please read hijackthis log here (Software problem )

Ninapearl

hi im sorry if im in the wrong spot dont have much time to post since my computer keeps shutting down with out a erra or anything warning me my computer is only about 3-4 months old! i am running a 64bit duo gateway i was infected with a tro-gen something and trend helped me delete it but what ever they had me delete iit now has my computer shutting down and not useable! i did a full system recovery and it still is doing the same thing anyone know why? please help me thanks a bunch

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:06 PM, on 7/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Safe mode with network support
Running processes:
C:\Users\HOUSE\Desktop\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files (x86)\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9958 bytes

Ninapearl

this is another log i did

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:23:43 PM, on 7/17/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\MHotKey.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Windows\CNYHKey.exe
C:\Windows\ModLedKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil9f.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files (x86)\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10701 bytes

Katana

Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

1. Please Read All Instructions Carefully
2. If you don't understand something, stop and ask! Don't keep going on.
3. Please do not run any other tools or scans whilst I am helping you
4. Failure to reply within 5 days will result in the topic being closed.
5. Please continue to respond until I give you the "All Clear"
   (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

---

What happened ?
It's only last month that we cleaned your machine.

1) i was infected with a tro-gen something and trend helped me delete it but what ever they had me delete iit now has my computer shutting down and not useable!
2) i did a full system recovery and it still is doing the same thing anyone know why?

1) You would be best contacting Trend again, they know what the removed.
2) Can you describe the problem in a bit more detail.


OTScanIt

1. Please download OTS.exe by OldTimer and save it to your desktop.
2. Double click on OTS.exe to run it.
3. Put a checkmark in the Include 64Bit Scans box
4. Under Additional Scans section, put a check mark next to Reg - Uninstall List. ( you will need to scroll down)
5. Click on the Run Scan button at the top left hand corner.
6. OTS will start running. Once done, Notepad will open. Please post the contents of this Notepad file in your next reply.

Ninapearl

THIS IS WHAT TREND HAD ME DELETE - O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} -
C:\Program Files (x86)\System Search Dispatcher\1.2.0.750\ssd.dll

- O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

(this is the virus im dealing with)
TROJ_GEN.4X2739

OK... atfter i deleted this then my computer started to shut down trend said they dont know why my computer dont stay on long enuff to really troubleshoot i did a scan every day sometimes more then 3 times! never found anything i decided to do one the other day and 23 of the same thing popped up im still getting help from trend they told me to call gateway and have them do a system recovery and i did that but still is shutting down on me! my computer is not old at all! and i dont see why it is doing this i mean im sure i caugh this virus befor it could go any where and last month when u cleared my computer there was nothing found i didnt do snything different that i do anynormal day except download fonts:( but i scanned them! 1st but it dont evan let me stay on more then 10 mins so i try and rush to send what ever i have to to trend and here sorry if im confusing u but i did a full system recovery and it still didnt help! gateway said that they send a disk out for me and if this dont workthen my computer will be sent for fixing i hope i get it up and working soon

Ninapearl

Ninapearl wrote:

THIS IS WHAT TREND HAD ME DELETE - O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} -
C:\Program Files (x86)\System Search Dispatcher\1.2.0.750\ssd.dll

- O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

(this is the virus im dealing with)
TROJ_GEN.4X2739

OK... atfter i deleted this then my computer started to shut down trend said they dont know why my computer dont stay on long enuff to really troubleshoot i did a scan every day sometimes more then 3 times! never found anything i decided to do one the other day and 23 of the same thing popped up im still getting help from trend they told me to call gateway and have them do a system recovery and i did that but still is shutting down on me! my computer is not old at all! and i dont see why it is doing this i mean im sure i caugh this virus befor it could go any where and last month when u cleared my computer there was nothing found i didnt do snything different that i do anynormal day except download fonts:( but i scanned them! 1st but it dont evan let me stay on more then 10 mins so i try and rush to send what ever i have to to trend and here sorry if im confusing u but i did a full system recovery and it still didnt help! gateway said that they send a disk out for me and if this dont workthen my computer will be sent for fixing i hope i get it up and working soon

sorry for the bother

Ninapearl

here is the ots


[code]
OTS logfile created on: 7/19/2009 1:12:46 PM - Run 1
OTS by OldTimer - Version 3.0.10.0 Folder = C:\Users\HOUSE\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.52 Gb Total Space | 538.71 Gb Free Space | 92.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGIE-PC
Current User Name: HOUSE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
aluschedulersvc.exe -> c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2008/02/20 19:02:00 | 00,238,968 | ---- | M] (Symantec Corporation)
bigfix.exe -> C:\Program Files\BigFix\bigfix.exe -> [2007/08/16 21:17:56 | 02,342,912 | ---- | M] (BigFix Inc.)
ccsvchst.exe -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
ccsvchst.exe -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
chifuncext.exe -> C:\Windows\ChiFuncExt.exe -> [2008/02/01 14:04:50 | 00,057,344 | ---- | M] (Chicony)
cnyhkey.exe -> C:\Windows\CNYHKey.exe -> [2008/04/23 20:05:16 | 00,339,968 | ---- | M] (Creative)
flashutil9f.exe -> C:\Windows\SysWow64\Macromed\Flash\FlashUtil9f.exe -> [2008/03/24 22:32:44 | 00,218,496 | R--- | M] (Adobe Systems, Inc.)
googletoolbarnotifier.exe -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/07/16 00:39:37 | 00,068,856 | ---- | M] (Google Inc.)
googletoolbaruser_32.exe -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe -> [2009/07/16 08:37:47 | 00,277,104 | ---- | M] (Google Inc.)
ieuser.exe -> C:\Program Files (x86)\Internet Explorer\ieuser.exe -> [2008/01/20 22:50:38 | 00,299,520 | ---- | M] (Microsoft Corporation)
iexplore.exe -> C:\Program Files (x86)\Internet Explorer\iexplore.exe -> [2009/04/24 12:08:04 | 00,634,632 | ---- | M] (Microsoft Corporation)
jusched.exe -> C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe -> [2008/02/22 08:25:21 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
mhotkey.exe -> C:\Windows\MHotKey.exe -> [2008/05/30 13:50:28 | 00,581,120 | ---- | M] ()
modledkey.exe -> C:\Windows\ModLedKey.exe -> [2007/01/08 17:51:56 | 00,053,248 | ---- | M] (Chicony)
mscorsvw.exe -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/01/20 22:50:58 | 00,070,144 | ---- | M] (Microsoft Corporation)
ots.exe -> C:\Users\HOUSE\Desktop\OTS.exe -> [2009/07/19 13:10:43 | 00,514,560 | ---- | M] (OldTimer Tools)
richvideo.exe -> C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -> [2008/06/29 11:10:18 | 00,241,734 | ---- | M] ()
smartcopy.exe -> C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe -> [2008/08/11 16:57:02 | 00,319,488 | ---- | M] ()
smartlauncher.exe -> C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe -> [2008/08/11 12:20:28 | 00,335,872 | ---- | M] (North Star com.)

