 2011-06-18 00:44 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 08:21 . 2011-06-18 00:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 08:21 . 2011-06-03 09:30 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-03 09:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-18 00:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-26 01:34 . 2011-06-22 01:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-26 01:34 . 2011-06-09 07:09 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-06-18 20:00 80184 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-12-26 01:34 . 2011-06-09 07:09 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-26 01:34 . 2011-06-22 01:14 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 01:34 . 2011-06-09 07:09 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-26 01:34 . 2011-06-22 01:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-25 13:36 . 2011-06-09 07:15 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-25 13:36 . 2011-06-22 02:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-25 13:36 . 2011-06-09 07:15 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-25 13:36 . 2011-06-22 02:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-04-17 00:24 . 2011-04-17 00:24 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-06-22 01:13 . 2011-06-22 01:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-09 07:08 . 2011-06-09 07:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-22 01:13 . 2011-06-22 01:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-09 07:08 . 2011-06-09 07:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-10 06:56 . 2010-06-01 16:55 527192 c:\windows\SysWOW64\XAudio2_7.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 528216 c:\windows\SysWOW64\XAudio2_6.dll
+ 2011-06-10 06:56 . 2010-06-01 16:55 239960 c:\windows\SysWOW64\xactengine3_7.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 238936 c:\windows\SysWOW64\xactengine3_6.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 981504 c:\windows\SysWOW64\wininet.dll
- 2011-05-26 11:36 . 2011-02-24 05:32 981504 c:\windows\SysWOW64\wininet.dll
- 2010-12-26 02:02 . 2010-04-07 07:10 571904 c:\windows\SysWOW64\oleaut32.dll
+ 2011-06-18 00:38 . 2010-12-18 05:31 571904 c:\windows\SysWOW64\oleaut32.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 606208 c:\windows\SysWOW64\mstime.dll
- 2011-05-26 11:36 . 2011-02-24 05:30 606208 c:\windows\SysWOW64\mstime.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2011-06-18 03:14 . 2011-06-18 03:14 240288 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe
- 2011-03-26 08:53 . 2011-02-02 08:40 157472 c:\windows\SysWOW64\javaws.exe
+ 2011-06-11 15:49 . 2011-06-11 15:49 157472 c:\windows\SysWOW64\javaws.exe
- 2011-03-26 08:53 . 2011-02-02 08:40 145184 c:\windows\SysWOW64\javaw.exe
+ 2011-06-11 15:49 . 2011-06-11 15:49 145184 c:\windows\SysWOW64\javaw.exe
- 2011-03-26 08:53 . 2011-02-02 08:40 145184 c:\windows\SysWOW64\java.exe
+ 2011-06-11 15:49 . 2011-06-11 15:49 145184 c:\windows\SysWOW64\java.exe
- 2011-05-26 11:36 . 2011-03-08 05:38 740864 c:\windows\SysWOW64\inetcomm.dll
+ 2011-06-18 00:38 . 2011-05-03 04:50 740864 c:\windows\SysWOW64\inetcomm.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 176640 c:\windows\SysWOW64\ieui.dll
- 2011-05-26 11:36 . 2011-02-24 05:29 176640 c:\windows\SysWOW64\ieui.dll
- 2011-05-26 11:36 . 2011-02-24 05:29 185856 c:\windows\SysWOW64\iepeers.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 185856 c:\windows\SysWOW64\iepeers.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 381440 c:\windows\SysWOW64\iedkcs32.dll
- 2011-05-26 11:36 . 2011-02-24 05:29 381440 c:\windows\SysWOW64\iedkcs32.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 248672 c:\windows\SysWOW64\d3dx11_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 470880 c:\windows\SysWOW64\d3dx10_43.dll
+ 2011-06-18 00:38 . 2010-11-02 04:35 218624 c:\windows\SysWOW64\d3d10_1core.dll
+ 2011-06-18 00:38 . 2011-01-17 05:38 161792 c:\windows\SysWOW64\d3d10_1.dll
- 2009-07-13 23:27 . 2009-07-14 01:15 161792 c:\windows\SysWOW64\d3d10_1.dll
+ 2011-06-10 06:56 . 2010-06-01 16:55 518488 c:\windows\system32\XAudio2_7.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 530776 c:\windows\system32\XAudio2_6.dll
+ 2011-06-10 06:56 . 2010-06-01 16:55 176984 c:\windows\system32\xactengine3_7.dll
+ 2011-06-10 06:56 . 2010-02-03 22:01 176984 c:\windows\system32\xactengine3_6.dll
+ 2010-12-27 07:02 . 2011-06-15 08:10 264040 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-06-06 12:03 637672 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-21 06:40 637672 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-21 06:40 114824 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-06-06 12:03 114824 c:\windows\system32\perfc009.dat
+ 2011-06-18 00:38 . 2010-12-18 06:13 861184 c:\windows\system32\oleaut32.dll
- 2010-12-26 02:02 . 2010-04-07 07:37 861184 c:\windows\system32\oleaut32.dll
+ 2011-06-18 00:38 . 2011-04-22 20:14 703488 c:\windows\system32\msfeeds.dll
- 2011-05-26 11:36 . 2011-02-24 06:25 703488 c:\windows\system32\msfeeds.dll
+ 2011-06-18 00:38 . 2011-05-03 05:21 976896 c:\windows\system32\inetcomm.dll
- 2011-05-26 11:36 . 2011-03-08 06:14 976896 c:\windows\system32\inetcomm.dll
- 2011-05-26 11:36 . 2011-02-24 06:24 247808 c:\windows\system32\ieui.dll
+ 2011-06-18 00:38 . 2011-04-22 20:13 247808 c:\windows\system32\ieui.dll
+ 2011-06-18 00:38 . 2011-04-22 20:13 256000 c:\windows\system32\iepeers.dll
- 2011-05-26 11:36 . 2011-02-24 06:24 256000 c:\windows\system32\iepeers.dll
- 2011-05-26 11:36 . 2011-02-24 06:24 445952 c:\windows\system32\iedkcs32.dll
+ 2011-06-18 00:38 . 2011-04-22 20:13 445952 c:\windows\system32\iedkcs32.dll
+ 2009-07-14 04:45 . 2011-06-18 00:43 425704 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2011-05-26 11:48 425704 c:\windows\system32\FNTCACHE.DAT
+ 2011-06-18 00:38 . 2011-04-29 03:12 161792 c:\windows\system32\drivers\srvnet.sys
- 2011-05-26 11:36 . 2011-02-23 05:15 161792 c:\windows\system32\drivers\srvnet.sys
+ 2011-06-18 00:38 . 2011-04-29 03:12 399872 c:\windows\system32\drivers\srv2.sys
- 2011-05-26 11:36 . 2011-02-23 05:16 461312 c:\windows\system32\drivers\srv.sys
+ 2011-06-18 00:38 . 2011-04-29 03:13 461312 c:\windows\system32\drivers\srv.sys
+ 2011-06-18 00:38 . 2011-05-04 02:51 126464 c:\windows\system32\drivers\mrxsmb20.sys
- 2011-05-26 11:33 . 2011-02-23 05:15 126464 c:\windows\system32\drivers\mrxsmb20.sys
+ 2011-06-18 00:38 . 2011-05-04 02:51 287744 c:\windows\system32\drivers\mrxsmb10.sys
+ 2011-06-18 00:38 . 2011-05-04 02:51 157696 c:\windows\system32\drivers\mrxsmb.sys
- 2011-05-26 11:33 . 2011-02-23 05:15 157696 c:\windows\system32\drivers\mrxsmb.sys
+ 2011-06-18 00:38 . 2011-04-27 02:57 102400 c:\windows\system32\drivers\dfsc.sys
- 2009-07-13 23:23 . 2009-07-13 23:23 102400 c:\windows\system32\drivers\dfsc.sys
+ 2011-06-18 00:38 . 2011-04-25 02:44 499712 c:\windows\system32\drivers\afd.sys
+ 2011-06-10 06:56 . 2010-05-25 23:41 276832 c:\windows\system32\d3dx11_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 511328 c:\windows\system32\d3dx10_43.dll
+ 2011-06-18 00:38 . 2010-11-02 05:12 320512 c:\windows\system32\d3d10_1core.dll
+ 2011-06-18 00:38 . 2011-01-17 06:17 197120 c:\windows\system32\d3d10_1.dll
- 2009-07-13 23:41 . 2009-07-14 01:40 197120 c:\windows\system32\d3d10_1.dll
+ 2009-07-14 05:12 . 2011-06-10 06:52 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-05-26 11:49 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-06-21 20:41 405928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-08 12:23 405928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-06-11 15:50 . 2011-06-11 15:50 207360 c:\windows\Installer\1500d9b.msi
+ 2011-06-11 15:48 . 2011-06-11 15:48 681984 c:\windows\Installer\1500d89.msi
- 2011-04-17 00:24 . 2011-04-17 00:24 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 1229824 c:\windows\SysWOW64\urlmon.dll
+ 2011-06-18 00:38 . 2011-05-28 04:38 5984256 c:\windows\SysWOW64\mshtml.dll
+ 2011-02-13 08:23 . 2011-06-18 03:14 6271136 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 2063360 c:\windows\SysWOW64\iertutil.dll