[Win32 Services - Safe List]
64bit-(AgereModemAudio) Agere Modem Call Progress Audio [Win32_Own | Auto | Running] -> C:\Windows\SysNative\agr64svc.exe -> [2008/07/22 22:54:06 | 00,015,872 | ---- | M] ()
64bit-(ETService) Empowering Technology Service [Win32_Own | Auto | Running] -> C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -> [2008/06/11 11:18:30 | 00,024,576 | ---- | M] ()
64bit-(ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) [Win32_Own | Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -> [2008/09/08 15:11:02 | 00,726,016 | ---- | M] ()
64bit-(nSvcIp) ForceWare IP service [Win32_Own | Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -> [2008/09/08 15:09:52 | 00,221,696 | ---- | M] ()
64bit-(WinDefend) Windows Defender [Win32_Shared | Auto | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008/01/20 22:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation)
64bit-(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/20 22:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation)
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2008/02/20 19:02:00 | 00,238,968 | ---- | M] (Symantec Corporation)
(ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
(ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Running] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/01/20 22:50:58 | 00,070,144 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [Win32_Own | On_Demand | Running] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2008/01/20 22:50:38 | 00,093,696 | ---- | M] (Microsoft Corporation)
(CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
(comHost) COM Host [Win32_Own | On_Demand | Stopped] -> c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe -> [2007/08/21 06:22:00 | 00,267,096 | ---- | M] (Symantec Corporation)
(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehRecvr.exe -> [2008/01/20 22:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2008/01/20 22:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation)
(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 11:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -> [2008/01/20 22:51:57 | 00,036,864 | ---- | M] (Microsoft Corporation)
(GameConsoleService) GameConsoleService [Win32_Own | On_Demand | Stopped] -> C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -> [2008/05/05 18:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.)
(gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/07/16 08:37:56 | 00,182,768 | ---- | M] (Google)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -> [2008/01/20 22:51:49 | 00,921,600 | ---- | M] (Microsoft Corporation)
(KeyIso) CNG Key Isolation [Win32_Shared | On_Demand | Stopped] -> C:\Windows\SysWow64\keyiso.dll -> [2006/11/02 05:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation)
(LiveUpdate) LiveUpdate [Win32_Shared | On_Demand | Stopped] -> c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -> [2008/02/20 19:02:00 | 03,220,856 | ---- | M] (Symantec Corporation)
(LiveUpdate Notice) LiveUpdate Notice [Win32_Shared | Auto | Running] -> c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/02/17 16:37:00 | 00,149,352 | ---- | M] (Symantec Corporation)
(MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> C:\Windows\SysWow64\Msdtc -> [2006/11/02 09:34:14 | 00,000,000 | ---D | M]
(Netlogon) Netlogon [Win32_Shared | On_Demand | Stopped] -> C:\Windows\SysWow64\netlogon.dll -> [2008/01/20 22:48:28 | 00,592,384 | ---- | M] (Microsoft Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 07:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 18:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(Partner Service) Partner Service [Win32_Own | On_Demand | Stopped] -> C:\ProgramData\Partner\partner.exe -> [2009/07/16 00:39:59 | 00,110,576 | ---- | M] (Google Inc.)
(RichVideo) Cyberlink RichVideo Service(CRVS) [Win32_Own | Auto | Running] -> C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -> [2008/06/29 11:10:18 | 00,241,734 | ---- | M] ()
(Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2009/01/18 06:54:04 | 01,245,064 | ---- | M] ()
(vds) Virtual Disk [Win32_Own | On_Demand | Stopped] -> C:\Windows\SysWow64\Wbem\vds.mof -> [2006/11/02 02:35:15 | 00,060,994 | ---- | M] ()
(VSS) Volume Shadow Copy [Win32_Own | On_Demand | Stopped] -> C:\Windows\SysWow64\Wbem\vss.mof -> [2006/11/02 02:35:15 | 00,055,846 | ---- | M] ()

[Driver Services - Safe List]
64bit-(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\agrsm64.sys -> [2008/07/22 22:54:33 | 01,253,376 | ---- | M] ()
64bit-(AVer88xHD) AVerMedia 23888 AvStream Video Capture [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVer88xHD64.sys -> [2007/04/10 04:51:10 | 00,432,256 | ---- | M] ()
64bit-(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -> [2008/02/01 17:50:18 | 00,019,496 | ---- | M] ()
64bit-(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2006/11/02 01:28:10 | 00,273,920 | ---- | M] ()
64bit-(nvamacpi) Nvidia Away Mode System [Kernel | Boot | Running] -> C:\Windows\SysNative\DRIVERS\NVAMACPI.sys -> [2005/08/27 13:19:21 | 00,028,192 | ---- | M] ()
64bit-(RSUSBSTOR) RTS5121.Sys Realtek USB Card Reader [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\RTS5121.sys -> [2008/06/04 02:06:54 | 00,204,288 | ---- | M] ()
64bit-(SRTSP) SRTSP [File_System | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SRTSP64.SYS -> [2008/01/30 22:51:00 | 00,440,880 | ---- | M] ()
64bit-(SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\SRTSPL64.SYS -> [2008/01/30 22:51:00 | 00,476,720 | ---- | M] ()
64bit-(SRTSPX) SRTSPX [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\SRTSPX64.SYS -> [2008/01/30 22:51:00 | 00,032,304 | ---- | M] ()
64bit-(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMDNS.SYS -> [2008/02/04 16:34:00 | 00,016,432 | ---- | M] ()
64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -> [2009/01/18 06:55:06 | 00,172,080 | ---- | M] ()
64bit-(SYMFW) SYMFW [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMFW.SYS -> [2008/02/04 16:34:00 | 00,144,944 | ---- | M] ()
64bit-(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\DRIVERS\SymIMv.sys -> [2008/02/18 22:06:00 | 00,028,720 | ---- | M] ()
64bit-(SYMNDISV) SYMNDISV [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMNDISV.SYS -> [2008/02/04 16:34:00 | 00,048,176 | ---- | M] ()
64bit-(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMREDRV.SYS -> [2008/02/04 16:34:00 | 00,028,720 | ---- | M] ()
64bit-(SYMTDI) SYMTDI [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\SYMTDI.SYS -> [2008/02/04 16:34:00 | 00,271,408 | ---- | M] ()
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -> [2008/02/12 06:00:00 | 00,486,960 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2008/02/12 06:00:00 | 00,134,704 | ---- | M] (Symantec Corporation)
(IDSvia64) Symantec Intrusion Prevention Driver [Kernel | System | Running] -> C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20080215.001\IDSviA64.sys -> [2008/02/12 21:18:00 | 00,359,472 | ---- | M] (Symantec Corporation)
(int15) int15 [Kernel | Auto | Running] -> C:\Windows\SysWOW64\drivers\int15_64.sys -> [2008/06/11 11:13:24 | 00,017,952 | ---- | M] (Acer, Inc.)
(mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> C:\Windows\SysWow64\Wbem\mpsdrv.mof -> [2006/09/18 17:35:23 | 00,001,088 | ---- | M] ()
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Symantec\Definitions\VirusDefs\20080213.036\ENG64.SYS -> [2008/02/12 06:00:00 | 00,125,488 | ---- | M] (Symantec Corporation)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Symantec\Definitions\VirusDefs\20080213.036\EX64.SYS -> [2008/02/12 06:00:00 | 01,418,288 | ---- | M] (Symantec Corporation)
(Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running] -> C:\Windows\SysWow64\Wbem\tcpip.mof -> [2006/09/18 17:36:40 | 00,003,066 | ---- | M] ()

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=lx6810-01 ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2009/07/16 08:37:06 | 00,346,736 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [Google Toolbar Notifier BHO] -> [2009/07/16 08:37:57 | 00,318,960 | ---- | M] (Google Inc.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/23 03:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll [Reg Error: Value error.] -> [2008/02/22 23:08:00 | 00,349,552 | ---- | M] (Symantec Corporation)
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files (x86)\Common Files\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/01/18 06:54:48 | 00,116,088 | ---- | M] (Symantec Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008/02/22 08:25:19 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} [HKLM] -> C:\ProgramData\Partner\partner.dll [Partner BHO Class] -> [2009/07/16 00:39:59 | 00,157,168 | ---- | M] (Google Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2008/11/18 17:47:06 | 00,408,952 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/07/16 08:37:03 | 00,256,112 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [Google Toolbar Notifier BHO] -> [2009/07/16 08:37:57 | 00,761,840 | ---- | M] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/07/16 08:36:55 | 00,458,736 | ---- | M] (Google Inc.)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2009/07/16 08:37:06 | 00,346,736 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/07/16 08:37:03 | 00,256,112 | ---- | M] (Google Inc.)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2008/02/22 23:08:00 | 00,349,552 | ---- | M] (Symantec Corporation)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
64bit-WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2009/07/16 08:37:06 | 00,346,736 | ---- | M] (Google Inc.)
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/07/16 08:37:03 | 00,256,112 | ---- | M] (Google Inc.)
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2008/02/22 23:08:00 | 00,349,552 | ---- | M] (Symantec Corporation)
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"NvCplDaemon" -> C:\Windows\SysNative\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/10/07 14:03:00 | 15,934,496 | ---- | M] ()
"NVRaidService" -> C:\Windows\SysNative\nvraidservice.exe [C:\Windows\system32\nvraidservice.exe] -> [2008/08/18 23:01:52 | 00,333,344 | ---- | M] ()
"RtHDVCpl" -> C:\Windows\RAVCpl64.exe [RAVCpl64.exe] -> [2008/09/18 07:02:14 | 06,495,264 | ---- | M] (Realtek Semiconductor)
"Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2008/09/18 07:02:52 | 01,833,504 | ---- | M] (Realtek Semiconductor Corp.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 22:47:32 | 01,584,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/01/12 02:16:38 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"ccApp" -> c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe ["c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"] -> [2008/02/17 16:37:00 | 00,051,048 | ---- | M] (Symantec Corporation)
"eRecoveryService" -> [] -> File not found
"LchDrvKey" -> C:\Windows\LchDrvKey.exe [LchDrvKey.exe] -> [2007/03/28 20:55:54 | 00,036,864 | ---- | M] ()
"LedKey" -> C:\Windows\CNYHKey.exe [CNYHKey.exe] -> [2008/04/23 20:05:16 | 00,339,968 | ---- | M] (Creative)
"osCheck" -> c:\Program Files (x86)\Norton 360\osCheck.exe ["c:\Program Files (x86)\Norton 360\osCheck.exe"] -> [2008/02/25 11:50:00 | 00,988,512 | ---- | M] (Symantec Corporation)
"P2Go_Menu" -> C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 18:11:32 | 00,210,216 | ---- | M] (CyberLink Corp.)
"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe ["C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"] -> [2008/02/22 08:25:21 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"UpdatePDRShortCut" -> C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"] -> [2008/01/04 11:02:26 | 00,222,504 | ---- | M] (CyberLink Corp.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"swg" -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/07/16 00:39:37 | 00,068,856 | ---- | M] (Google Inc.)
"WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/20 22:47:52 | 02,153,472 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoActiveDesktop"]\\"NoActiveDesktop[/URL]" -> [1] -> File not found
[URL="file://\\"NoActiveDesktopChanges"]\\"NoActiveDesktopChanges[/URL]" -> [1] -> File not found
[URL="file://\\"ForceActiveDesktopOn"]\\"ForceActiveDesktopOn[/URL]" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
[URL="file://\\"ConsentPromptBehaviorAdmin"]\\"ConsentPromptBehaviorAdmin[/URL]" -> [2] -> File not found
[URL="file://\\"ConsentPromptBehaviorUser"]\\"ConsentPromptBehaviorUser[/URL]" -> [1] -> File not found
[URL="file://\\"EnableInstallerDetection"]\\"EnableInstallerDetection[/URL]" -> [1] -> File not found
[URL="file://\\"EnableLUA"]\\"EnableLUA[/URL]" -> [1] -> File not found
[URL="file://\\"EnableSecureUIAPaths"]\\"EnableSecureUIAPaths[/URL]" -> [1] -> File not found
[URL="file://\\"EnableVirtualization"]\\"EnableVirtualization[/URL]" -> [1] -> File not found
[URL="file://\\"PromptOnSecureDesktop"]\\"PromptOnSecureDesktop[/URL]" -> [1] -> File not found
[URL="file://\\"ValidateAdminCodeSignatures"]\\"ValidateAdminCodeSignatures[/URL]" -> [0] -> File not found
[URL="file://\\"dontdisplaylastusername"]\\"dontdisplaylastusername[/URL]" -> [0] -> File not found
[URL="file://\\"legalnoticecaption"]\\"legalnoticecaption[/URL]" -> [] -> File not found
[URL="file://\\"legalnoticetext"]\\"legalnoticetext[/URL]" -> [] -> File not found
[URL="file://\\"scforceoption"]\\"scforceoption[/URL]" -> [0] -> File not found
[URL="file://\\"shutdownwithoutlogon"]\\"shutdownwithoutlogon[/URL]" -> [1] -> File not found
[URL="file://\\"undockwithoutlogon"]\\"undockwithoutlogon[/URL]" -> [1] -> File not found
[URL="file://\\"FilterAdministratorToken"]\\"FilterAdministratorToken[/URL]" -> [0] -> File not found
[URL="file://\\"EnableUIADesktopToggle"]\\"EnableUIADesktopToggle[/URL]" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2008/12/03 02:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2008/12/03 02:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/08/29 04:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/08/29 04:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/27 00:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] ->
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 10.0.0.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{9712E214-2095-4240-BE72-812D046DB980}\\DhcpNameServer -> 10.0.0.1 (NVIDIA nForce 10/100/1000 Mbps Ethernet ) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2008/10/29 02:49:22 | 03,080,704 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2008/10/29 02:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
< Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{3F8907F3-E4DE-4260-BB5F-938A3DE8E186} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
{4104AA77-862A-4930-8044-BB2521DFCFFE} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{1B42F944-37D0-4489-BD8D-B48BEA9B315D} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{275AC850-630B-4427-AF98-2C6CA28D0EB8} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
{5E7E5103-2C83-4832-BB34-45E2BFA3E760} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
{874CBC43-45DF-4CB6-A706-3036EC2A1EFA} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{E1FE8404-25BC-4E59-B8AF-A215A4B51D1F} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
{FC53E6EB-19E6-4867-BA34-8B33A3833C39} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/20 22:46:54 | 00,079,872 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->

[Registry - Additional Scans - Safe List]
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64)
{2B8AD1EE-28D4-42FF-AE4B-856E5862D583} -> ccCommon64
{399D00B8-46E3-4547-A0F5-75F58079F2CD} -> SymNet x64
{70E8EBD5-78C9-4258-B20A-5098CCA000F0} -> Dolby Control Center
{7CFA46E3-CC2F-4355-82AE-6012DC3633FD} -> NVIDIA ForceWare Network Access Manager
{90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007
{90120000-002A-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (English) 2007
{90120000-0116-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
{90B5B05F-AFDA-4922-A153-45B14200BA77} -> SPBBC 64bit
{95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting
{BD927EB7-78D3-4DC4-9325-7CBD89D8F0E5} -> GearDrvs
{D75B1A1F-BBEC-4DF2-ACE4-9B166438A621} -> Symantec Real Time Storage Protection Component (x64)
Agere Systems Soft Modem -> Agere Systems PCI-SV92PP Soft Modem
NVIDIA Drivers -> NVIDIA Drivers
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{020D8396-D6D9-4B53-A9A1-83C47E2E27AA} -> Windows Live Call
{0AAA9C97-74D4-47CE-B089-0B147EF3553C} -> Windows Live Messenger
{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8} -> Norton 360 HTMLHelp
{18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool
{21829177-4DED-4209-AD08-490B3AC9C01A} -> Norton 360
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{24DF7221-644B-4C3A-A478-459502D40522} -> Backup
{2D617065-1C52-4240-B5BC-C0AE12157777} -> Norton 360
{3248F0A8-6813-11D6-A77B-00B0D0160050} -> Java(TM) 6 Update 5
{34FF0741-EC67-4C05-AC2A-6D257123DF2E} -> BigFix
{40BF1E83-20EB-11D8-97C5-0009C5020658} -> CyberLink Power2Go
{45690715-80A6-4445-B61D-ADEC5888E8CD} -> Symantec Technical Support Controls
{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} -> Junk Mail filter update
{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4} -> Windows Live Sign-in Assistant
{55A6283C-638A-4EE0-B491-51118554BDA2} -> Norton Confidential Core
{57634571-FD82-4BEC-B822-A1ED7765474F}_is1 -> SmartLauncher

Ninapearl

{5F00DF7E-418B-4CD9-8EC5-781156BCC49E} -> Microsoft Money Shared Libraries
{63C1109E-D977-49ED-BCE3-D00D0BF187D6} -> Windows Live Mail
{67E03279-F703-408F-B4BF-46B5FC8D70CD} -> Microsoft Works
{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2} -> Windows Live Writer
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{7F811A54-5A09-4579-90E1-C93498E230D9} -> Gateway Recovery Management
{80E158EA-7181-40FE-A701-301CE6BE64AB} -> CyberLink MediaShow
{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} -> Choice Guard
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{00C5525B-3CB3-467D-8100-2E6FB306CD86} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English)
{AC76BA86-7AD7-1033-7B44-A81200000003} -> Adobe Reader 8.1.2
{B24E05CC-46FF-4787-BBB8-5CD516AFB118} -> ccCommon
{B7BD291B-D415-4484-89A4-82077504BE93}_is1 -> SmartCopy
{C59C179C-668D-49A9-B6EA-0121CCFC1243} -> CyberLink LabelPrint
{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> CyberLink PowerDirector
{D9D754A1-EAC5-406C-A28B-C49B1E846711} -> Windows Live Essentials
{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant
{E80F62FF-5D3C-4A19-8409-9721F2928206} -> LiveUpdate (Symantec Corporation)
{ED5DCA6F-5FEA-47CB-83DB-210A468C298B} -> KB0817 Keyboard Driver
{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} -> AppCore
{EFC1B3CA-9B90-458D-AD7A-A0F2CD6F4A84} -> Realtek Card Reader
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F69E83CF-B440-43F8-89E6-6EA80712109B} -> Windows Live Communications Platform
{F73A5B18-EB75-4B2C-B32D-9457576E2417} -> Windows Live Photo Gallery
{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF} -> Windows Live Sync
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
AVerMedia M791 PCIe Combo NTSC/ATSC -> AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.64.5
HijackThis -> HijackThis 2.0.2
HOMESTUDENTR -> Microsoft Office Home and Student 2007
InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} -> CyberLink Power2Go
InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD} -> NVIDIA ForceWare Network Access Manager
InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB} -> CyberLink MediaShow
InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> CyberLink PowerDirector
Money2007b -> Microsoft Money Essentials
PsuedoLiveUpdate -> LiveUpdate (Symantec Corporation)
SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777} -> Norton 360 (Symantec Corporation)
WildTangent gateway Master Uninstall -> Gateway Games
WinLiveSuite_Wave3 -> Windows Live Essentials

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\HOUSE\Desktop\OTS.exe -> [2009/07/19 13:10:29 | 00,514,560 | ---- | C] (OldTimer Tools)
Symantec -> C:\Users\HOUSE\AppData\Local\Symantec -> [2009/07/18 21:26:25 | 00,000,000 | ---D | C]
COH_Mon.sys -> C:\Windows\SysNative\drivers\COH_Mon.sys -> [2009/07/18 21:24:23 | 00,025,424 | ---- | C] ()
COH_Mon.cat -> C:\Windows\SysNative\drivers\COH_Mon.cat -> [2009/07/18 21:24:23 | 00,010,557 | ---- | C] ()
SIC 5.0 Build 1004 -> C:\Users\HOUSE\Desktop\SIC 5.0 Build 1004 -> [2009/07/18 13:01:08 | 00,000,000 | ---D | C]
hiberfil.sys -> C:\hiberfil.sys -> [2009/07/18 12:53:34 | 42,941,56287 | -HS- | C] ()
SIC 5.0 Build 1004.zip -> C:\Users\HOUSE\Desktop\SIC 5.0 Build 1004.zip -> [2009/07/18 12:46:25 | 05,877,567 | ---- | C] ()
HiJackThis -> C:\Users\HOUSE\Desktop\HiJackThis -> [2009/07/18 12:45:55 | 00,000,000 | ---D | C]
HiJackThis.zip -> C:\Users\HOUSE\Desktop\HiJackThis.zip -> [2009/07/18 12:44:43 | 00,318,381 | ---- | C] ()
d3d9caps64.dat -> C:\Users\HOUSE\AppData\Local\d3d9caps64.dat -> [2009/07/17 15:39:36 | 00,000,732 | ---- | C] ()
HijackThis.lnk -> C:\Users\HOUSE\Desktop\HijackThis.lnk -> [2009/07/17 15:23:08 | 00,001,930 | ---- | C] ()
Trend Micro -> C:\Program Files (x86)\Trend Micro -> [2009/07/17 15:23:07 | 00,000,000 | ---D | C]
HJTInstall.exe -> C:\Users\HOUSE\Desktop\HJTInstall.exe -> [2009/07/17 15:22:48 | 00,812,344 | ---- | C] (Trend Micro Inc.)
EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2009/07/17 12:30:01 | 00,558,592 | ---- | C] ()
EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2009/07/17 12:30:01 | 00,428,544 | ---- | C] (Microsoft Corporation)
psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2009/07/17 12:30:01 | 00,217,088 | ---- | C] (Microsoft Corporation)
psisdecd.dll -> C:\Windows\SysWow64\psisdecd.dll -> [2009/07/17 12:30:00 | 00,293,376 | ---- | C] (Microsoft Corporation)
psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2009/07/17 12:30:00 | 00,289,792 | ---- | C] ()
psisdecd.dll -> C:\Windows\SysNative\psisdecd.dll -> [2009/07/17 12:29:58 | 00,375,808 | ---- | C] ()
mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2009/07/17 12:29:58 | 00,227,328 | ---- | C] ()
mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2009/07/17 12:29:58 | 00,177,664 | ---- | C] (Microsoft Corporation)
MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2009/07/17 12:29:58 | 00,101,376 | ---- | C] ()
MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2009/07/17 12:29:58 | 00,080,896 | ---- | C] (Microsoft Corporation)
Document.rtf -> C:\Users\HOUSE\Documents\Document.rtf -> [2009/07/16 14:51:20 | 00,000,180 | ---- | C] ()
Macromedia -> C:\Users\HOUSE\AppData\Roaming\Macromedia -> [2009/07/16 09:53:19 | 00,000,000 | ---D | C]
srv.sys -> C:\Windows\SysNative\drivers\srv.sys -> [2009/07/16 08:44:46 | 00,451,584 | ---- | C] ()
localspl.dll -> C:\Windows\SysNative\localspl.dll -> [2009/07/16 08:44:19 | 00,791,552 | ---- | C] ()
localspl.dll -> C:\Windows\SysWow64\localspl.dll -> [2009/07/16 08:44:19 | 00,636,928 | ---- | C] (Microsoft Corporation)
rpcrt4.dll -> C:\Windows\SysNative\rpcrt4.dll -> [2009/07/16 08:44:13 | 01,280,512 | ---- | C] ()
rpcrt4.dll -> C:\Windows\SysWow64\rpcrt4.dll -> [2009/07/16 08:44:13 | 00,677,376 | ---- | C] (Microsoft Corporation)
winhttp.dll -> C:\Windows\SysNative\winhttp.dll -> [2009/07/16 08:44:05 | 00,439,808 | ---- | C] ()
winhttp.dll -> C:\Windows\SysWow64\winhttp.dll -> [2009/07/16 08:44:05 | 00,376,832 | ---- | C] (Microsoft Corporation)
schannel.dll -> C:\Windows\SysWow64\schannel.dll -> [2009/07/16 08:44:05 | 00,268,288 | ---- | C] (Microsoft Corporation)
schannel.dll -> C:\Windows\SysNative\schannel.dll -> [2009/07/16 08:44:04 | 00,334,336 | ---- | C] ()
lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2009/07/16 08:44:03 | 01,691,648 | ---- | C] ()
kernel32.dll -> C:\Windows\SysNative\kernel32.dll -> [2009/07/16 08:44:03 | 01,208,832 | ---- | C] ()
kernel32.dll -> C:\Windows\SysWow64\kernel32.dll -> [2009/07/16 08:44:02 | 00,855,552 | ---- | C] (Microsoft Corporation)
secur32.dll -> C:\Windows\SysNative\secur32.dll -> [2009/07/16 08:44:02 | 00,094,720 | ---- | C] ()
secur32.dll -> C:\Windows\SysWow64\secur32.dll -> [2009/07/16 08:44:02 | 00,076,800 | ---- | C] (Microsoft Corporation)
amxread.dll -> C:\Windows\SysNative\amxread.dll -> [2009/07/16 08:44:02 | 00,025,600 | ---- | C] ()
amxread.dll -> C:\Windows\SysWow64\amxread.dll -> [2009/07/16 08:44:02 | 00,024,064 | ---- | C] (Microsoft Corporation)
apilogen.dll -> C:\Windows\SysNative\apilogen.dll -> [2009/07/16 08:44:02 | 00,015,872 | ---- | C] ()
apilogen.dll -> C:\Windows\SysWow64\apilogen.dll -> [2009/07/16 08:44:02 | 00,013,824 | ---- | C] (Microsoft Corporation)
PortableDeviceApi.dll -> C:\Windows\SysNative\PortableDeviceApi.dll -> [2009/07/16 08:43:46 | 00,324,608 | ---- | C] ()
PortableDeviceApi.dll -> C:\Windows\SysWow64\PortableDeviceApi.dll -> [2009/07/16 08:43:46 | 00,241,152 | ---- | C] (Microsoft Corporation)
win32k.sys -> C:\Windows\SysNative\win32k.sys -> [2009/07/16 08:43:45 | 02,742,272 | ---- | C] ()
printfilterpipelinesvc.exe -> C:\Windows\SysNative\printfilterpipelinesvc.exe -> [2009/07/16 08:43:43 | 01,030,656 | ---- | C] ()
ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2009/07/16 08:43:42 | 04,692,448 | ---- | C] ()
rpcss.dll -> C:\Windows\SysNative\rpcss.dll -> [2009/07/16 08:43:42 | 00,718,336 | ---- | C] ()
sdohlp.dll -> C:\Windows\SysNative\sdohlp.dll -> [2009/07/16 08:43:41 | 00,231,424 | ---- | C] ()
sdohlp.dll -> C:\Windows\SysWow64\sdohlp.dll -> [2009/07/16 08:43:41 | 00,183,296 | ---- | C] (Microsoft Corporation)
iasrecst.dll -> C:\Windows\SysNative\iasrecst.dll -> [2009/07/16 08:43:41 | 00,163,840 | ---- | C] ()
iasrecst.dll -> C:\Windows\SysWow64\iasrecst.dll -> [2009/07/16 08:43:41 | 00,098,304 | ---- | C] (Microsoft Corporation)
iasads.dll -> C:\Windows\SysNative\iasads.dll -> [2009/07/16 08:43:41 | 00,075,776 | ---- | C] ()
iasdatastore.dll -> C:\Windows\SysNative\iasdatastore.dll -> [2009/07/16 08:43:41 | 00,061,440 | ---- | C] ()
iasads.dll -> C:\Windows\SysWow64\iasads.dll -> [2009/07/16 08:43:41 | 00,054,784 | ---- | C] (Microsoft Corporation)
iasdatastore.dll -> C:\Windows\SysWow64\iasdatastore.dll -> [2009/07/16 08:43:41 | 00,044,032 | ---- | C] (Microsoft Corporation)
printfilterpipelineprxy.dll -> C:\Windows\SysNative\printfilterpipelineprxy.dll -> [2009/07/16 08:43:41 | 00,036,352 | ---- | C] ()
iashost.exe -> C:\Windows\SysNative\iashost.exe -> [2009/07/16 08:43:41 | 00,024,576 | ---- | C] ()
iashost.exe -> C:\Windows\SysWow64\iashost.exe -> [2009/07/16 08:43:41 | 00,017,408 | ---- | C] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2009/07/16 08:43:17 | 03,080,704 | ---- | C] (Microsoft Corporation)
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/07/16 08:43:17 | 02,927,104 | ---- | C] (Microsoft Corporation)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2009/07/16 08:43:15 | 00,366,080 | ---- | C] ()
t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2009/07/16 08:43:15 | 00,189,440 | ---- | C] ()
t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2009/07/16 08:43:15 | 00,156,672 | ---- | C] (Microsoft Corporation)
fontsub.dll -> C:\Windows\SysNative\fontsub.dll -> [2009/07/16 08:43:15 | 00,096,256 | ---- | C] ()
fontsub.dll -> C:\Windows\SysWow64\fontsub.dll -> [2009/07/16 08:43:15 | 00,072,704 | ---- | C] (Microsoft Corporation)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2009/07/16 08:43:15 | 00,048,128 | ---- | C] ()
dciman32.dll -> C:\Windows\SysWow64\dciman32.dll -> [2009/07/16 08:43:15 | 00,010,240 | ---- | C] (Microsoft Corporation)
mshtml.dll -> C:\Windows\SysNative\mshtml.dll -> [2009/07/16 08:41:54 | 05,682,688 | ---- | C] ()
ieframe.dll -> C:\Windows\SysNative\ieframe.dll -> [2009/07/16 08:41:53 | 07,004,672 | ---- | C] ()
mshtml.dll -> C:\Windows\SysWow64\mshtml.dll -> [2009/07/16 08:41:53 | 03,581,952 | ---- | C] (Microsoft Corporation)
urlmon.dll -> C:\Windows\SysNative\urlmon.dll -> [2009/07/16 08:41:52 | 01,418,752 | ---- | C] ()
ieframe.dll -> C:\Windows\SysWow64\ieframe.dll -> [2009/07/16 08:41:51 | 06,069,248 | ---- | C] (Microsoft Corporation)
urlmon.dll -> C:\Windows\SysWow64\urlmon.dll -> [2009/07/16 08:41:50 | 01,166,336 | ---- | C] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2009/07/16 08:41:50 | 01,014,272 | ---- | C] ()
wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2009/07/16 08:41:50 | 00,827,904 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2009/07/16 08:41:50 | 00,580,608 | ---- | C] ()
iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2009/07/16 08:41:50 | 00,480,256 | ---- | C] ()
iertutil.dll -> C:\Windows\SysWow64\iertutil.dll -> [2009/07/16 08:41:50 | 00,270,848 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysNative\html.iec -> [2009/07/16 08:41:49 | 00,485,376 | ---- | C] ()
msfeeds.dll -> C:\Windows\SysWow64\msfeeds.dll -> [2009/07/16 08:41:49 | 00,458,240 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysWow64\html.iec -> [2009/07/16 08:41:49 | 00,389,632 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2009/07/16 08:41:49 | 00,389,120 | ---- | C] (Microsoft Corporation)
iertutil.dll -> C:\Windows\SysNative\iertutil.dll -> [2009/07/16 08:41:49 | 00,375,296 | ---- | C] ()
ieaksie.dll -> C:\Windows\SysNative\ieaksie.dll -> [2009/07/16 08:41:49 | 00,267,776 | ---- | C] ()
ieaksie.dll -> C:\Windows\SysWow64\ieaksie.dll -> [2009/07/16 08:41:49 | 00,230,400 | ---- | C] (Microsoft Corporation)
occache.dll -> C:\Windows\SysNative\occache.dll -> [2009/07/16 08:41:49 | 00,165,376 | ---- | C] ()
occache.dll -> C:\Windows\SysWow64\occache.dll -> [2009/07/16 08:41:49 | 00,102,912 | ---- | C] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\SysNative\ieUnatt.exe -> [2009/07/16 08:41:49 | 00,032,768 | ---- | C] ()
ieUnatt.exe -> C:\Windows\SysWow64\ieUnatt.exe -> [2009/07/16 08:41:49 | 00,026,624 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2009/07/16 08:41:48 | 01,129,984 | ---- | C] ()
mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2009/07/16 08:41:48 | 00,671,232 | ---- | C] (Microsoft Corporation)
ieencode.dll -> C:\Windows\SysNative\ieencode.dll -> [2009/07/16 08:41:48 | 00,086,528 | ---- | C] ()
ieencode.dll -> C:\Windows\SysWow64\ieencode.dll -> [2009/07/16 08:41:48 | 00,078,336 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2009/07/16 08:41:48 | 00,032,256 | ---- | C] ()
jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2009/07/16 08:41:48 | 00,028,160 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\SysWow64\mshtml.tlb -> [2009/07/16 08:41:47 | 01,383,424 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\SysNative\mshtml.tlb -> [2009/07/16 08:41:47 | 01,383,424 | ---- | C] ()
msdtcprx.dll -> C:\Windows\SysNative\msdtcprx.dll -> [2009/07/16 08:41:11 | 00,730,112 | ---- | C] ()
msdtcprx.dll -> C:\Windows\SysWow64\msdtcprx.dll -> [2009/07/16 08:41:11 | 00,562,176 | ---- | C] (Microsoft Corporation)
Faultrep.dll -> C:\Windows\SysNative\Faultrep.dll -> [2009/07/16 08:41:11 | 00,176,640 | ---- | C] ()
xolehlp.dll -> C:\Windows\SysNative\xolehlp.dll -> [2009/07/16 08:41:11 | 00,048,640 | ---- | C] ()
xolehlp.dll -> C:\Windows\SysWow64\xolehlp.dll -> [2009/07/16 08:41:11 | 00,038,912 | ---- | C] (Microsoft Corporation)
Faultrep.dll -> C:\Windows\SysWow64\Faultrep.dll -> [2009/07/16 08:41:10 | 00,147,456 | ---- | C] (Microsoft Corporation)
wersvc.dll -> C:\Windows\SysNative\wersvc.dll -> [2009/07/16 08:41:10 | 00,120,832 | ---- | C] ()
Google -> C:\Program Files\Google -> [2009/07/16 08:37:57 | 00,000,000 | ---D | C]
Adobe -> C:\Users\HOUSE\AppData\Roaming\Adobe -> [2009/07/16 08:36:48 | 00,000,000 | ---D | C]
Google -> C:\Users\HOUSE\AppData\Roaming\Google -> [2009/07/16 08:36:38 | 00,000,000 | ---D | C]
Google -> C:\Users\HOUSE\AppData\Local\Google -> [2009/07/16 08:36:38 | 00,000,000 | ---D | C]
wuaueng.dll -> C:\Windows\SysNative\wuaueng.dll -> [2009/07/16 04:40:00 | 02,289,688 | ---- | C] ()
wucltux.dll -> C:\Windows\SysNative\wucltux.dll -> [2009/07/16 04:40:00 | 01,717,248 | ---- | C] ()
wuauclt.exe -> C:\Windows\SysNative\wuauclt.exe -> [2009/07/16 04:40:00 | 00,054,296 | ---- | C] ()
wups2.dll -> C:\Windows\SysNative\wups2.dll -> [2009/07/16 04:40:00 | 00,043,032 | ---- | C] ()
wuapi.dll -> C:\Windows\SysNative\wuapi.dll -> [2009/07/16 04:39:52 | 00,685,592 | ---- | C] ()
wuapi.dll -> C:\Windows\SysWow64\wuapi.dll -> [2009/07/16 04:39:52 | 00,561,688 | ---- | C] (Microsoft Corporation)
wudriver.dll -> C:\Windows\SysNative\wudriver.dll -> [2009/07/16 04:39:52 | 00,093,184 | ---- | C] ()
wudriver.dll -> C:\Windows\SysWow64\wudriver.dll -> [2009/07/16 04:39:52 | 00,083,456 | ---- | C] (Microsoft Corporation)
wups.dll -> C:\Windows\SysNative\wups.dll -> [2009/07/16 04:39:52 | 00,035,352 | ---- | C] ()
wups.dll -> C:\Windows\SysWow64\wups.dll -> [2009/07/16 04:39:52 | 00,034,328 | ---- | C] (Microsoft Corporation)
wuwebv.dll -> C:\Windows\SysNative\wuwebv.dll -> [2009/07/16 04:39:48 | 00,175,376 | ---- | C] ()
wuwebv.dll -> C:\Windows\SysWow64\wuwebv.dll -> [2009/07/16 04:39:48 | 00,162,064 | ---- | C] (Microsoft Corporation)
wuapp.exe -> C:\Windows\SysNative\wuapp.exe -> [2009/07/16 04:39:48 | 00,033,792 | ---- | C] ()
wuapp.exe -> C:\Windows\SysWow64\wuapp.exe -> [2009/07/16 04:39:48 | 00,031,232 | ---- | C] (Microsoft Corporation)
SmartLauncher.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartLauncher.lnk -> [2009/07/16 04:32:11 | 00,000,966 | ---- | C] ()
Northstar -> C:\Program Files (x86)\Northstar -> [2009/07/16 04:32:11 | 00,000,000 | ---D | C]
USBMediaReaderPatch.vbs -> C:\Windows\SysNative\USBMediaReaderPatch.vbs -> [2009/07/16 04:31:49 | 00,003,432 | ---- | C] ()
mHotkey.exe -> C:\Windows\mHotkey.exe -> [2009/07/16 04:31:28 | 00,581,120 | ---- | C] ()
CNYHKey.exe -> C:\Windows\CNYHKey.exe -> [2009/07/16 04:31:28 | 00,339,968 | ---- | C] (Creative)
PIC.dll -> C:\Windows\PIC.dll -> [2009/07/16 04:31:28 | 00,294,912 | ---- | C] ()
ChiFuncExt.exe -> C:\Windows\ChiFuncExt.exe -> [2009/07/16 04:31:28 | 00,057,344 | ---- | C] (Chicony)
ModLEDKey.exe -> C:\Windows\ModLEDKey.exe -> [2009/07/16 04:31:28 | 00,053,248 | ---- | C] (Chicony)
LchDrvKey.exe -> C:\Windows\LchDrvKey.exe -> [2009/07/16 04:31:28 | 00,036,864 | ---- | C] ()
MODLED.xml -> C:\Windows\MODLED.xml -> [2009/07/16 04:31:28 | 00,003,088 | ---- | C] ()
mHotkey.xml -> C:\Windows\mHotkey.xml -> [2009/07/16 04:31:28 | 00,003,084 | ---- | C] ()
mhotkey_reg.ini -> C:\Windows\mhotkey_reg.ini -> [2009/07/16 04:31:28 | 00,000,870 | ---- | C] ()
Msft_User_WpdFs_01_00_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [2009/07/16 04:29:46 | 00,000,000 | -H-- | C] ()
SoftwareDistribution -> C:\Windows\SoftwareDistribution -> [2009/07/16 04:28:15 | 00,000,000 | ---D | C]
System Volume Information -> C:\System Volume Information -> [2009/07/16 04:24:55 | 00,000,000 | -HSD | C]
Gateway_LX6810-01__PTG590X001909117E82700.MRK -> C:\Windows\SysNative\drivers\Gateway_LX6810-01__PTG590X001909117E82700.MRK -> [2009/07/16 00:55:47 | 00,000,000 | ---- | C] ()
CyberLink -> C:\ProgramData\CyberLink -> [2009/07/16 00:55:32 | 00,000,000 | ---D | C]
CyberLink -> C:\Users\HOUSE\AppData\Roaming\CyberLink -> [2009/07/16 00:54:31 | 00,000,000 | ---D | C]
Cyberlink -> C:\Users\HOUSE\AppData\Local\Cyberlink -> [2009/07/16 00:54:31 | 00,000,000 | ---D | C]
INT15_64.dll -> C:\Windows\SysNative\INT15_64.dll -> [2009/07/16 00:45:08 | 00,585,216 | ---- | C] ()
int15_64.sys -> C:\Windows\SysNative\drivers\int15_64.sys -> [2009/07/16 00:45:08 | 00,017,952 | ---- | C] ()
LogConfigTemp.xml -> C:\Windows\SysNative\LogConfigTemp.xml -> [2009/07/16 00:45:08 | 00,000,000 | ---- | C] ()
GATEWAY -> C:\Program Files\GATEWAY -> [2009/07/16 00:44:38 | 00,000,000 | ---D | C]
SmartCopy.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartCopy.lnk -> [2009/07/16 00:44:01 | 00,000,926 | ---- | C] ()
Rcc.lnk -> C:\Users\Public\Desktop\Rcc.lnk -> [2009/07/16 00:42:21 | 00,001,816 | ---- | C] ()
RTS5121icon.dll -> C:\Windows\SysNative\RTS5121icon.dll -> [2009/07/16 00:42:12 | 06,172,160 | ---- | C] ()
rts5121.dll -> C:\Windows\SysNative\rts5121.dll -> [2009/07/16 00:42:12 | 00,349,184 | ---- | C] ()
RTS5121.sys -> C:\Windows\SysNative\drivers\RTS5121.sys -> [2009/07/16 00:42:12 | 00,204,288 | ---- | C] ()
InstallShield -> C:\Users\HOUSE\AppData\Roaming\InstallShield -> [2009/07/16 00:42:11 | 00,000,000 | ---D | C]
GDIPFONTCACHEV1.DAT -> C:\Users\HOUSE\AppData\Local\GDIPFONTCACHEV1.DAT -> [2009/07/16 00:42:02 | 00,075,280 | ---- | C] ()
Symantec -> C:\Users\HOUSE\AppData\Roaming\Symantec -> [2009/07/16 00:41:53 | 00,000,000 | ---D | C]
Searches -> C:\Users\HOUSE\Searches -> [2009/07/16 00:41:41 | 00,000,000 | R--D | C]
Identities -> C:\Users\HOUSE\AppData\Roaming\Identities -> [2009/07/16 00:41:35 | 00,000,000 | ---D | C]
Contacts -> C:\Users\HOUSE\Contacts -> [2009/07/16 00:41:32 | 00,000,000 | R--D | C]
Application Data -> C:\ProgramData\Application Data -> [2009/07/16 00:40:27 | 00,000,000 | ---D | C]
Partner -> C:\ProgramData\Partner -> [2009/07/16 00:39:59 | 00,000,000 | ---D | C]
eBay.lnk -> C:\Users\Public\Desktop\eBay.lnk -> [2009/07/16 00:39:54 | 00,001,527 | ---- | C] ()
eBay -> C:\Program Files\eBay -> [2009/07/16 00:39:54 | 00,000,000 | ---D | C]
Google -> C:\ProgramData\Google -> [2009/07/16 00:39:37 | 00,000,000 | ---D | C]
Google -> C:\Program Files (x86)\Google -> [2009/07/16 00:39:35 | 00,000,000 | ---D | C]
VirtualStore -> C:\Users\HOUSE\AppData\Local\VirtualStore -> [2009/07/16 00:39:13 | 00,000,000 | ---D | C]
NVIDIA -> C:\ProgramData\NVIDIA -> [2009/07/16 00:39:13 | 00,000,000 | ---D | C]
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2009/07/16 00:39:11 | 00,524,288 | -HS- | C] ()
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2009/07/16 00:39:11 | 00,524,288 | -HS- | C] ()
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2009/07/16 00:39:11 | 00,065,536 | -HS- | C] ()
ntuser.ini -> C:\Users\HOUSE\ntuser.ini -> [2009/07/16 00:39:11 | 00,000,020 | -HS- | C] ()
Temporary Internet Files -> C:\Users\HOUSE\AppData\Local\Temporary Internet Files -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Templates -> C:\Users\HOUSE\Templates -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Start Menu -> C:\Users\HOUSE\Start Menu -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
SendTo -> C:\Users\HOUSE\SendTo -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Recent -> C:\Users\HOUSE\Recent -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
PrintHood -> C:\Users\HOUSE\PrintHood -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
NetHood -> C:\Users\HOUSE\NetHood -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
My Videos -> C:\Users\HOUSE\Documents\My Videos -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
My Pictures -> C:\Users\HOUSE\Documents\My Pictures -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
My Music -> C:\Users\HOUSE\Documents\My Music -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
My Documents -> C:\Users\HOUSE\My Documents -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Local Settings -> C:\Users\HOUSE\Local Settings -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
History -> C:\Users\HOUSE\AppData\Local\History -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Cookies -> C:\Users\HOUSE\Cookies -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Application Data -> C:\Users\HOUSE\Application Data -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
Application Data -> C:\Users\HOUSE\AppData\Local\Application Data -> [2009/07/16 00:39:11 | 00,000,000 | -HSD | C]
NTUSER.DAT -> C:\Users\HOUSE\NTUSER.DAT -> [2009/07/16 00:39:10 | 01,048,576 | -HS- | C] ()
Microsoft -> C:\Users\HOUSE\AppData\Roaming\Microsoft -> [2009/07/16 00:39:10 | 00,000,000 | --SD | C]
Videos -> C:\Users\HOUSE\Videos -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Saved Games -> C:\Users\HOUSE\Saved Games -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Pictures -> C:\Users\HOUSE\Pictures -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Music -> C:\Users\HOUSE\Music -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Links -> C:\Users\HOUSE\Links -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Favorites -> C:\Users\HOUSE\Favorites -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Downloads -> C:\Users\HOUSE\Downloads -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Documents -> C:\Users\HOUSE\Documents -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
Desktop -> C:\Users\HOUSE\Desktop -> [2009/07/16 00:39:10 | 00,000,000 | R--D | C]
AppData -> C:\Users\HOUSE\AppData -> [2009/07/16 00:39:10 | 00,000,000 | -H-D | C]
Temp -> C:\Users\HOUSE\AppData\Local\Temp -> [2009/07/16 00:39:10 | 00,000,000 | ---D | C]
Microsoft -> C:\Users\HOUSE\AppData\Local\Microsoft -> [2009/07/16 00:39:10 | 00,000,000 | ---D | C]
Media Center Programs -> C:\Users\HOUSE\AppData\Roaming\Media Center Programs -> [2009/07/16 00:39:10 | 00,000,000 | ---D | C]
tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 22:50:05 | 00,060,124 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2008/01/20 22:49:49 | 00,368,640 | ---- | C] ()
system.ini -> C:\Windows\system.ini -> [2006/11/02 08:34:27 | 00,000,219 | ---- | C] ()
win.ini -> C:\Windows\win.ini -> [2006/11/02 08:34:27 | 00,000,169 | ---- | C] ()