- 2011-05-26 11:36 . 2011-02-24 05:29 2063360 c:\windows\SysWOW64\iertutil.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 1998168 c:\windows\SysWOW64\D3DX9_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 1868128 c:\windows\SysWOW64\d3dcsx_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 2106216 c:\windows\SysWOW64\D3DCompiler_43.dll
- 2011-05-26 11:36 . 2011-02-24 06:29 1197056 c:\windows\system32\wininet.dll
+ 2011-06-18 00:38 . 2011-04-22 20:18 1197056 c:\windows\system32\wininet.dll
+ 2011-06-18 00:38 . 2011-05-28 03:07 3133952 c:\windows\system32\win32k.sys
+ 2011-06-18 00:38 . 2011-04-22 20:18 1500160 c:\windows\system32\urlmon.dll
- 2011-05-26 11:36 . 2011-02-24 06:25 1026560 c:\windows\system32\mstime.dll
+ 2011-06-18 00:38 . 2011-04-22 20:15 1026560 c:\windows\system32\mstime.dll
+ 2011-06-18 00:38 . 2011-05-28 05:22 9316352 c:\windows\system32\mshtml.dll
+ 2011-06-18 00:38 . 2011-04-22 20:13 2448896 c:\windows\system32\iertutil.dll
+ 2011-06-18 00:38 . 2011-04-25 05:32 1896832 c:\windows\system32\drivers\tcpip.sys
- 2010-09-16 09:45 . 2010-09-16 09:45 1896832 c:\windows\system32\drivers\tcpip.sys
+ 2011-06-10 06:56 . 2010-05-25 23:41 2401112 c:\windows\system32\D3DX9_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 1907552 c:\windows\system32\d3dcsx_43.dll
+ 2011-06-10 06:56 . 2010-05-25 23:41 2526056 c:\windows\system32\D3DCompiler_43.dll
+ 2009-07-14 04:45 . 2011-06-18 00:46 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-05-26 11:49 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-09-16 09:37 . 2011-06-21 20:41 1425840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-09-16 09:37 . 2011-06-08 12:23 1425840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-05-17 19:42 . 2011-05-17 19:42 4372992 c:\windows\Installer\2f0ddc.msi
+ 2011-06-10 06:55 . 2011-06-10 06:55 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-10 06:55 . 2011-06-10 06:55 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-04-17 00:24 . 2011-04-17 00:24 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-18 00:38 . 2011-04-22 19:31 10990080 c:\windows\SysWOW64\ieframe.dll
+ 2009-07-14 02:34 . 2011-06-22 01:27 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-03-26 08:39 . 2011-06-18 00:40 49454024 c:\windows\system32\MRT.exe
+ 2011-06-18 00:38 . 2011-04-22 20:13 12372480 c:\windows\system32\ieframe.dll
+ 2010-12-26 02:39 . 2011-06-21 20:41 21770374 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4024759652-3840768782-4020672648-1001-8192.dat
+ 2011-06-07 00:00 . 2011-06-07 00:00 48470016 c:\windows\Installer\409f6.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-06-16 2736128]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-22 98304]
"Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe" [2010-04-14 243544]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-06-30 602168]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2011-02-19 248320]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Philips GoGear ARIA Device Manager.lnk - c:\philips\GoGear ARIA Device Manager\GoGear_Aria_DeviceManager.exe [2010-12-28 1611152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-01 136360]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-27 821664]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-30 27192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-16 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 20:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-21 c:\windows\Tasks\HPCeeScheduleForJames.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-22 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-22 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-22 414744]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4024759652-3840768782-4020672648-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-22 14:31:15
ComboFix-quarantined-files.txt 2011-06-22 02:31
ComboFix2.txt 2011-06-09 07:50
ComboFix3.txt 2011-06-09 07:27
.
Pre-Run: 78,954,618,880 bytes free
Post-Run: 78,679,945,216 bytes free
.
- - End Of File - - 43EB4F9E7E85079CE7EF3534C5EEEF77