[Files/Folders - Modified Within 30 Days]
9 C:\Users\HOUSE\AppData\Local\Temp\*.tmp files -> C:\Users\HOUSE\AppData\Local\Temp\*.tmp ->
1 C:\Users\HOUSE\AppData\Local\Temp\Low\Google Toolbar\*.tmp files -> C:\Users\HOUSE\AppData\Local\Temp\Low\Google Toolbar\*.tmp ->
PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [2009/07/19 13:14:03 | 00,014,200 | ---- | M] ()
PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [2009/07/19 13:14:03 | 00,004,968 | ---- | M] ()
PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [2009/07/19 13:14:03 | 00,000,276 | ---- | M] ()
PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [2009/07/19 13:14:03 | 00,000,072 | ---- | M] ()
PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [2009/07/19 13:14:03 | 00,000,000 | ---- | M] ()
PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [2009/07/19 13:14:03 | 00,000,000 | ---- | M] ()
NTUSER.DAT -> C:\Users\HOUSE\NTUSER.DAT -> [2009/07/19 13:10:49 | 01,048,576 | -HS- | M] ()
OTS.exe -> C:\Users\HOUSE\Desktop\OTS.exe -> [2009/07/19 13:10:43 | 00,514,560 | ---- | M] (OldTimer Tools)
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2009/07/19 13:03:48 | 00,690,960 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2009/07/19 13:03:48 | 00,595,446 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2009/07/19 13:03:48 | 00,101,144 | ---- | M] ()
LogConfigTemp.xml -> C:\Windows\SysNative\LogConfigTemp.xml -> [2009/07/19 12:58:53 | 00,000,000 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/07/19 12:58:36 | 00,004,784 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/07/19 12:58:36 | 00,004,784 | -H-- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/07/19 12:58:34 | 00,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/19 12:58:33 | 00,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2009/07/19 12:58:29 | 42,941,56287 | -HS- | M] ()
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2009/07/18 12:51:41 | 00,524,288 | -HS- | M] ()
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2009/07/18 12:51:41 | 00,065,536 | -HS- | M] ()
SIC 5.0 Build 1004.zip -> C:\Users\HOUSE\Desktop\SIC 5.0 Build 1004.zip -> [2009/07/18 12:46:25 | 05,877,567 | ---- | M] ()
qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [2009/07/18 12:44:51 | 04,194,304 | ---- | M] ()
qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [2009/07/18 12:44:51 | 04,194,304 | ---- | M] ()
HiJackThis.zip -> C:\Users\HOUSE\Desktop\HiJackThis.zip -> [2009/07/18 12:44:46 | 00,318,381 | ---- | M] ()
d3d9caps64.dat -> C:\Users\HOUSE\AppData\Local\d3d9caps64.dat -> [2009/07/17 15:39:36 | 00,000,732 | ---- | M] ()
HijackThis.lnk -> C:\Users\HOUSE\Desktop\HijackThis.lnk -> [2009/07/17 15:23:08 | 00,001,930 | ---- | M] ()
HJTInstall.exe -> C:\Users\HOUSE\Desktop\HJTInstall.exe -> [2009/07/17 15:23:00 | 00,812,344 | ---- | M] (Trend Micro Inc.)
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2009/07/17 15:20:31 | 00,306,248 | ---- | M] ()
Document.rtf -> C:\Users\HOUSE\Documents\Document.rtf -> [2009/07/16 14:51:20 | 00,000,180 | ---- | M] ()
gtb1F.tmp.exe -> C:\Users\HOUSE\AppData\Local\Temp\Low\Google Toolbar\gtb1F.tmp.exe -> [2009/07/16 08:36:48 | 00,471,664 | ---- | M] (Google Inc.)
symlcsv1.exe -> C:\Users\HOUSE\AppData\Local\Temp\symlcsv1.exe -> [2009/07/16 04:40:14 | 00,058,760 | ---- | M] ()
license.rtf -> C:\Windows\SysNative\license.rtf -> [2009/07/16 04:34:35 | 00,047,092 | ---- | M] ()
SmartLauncher.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartLauncher.lnk -> [2009/07/16 04:32:11 | 00,000,966 | ---- | M] ()
Msft_User_WpdFs_01_00_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [2009/07/16 04:29:46 | 00,000,000 | -H-- | M] ()
NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\HOUSE\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2009/07/16 00:56:21 | 00,524,288 | -HS- | M] ()
Gateway_LX6810-01__PTG590X001909117E82700.MRK -> C:\Windows\SysNative\drivers\Gateway_LX6810-01__PTG590X001909117E82700.MRK -> [2009/07/16 00:55:47 | 00,000,000 | ---- | M] ()
SmartCopy.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartCopy.lnk -> [2009/07/16 00:44:01 | 00,000,926 | ---- | M] ()
Rcc.lnk -> C:\Users\Public\Desktop\Rcc.lnk -> [2009/07/16 00:42:21 | 00,001,816 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\HOUSE\AppData\Local\GDIPFONTCACHEV1.DAT -> [2009/07/16 00:42:02 | 00,075,280 | ---- | M] ()
eBay.lnk -> C:\Users\Public\Desktop\eBay.lnk -> [2009/07/16 00:39:54 | 00,001,527 | ---- | M] ()
ntuser.ini -> C:\Users\HOUSE\ntuser.ini -> [2009/07/16 00:39:11 | 00,000,020 | -HS- | M] ()
HOUSE.dat -> C:\ProgramData\Microsoft\User Account Pictures\HOUSE.dat -> [2009/07/16 00:39:11 | 00,000,000 | ---- | M] ()
nvuninst.exe -> C:\Windows\Temp\{65890A5A-344F-426D-8FE4-26C73ECF86DC}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst.exe -> [2008/10/02 13:08:02 | 00,501,280 | ---- | M] (NVIDIA Corporation)
< End of report >
[/code]

Katana

Ninapearl wrote:

gateway said that they send a disk out for me and if this dont workthen my computer will be sent for fixing i hope i get it up and working soon

There is nothing showing in your log, I suggest that you wait for the disc from Gateway and see if that solves the issue.

Ninapearl

thanks a bunch katana! hope to see if the disk will fix the issue!