hey
cheers

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Thu Jun 23, 2011 4:42 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Thu Jun 23, 2011 6:59 am

hey it didnt fnd anything

Malwarebytes' Anti-Malware 1.51.0.1200
[You must be registered and logged in to see this link.]

Database version: 6923

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23/06/2011 6:58:54 p.m.
mbam-log-2011-06-23 (18-58-54).txt

Scan type: Quick scan
Objects scanned: 170050
Time elapsed: 2 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


cheers

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Fri Jun 24, 2011 6:47 am

Hi,

Please run a free online scan with the [You must be registered and logged in to see this link.]
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Fri Jun 24, 2011 10:29 am

Hey, there was not log that popped up or @ C:\Program Files\EsetOnlineScanner\log.txt with eset online scanner

this was the window of ESET after the scan

No threats found.
scanned files: 183952
infected files: 0
cleaned files: 0
total scan time 00:56:35
scan status: Finished

Cheers,
James

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Sun Jun 26, 2011 5:40 am

Hi,

How's your computer running now?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Sun Jun 26, 2011 9:14 am

Hey,
i don't think anythings changed from before the 'taskeng.exe' ran on my laptop. The speeds pretty much the same everything seems to work fine.

Cheers,
James

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Mon Jun 27, 2011 4:33 am

Hi,

Is taskeng.exe located in System32?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Mon Jun 27, 2011 11:48 am

Hey i searched my computer, it came up with 13 items heres the list of where they are located

1
taskeng
C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc

2
taskeng
C:\Windows\System32

3
taskeng
C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0

4
taskeng
C:\Windows\SysWOW64

5
taskeng
C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a

6
taskeng
C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6

7
taskeng.exe.mui
C:\Windows\System32\en-US

8
taskeng.exe.mui
C:\Windows\winsxs\amd64_microsoft-windows-t..er-engine.resources_31bf3856ad364e35_6.1.7600.16385_en-us_133138db7a4bbc25

9
taskeng.exe.mui
C:\Windows\SysWOW64\en-US

10
taskeng.exe.mui
C:\Windows\winsxs\x86_microsoft-windows-t..er-engine.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b7129d57c1ee4aef

11
taskeng
C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe

12
taskeng
C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8

13
the last taskeng has a mozilla firefox icon, and no location, its highlighted with yellow, like all the taskeng.exe.mui files. im guess the mozilla one is because I im in this thread, which has the same name

cheers,
James

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Tue Jun 28, 2011 8:56 pm

Hi,

Could you please take a screenshot of the 13th one?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Wed Jun 29, 2011 5:40 am

Hey,
the 13th 1 i clicked into it an it took me to this site so... i donno wat that means
annyways how do i post it on here?

e/
k i think i got it on its in word tho sry

cheers


lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Thu Jun 30, 2011 2:32 am

I can't open .doc or .docx files. Please use .txt files.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Thu Jun 30, 2011 10:01 am

Hi,
I dont really know what u mean by .txt, I cant seem to paste into notepad if thats wat u meant. I was playing round with the functions and found i could post it so it could be viewed here

cheers,
James

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


edit, hey Ive posted it on the thread, hope ya can c it

cheers

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Fri Jul 01, 2011 3:13 am

Hi,

What is the bottom taskeng.exe's filepath?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Fri Jul 01, 2011 4:24 am

Hi, sry im not sure wat u mean but when i right click on it and go to properties, it says its a internet address which is

[You must be registered and logged in to see this link.]

ill get a screen shot up

cheers,
James

edit,
[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

cheers

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Sat Jul 02, 2011 4:31 am

Oh, it is just a link to this thread. It is fine. Anything else?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by lolaplow on Sat Jul 02, 2011 6:08 am

Hi,
So it wasnt anything that was harmful to my computer?

If its not, i guess its solved, thanks 4 checking anyways.

Cheers,
James

lolaplow
Novice
Novice

Posts Posts : 38
Joined Joined : 2011-06-07
Gender Gender : Male
OS OS : windows 7
Points Points : 20614
# Likes # Likes : 0

View user profile

Back to top Go down

Re: taskeng.exe

Post by Sneakyone on Sun Jul 03, 2011 4:22 am

Nope, you're welcome, glad to help. Smile


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum