Clock changes to 24 hour mode upon reboot, among other things.

2 posters

GeekPolice :: GeekPolice tech support archive :: Technical Support

Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 1:06 am

I've noticed that everytime I reboot my laptop the clock changes to 24 hours. I'm running Windows Vista, SP1.

Also, upon reboot I get the following message that pops up - "The TOSHIBA Service Station application could not initialize. Try to reboot or reinstall the application."

Here's the HijackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:19 PM, on 8/17/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe
C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\IEUser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.1303.0\msneshellx.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.1303.0\msneshellx.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll
O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hide
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM
O4 - HKLM\..\Run: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')
O4 - Global Startup: Amazon Unbox.lnk = ?
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O15 - Trusted Zone: http://*.hp.com (HKLM)
O16 - DPF: PackageCab - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {0BCADE60-1E93-11D8-ABDA-0004759647B3} (FastBid1 Class) - http://www.bxwa.com/fastbid/fastbidx1.cab
O16 - DPF: {32322460-3E7D-11D7-ABD8-0001029A9BA6} (FastBid Class) - http://www.bxwa.com/fastbid/fastbidx_plugin.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: HPDCS - {BA135F49-A12C-4E26-A2C4-6EA945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll
O18 - Protocol: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Xobni\Skype4Com.dll
O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9fcee80d3f400) (gupdate1c9fcee80d3f400) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15478 bytes

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:04 am

Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:

Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
If you have already asked for help somewhere, please post the link to the topic you were helped.
We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

Reply to this topic with the word BUMP, or
see this topic.
Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Clock changes to 24 hour mode upon reboot, among other things. Bf_new

Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Copy and paste the entire report in your next reply.

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 4:01 pm

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4445

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

8/18/2010 09:00:19
mbam-log-2010-08-18 (09-00-19).txt

Scan type: Quick scan
Objects scanned: 157436
Time elapsed: 11 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 35
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:21 pm

Scan with Malwarebytes' Anti-Malware

Please re-open Malwarebytes' Anti-Malware, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.

Download LockSearch to your desktop

A window will pop up, Press 2 and then Enter. A scan will start, let it run uninterrupted. It should only take a few minutes.
A log will appear when it is finished, it will also be saved in the same location as LockSearch, which should be on your desktop. Post the contents of the log in your reply

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:56 pm

I already updated it prior to the last scan.

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 7:03 pm

Ok. That's fine. As long as you check for updates, you will know you are up to date.

Please continue.

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 7:14 pm

Re: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 9:05 pm

Please run the F-Secure Online Scanner

Follow the Instruction Here for installation.
Accept the License Agreement.
Once the ActiveX installs,Click Full System Scan
Once the download completes,the scan will begin automatically.
The scan will take some time to finish,so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.
Click the Show Report button and Copy&Paste the entire report in your next reply.

Re: Clock changes to 24 hour mode upon reboot, among other things.25th August 2010, 6:10 am

The scan literally ran all day and didn't finish. Got anything else?

Re: Clock changes to 24 hour mode upon reboot, among other things.25th August 2010, 9:27 am

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Re: Clock changes to 24 hour mode upon reboot, among other things.31st August 2010, 9:26 pm

I ran the scan...finally... it produced no report, however, And no infected files.

Re: Clock changes to 24 hour mode upon reboot, among other things.1st September 2010, 10:04 pm

Now, for the 24 hour mode problem with the clock...what steps have you taken to attempt to resolve it, if any?

Re: Clock changes to 24 hour mode upon reboot, among other things.2nd September 2010, 4:26 pm

Well, i've gone through Control Panel > Date and Time Settings and re-set it. But it's only good until I re-boot my computer. Then the clock sets back to 24 hour.

Re: Clock changes to 24 hour mode upon reboot, among other things.4th September 2010, 4:40 am

Please open Notepad and enter in the following:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\International]
"iTime"="0"
"sShortTime"="h:mm tt"
"sTimeFormat"="h:mm:ss tt"

Then, click File > Save as...
Save as fixtime.reg to your Desktop.
Choose Save as type... All Files.
Click Save.

Then, exit Notepad.

Double-click on fixtime.reg, and confirm prompts.

Reboot your computer and see if this helps.

Re: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 2:02 am

Seems to have done the trick.

Now how about my CD/DVD player? It's not functioning or showing up in my drives list.

Re: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 3:28 am

DxDiag

Click Start and then click Run.
Type dxdiag in the Open box, and then click OK.
Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.

Re: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 4:00 am

------------------
System Information
------------------
Time of this report: 9/6/2010, 20:58:49
Machine name: OWNER-PC
Operating System: Windows Vista™ Home Premium (6.0, Build 6001) Service Pack 1 (6001.vistasp1_gdr.090805-0102)
Language: English (Regional Setting: English)
System Manufacturer: TOSHIBA
System Model: Satellite E105
BIOS: InsydeH2O Version 1.10
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz (2 CPUs), ~2.3GHz
Memory: 3964MB RAM
Page File: 2337MB used, 5777MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 10
DX Setup Parameters: Not found
DxDiag Version: 6.00.6001.18000 32bit Unicode

------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Sound Tab 3: No problems found.
Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: Mobile Intel(R) 4 Series Express Chipset Family
Manufacturer: Intel Corporation
Chip type: Mobile Intel(R) 4 Series Express Chipset Family
DAC type: Internal
Device Key: Enum\PCI\VEN_8086&DEV_2A42&SUBSYS_FF1E1179&REV_07
Display Memory: 1759 MB
Dedicated Memory: 128 MB
Shared Memory: 1631 MB
Current Mode: 1280 x 800 (32 bit) (60Hz)
Monitor: Generic PnP Monitor
Driver Name: igdumd64.dll,igd10umd64.dll
Driver Version: 7.15.0010.1502 (English)
DDI Version: 10
Driver Attributes: Final Retail
Driver Date/Size: 6/12/2008 18:51:32, 4806144 bytes
WHQL Logo'd: n/a
WHQL Date Stamp: n/a
Device Identifier: {D7B78E66-6902-11CF-1777-14DFA7C2CA35}
Vendor ID: 0x8086
Device ID: 0x2A42
SubSys ID: 0xFF1E1179
Revision ID: 0x0007
Revision ID: 0x0007
Video Accel: ModeMPEG2_A ModeMPEG2_C ModeWMV9_B ModeWMV9_C ModeVC1_B ModeVC1_C
Deinterlace Caps: {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled

-------------
Sound Devices
-------------
Description: Speakers (Realtek High Definition Audio)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0268&SUBSYS_1179FF7A&REV_1000
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5689 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 8/20/2008 18:02:56, 1487000 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

Description: Realtek Digital Output (Realtek High Definition Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0268&SUBSYS_1179FF7A&REV_1000
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5689 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 8/20/2008 18:02:56, 1487000 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

Description: Speakers (PlayOn Virtual Audio Device)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: *povadsimple
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: povrtdev.sys
Driver Version: 5.02.3668.0000 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 10/14/2009 11:02:20, 27304 bytes
Other Files:
Driver Provider: MediaMall Technologies, Inc.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
Description: Microphone (Realtek High Definition Audio)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5689 (English)
Driver Attributes: Final Retail
Date and Size: 8/20/2008 18:02:56, 1487000 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

Description: MIDI (PlayOn Virtual Audio Device)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: povrtdev.sys
Driver Version: 5.02.3668.0000 (English)
Driver Attributes: Final Retail
Date and Size: 10/14/2009 11:02:20, 27304 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

Description: FM radio (Realtek High Definition Audio)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5689 (English)
Driver Attributes: Final Retail
Date and Size: 8/20/2008 18:02:56, 1487000 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

Description: Microphone (PlayOn Virtual Audio Device)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: povrtdev.sys
Driver Version: 5.02.3668.0000 (English)
Driver Attributes: Final Retail
Date and Size: 10/14/2009 11:02:20, 27304 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC521
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC521
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC521
FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x2934
| Matching Device ID: usb\root_hub
| Service: usbhub

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Standard PS/2 Keyboard
| Matching Device ID: *pnp0303
| Service: i8042prt
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ Synaptics PS/2 Port TouchPad
| Matching Device ID: *syn1917
| Upper Filters: SynTP
| Service: i8042prt
|
+ HID-compliant mouse
| Vendor/Product ID: 0x046D, 0xC521
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 38.4 GB
Total Space: 303.7 GB
File System: NTFS
Model: TOSHIBA MK3252GSX

Drive:
Model: MATSHITA DVD-RAM UJ862ES
Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6001.18000 (English), , 0 bytes

--------------
System Devices
--------------
Name: Intel(R) Wireless WiFi Link 5100
Device ID: PCI\VEN_8086&DEV_4232&SUBSYS_12018086&REV_00\4&3388DB6&0&00E1
Driver: n/a

Name: Mobile Intel(R) 4 Series Express Chipset Family
Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_FF1E1179&REV_07\3&21436425&0&11
Driver: n/a

Name: Mobile Intel(R) 4 Series Express Chipset Family
Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_FF1E1179&REV_07\3&21436425&0&10
Driver: n/a

Name: Mobile Intel(R) 45 Express Chipset Series Processor to DRAM Controller - 2A40
Device ID: PCI\VEN_8086&DEV_2A40&SUBSYS_FF1E1179&REV_07\3&21436425&0&00
Driver: n/a

Name: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
Device ID: PCI\VEN_8086&DEV_2948&SUBSYS_FF1E1179&REV_03\3&21436425&0&E4
Driver: n/a

Name: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
Device ID: PCI\VEN_8086&DEV_2942&SUBSYS_FF1E1179&REV_03\3&21436425&0&E1
Driver: n/a

Name: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
Device ID: PCI\VEN_8086&DEV_2940&SUBSYS_FF1E1179&REV_03\3&21436425&0&E0
Driver: n/a

Name: High Definition Audio Controller
Device ID: PCI\VEN_8086&DEV_293E&SUBSYS_FF7A1179&REV_03\3&21436425&0&D8
Driver: n/a

Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
Device ID: PCI\VEN_8086&DEV_293C&SUBSYS_FF1E1179&REV_03\3&21436425&0&D7
Driver: n/a

Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
Device ID: PCI\VEN_8086&DEV_293A&SUBSYS_FF1E1179&REV_03\3&21436425&0&EF
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2939
Device ID: PCI\VEN_8086&DEV_2939&SUBSYS_FF1E1179&REV_03\3&21436425&0&EB
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2938
Device ID: PCI\VEN_8086&DEV_2938&SUBSYS_FF1E1179&REV_03\3&21436425&0&D1
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2937
Device ID: PCI\VEN_8086&DEV_2937&SUBSYS_FF1E1179&REV_03\3&21436425&0&D0
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2936
Device ID: PCI\VEN_8086&DEV_2936&SUBSYS_FF1E1179&REV_03\3&21436425&0&EA
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2935
Device ID: PCI\VEN_8086&DEV_2935&SUBSYS_FF1E1179&REV_03\3&21436425&0&E9
Driver: n/a

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2934
Device ID: PCI\VEN_8086&DEV_2934&SUBSYS_FF1E1179&REV_03\3&21436425&0&E8
Driver: n/a

Name: Intel(R) ICH9 Family Thermal Subsystem - 2932
Device ID: PCI\VEN_8086&DEV_2932&SUBSYS_FF1E1179&REV_03\3&21436425&0&FE
Driver: n/a

Name: Intel(R) ICH9 Family SMBus Controller - 2930
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_FF1E1179&REV_03\3&21436425&0&FB
Driver: n/a

Name: Intel(R) ICH9M-E/M SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_2929&SUBSYS_FF1E1179&REV_03\3&21436425&0&FA
Driver: n/a

Name: Intel(R) ICH9M LPC Interface Controller - 2919
Device ID: PCI\VEN_8086&DEV_2919&SUBSYS_FF1E1179&REV_03\3&21436425&0&F8
Driver: n/a

Name: Intel(R) 82801 PCI Bridge - 2448
Device ID: PCI\VEN_8086&DEV_2448&SUBSYS_FF1E1179&REV_93\3&21436425&0&F0
Driver: n/a

Name: Ricoh xD-Picture Card Controller
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_FF1E1179&REV_12\4&22FF54F3&0&33F0
Driver: n/a

Name: Ricoh SD/MMC Host Controller
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_FF1E1179&REV_12\4&22FF54F3&0&31F0
Driver: n/a

Name: SDA Standard Compliant SD Host Controller
Device ID: PCI\VEN_1180&DEV_0822&SUBSYS_FF1E1179&REV_22\4&22FF54F3&0&30F0
Driver: n/a

Name: Ricoh Memory Stick Controller
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_FF1E1179&REV_12\4&22FF54F3&0&32F0
Driver: n/a

Name: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_FF1E1179&REV_02\4&3A5FB3D5&0&00E0
Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMSpeech Decoder DMO,0x00600800,1,1,,
MP3 Decoder DMO,0x00600800,1,1,,
G2M Session Decoder,0x00600000,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00600800,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
WMV9 Advanced Profile Decoder,0x00600800,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
CoreVolume Filter,0x00000000,0,0,,
Virtual Audio Renderer,0x00200000,1,0,SZCommon-Video080303.dll,2008.03.0003.0002
3ivx MPEG-4 Video Encoder,0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
Ulead DV Writer,0x00200000,1,0,ulDvRite.ax,1.00.0000.0003
PDT IPP Video Decoder,0x00400000,1,1,IPPVideoDecoder.ax,5.00.0005.52727
Full Screen Renderer,0x00200000,1,0,,6.06.6001.18063
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,14.00.8081.0709
Record Queue,0x00200000,1,1,WLXVAFilt.dll,14.00.8081.0709
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8081.0709
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,14.00.8081.0709
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,14.00.8081.0709
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,14.00.8081.0709
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8081.0709
Ulead Ogg Parser,0x00600000,1,1,ulOggParserFilter.ax,1.00.0000.0002
InterVideo Stream Buffer Filter,0x00200000,1,2,SmBuffer.ax,3.00.0085.0000
PDT IPP H264 Encoder,0x00200000,1,1,IPPH264Encoder.ax,5.00.0005.52727
RealPlayer Video Filter,0x00200000,1,1,rdsf3260.dll,6.00.0013.0068
InterVideo Audio Encoder,0x00200000,1,1,iviaenc.ax,3.01.0006.0000
3ivx MPEG-4 Video Decoder,0x00800000,1,1,3ivxDSVideoDecoder.ax,5.00.0003.0184
CyberLink Demultiplexer,0x00200000,1,0,CLDemuxer.ax,1.00.0000.5405
InterVideo Demux,0x00200000,1,2,IVIdemxx.ax,3.01.0006.0000
DV Muxer,0x00400000,0,0,,6.06.6001.18000
3ivx MPEG-4 Media Muxer,0x00200000,1,1,3ivxDSMediaMux.ax,5.00.0003.0184
Color Space Converter,0x00400001,1,1,,6.06.6001.18063
Ulead Push Source Filter,0x00200000,0,1,ulpushSource.ax,1.00.0000.0000
Ulead Sub-Picture Push Source Filter,0x00200000,0,1,ulSubpicPushSource.ax,1.00.0000.0003
WM ASF Reader,0x00400000,0,0,,11.00.6001.7000
Audio Source,0x00200000,0,1,wmprevu.dll,9.00.0000.2980
CyberLink Audio Resampler,0x00200000,1,1,CLAuRsmpl.ax,2.00.0000.0411
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.6001.7000
DivX Video Encoder (3ivx),0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
AVI Splitter,0x00600000,1,1,,6.06.6001.18063
InterVideo Time Shift,0x00200000,1,2,ivits.ax,3.01.0006.0000
VGA 16 Color Ditherer,0x00400000,1,1,,6.06.6001.18063
DV V/A Source Filter,0x00400000,0,1,dvsf.ax,7.00.0000.0000
Microsoft MPEG-2 Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,11.00.6001.7000
MPEG2 TS Source,0x00200000,0,1,MpgTsRdr.ax,
Intervideo 3gFileSource,0x00200000,0,2,Source3g.ax,9.00.0000.0000
TOSHIBA MPEG-2 Video Decoder (DVD),0x00200000,2,3,TosMP2DVD.ax,4.00.0000.0002
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.6001.18322
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.6001.18000
Intervideo AMR Decoder,0x00200000,1,1,AmrDec.ax,8.01.0000.0000
Ulead DVD Navigator,0x00000000,0,0,UleadDVDNavigator.ax,1.00.0002.0001
MJPEG Decompressor,0x00600000,1,1,,6.06.6001.18063
InterVideo Video Encoder,0x00200000,2,1,IVIVENC.ax,3.01.0006.0000
InterVideo Multiplexer,0x00200000,1,1,ivimux.ax,3.01.0006.0000
MPEG-I Stream Splitter,0x00600000,1,2,,6.06.6001.18063
SAMI (CC) Parser,0x00400000,1,1,,6.06.6001.18063
CyberLink TL MPEG Splitter,0x00200000,1,2,CLTLMSplter.ax,3.01.0000.1815
Ulead Video Deinterlace Filter,0x00200000,1,1,deinterlace.ax,1.00.0002.0003
CyberLink Audio Noise Reduction,0x00200000,1,1,CLAuNRWrapper.ax,2.00.0000.1611
CyberLink Audio Spectrum Analyzer,0x00200000,1,1,CLAudSpa.ax,1.00.0000.0924
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000
DV V/A ACM Source Filter,0x00400000,0,1,dvsf.ax,7.00.0000.0000
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.6001.18322
Microsoft MPEG-2 Video Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000
CyberLink Audio Decoder (PCM45),0x00200000,1,1,CLAud.ax,6.01.0008.4721
CyberLink Audio Wizard (PCM45),0x00200001,1,1,CLAudWizard.ax,1.00.0000.1215
Cyberlink SubTitle Importor (PCM45),0x00200000,1,1,CLSubTitle.ax,1.00.0000.1604
CyberLink Audio Effect (PCM45),0x00200000,1,1,claudfx.ax,6.00.0000.1223
CyberLink TimeStretch Filter,0x00200000,1,1,clauts.ax,1.00.0000.5423
CyberLink Demultiplexer (PCM45),0x00200000,1,0,CLDemuxer.ax,1.00.0000.5405
CyberLink Line21 Decoder Filter (PCM45),0x00200000,0,2,CLLine21.ax,4.00.0001.7527
CyberLink DVD Navigator (PCM45),0x00600000,0,3,CLNavX.ax,7.00.0000.3502
CyberLink Video/SP Decoder (PCM45),0x00200000,2,3,CLVSD.ax,8.00.0000.2425
CyberLink Video Effect (PCM45),0x00200000,1,1,CLVidFx.ax,1.00.0000.1523
DV Video Source Filter,0x00400000,0,1,dvsf.ax,7.00.0000.0000
Internal Script Command Renderer,0x00800001,1,0,,6.06.6001.18063
MPEG Audio Decoder,0x03680001,1,1,,6.06.6001.18063
CyberLink Audio Commercial Cut Analyzer,0x00200000,1,1,CLAudCM.ax,1.00.0000.2026
DV Splitter,0x00600000,1,2,,6.06.6001.18000
CoreImgSrc,0x00000000,0,0,,
Video Mixing Renderer 9,0x00200000,1,0,,6.06.6001.18063
3ivx MPEG-4 Media Splitter,0x00800000,1,1,3ivxDSMediaSplitter.ax,5.00.0003.0184
Virtual Video Renderer,0x00200000,1,0,SZCommon-Video080303.dll,2008.03.0003.0002
CyberLink AudioCD Filter,0x00600000,0,1,CLAudioCD.AX,5.00.0000.0912
TOSHIBA Audio Rate Converter,0x00200000,1,1,TosARC.ax,2.00.0001.0004
InterVideo VBI Decoder,0x00200000,1,1,IvVBIDec.ax,1.00.0000.0000
Cyberlink TS Information,0x00200000,1,0,CLTSInfo.ax,1.00.0000.1726
Disk Record Queue,0x00200000,1,1,wmedque.dll,9.00.0000.2980
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,11.00.6001.7000
InterVideo MPEG4 Video Decoder,0x00800000,1,1,MP4VDEC.ax,0.08.0008.0000
CyberLink Load Image Filter,0x00200000,0,1,CLImage.ax,3.00.0000.0907
InterVideo Down Scale Filter,0x00200000,1,1,IVIDownS.ax,3.01.0006.0000
CoreMovSrc,0x00000000,0,0,,
PDT IPP AAC Encoder,0x00200000,1,1,IPP6_0_AACEncoder.ax,5.00.0005.52727
CyberLink Audio Decoder,0x00200000,1,1,CLAud.ax,6.01.0008.4721
Color Converter,0x00200000,1,1,declrds.ax,9.00.0000.2980
TOSHIBA DVD Navigator,0x00200000,0,3,tdvdnavi.ax,1.00.0000.0071
Ulead DV Scene Detect,0x00200000,1,1,ulDvScDt.ax,1.00.0000.0006
PDT IPP MP4 Splitter,0x00400000,0,2,IPPMp4Splitter.ax,5.00.0005.52727
ACM Wrapper,0x00600000,1,1,,6.06.6001.18063
Video Renderer,0x00800001,1,0,,6.06.6001.18063
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.6001.18000
Line 21 Decoder,0x00600000,1,1,,6.06.6001.18000
Video Port Manager,0x00600000,2,1,,6.06.6001.18063
Video Renderer,0x00400000,1,0,,6.06.6001.18063
WAV Dest,0x00200000,0,0,wavdest.ax,
TOSHIBA Progress Monitor,0x00200000,1,1,TProgMon.ax,1.00.0001.0209
TOSHIBA WAV Converter,0x00200000,0,0,TWavConv.ax,1.00.0000.0315
InterVideo Pre-scaling Filter,0x00200000,1,1,IVIScale.ax,3.00.0088.0004
File Writer,0x00200000,1,0,WLXVAFilt.dll,14.00.8081.0709
Ulead DVD Video decoder 2,0x00400000,2,2,ulDVDVideo.ax,2.00.0000.0034
TOSHIBA DVD VR Navigator,0x00200000,0,3,tvrnavi.ax,1.00.0000.0001
WM ASF Writer,0x00400000,0,0,,11.00.6001.7000
Intervideo AAC Encoder,0x00200000,0,0,AACEnc.ax,1.00.0000.0001
Dib Output,0x00200000,0,1,DibOutput.ax,8.00.0000.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.00.6001.18000
Dib Receive,0x00200000,1,0,DibReceive.AX,8.00.0000.0000
InterVideo PSIP/SI Filter,0x00200000,0,0,PsiDecod.ax,1.05.0000.0001
InterVideo DVB Subpicture Filter,0x00200000,1,1,DvbSpic.ax,1.00.0000.0001
InterVideo DVB DSM-CC Filter,0x00200000,1,0,DvbDsmcc.ax,1.00.0000.0001
InterVideo Transport to Program Stream,0x00200000,1,1,TrToProg.ax,1.00.0001.0000
File writer,0x00200000,1,0,,6.06.6001.18000
CoreCaption Filter,0x00000000,0,0,,
PDT IPP MPEG Audio Decoder,0x00400000,1,1,IPPMPEGAudioDecoder.ax,5.00.0005.52727
Cyberlink TS Filter Filter,0x00200000,1,1,CLTSFF.ax,1.00.0000.1726
CoreNullXfrm Filter,0x00000000,0,0,,
Ulead OggVorbis Encoder,0x00400000,1,1,ulOggVorbisEncoderFilter.ax,1.00.0000.0001
Ulead MPEG Transcoder,0x00200000,1,1,ulMPGTrans.ax,1.00.0000.0033
WAV Dest,0x00000000,0,0,,
DVD Navigator,0x00200000,0,3,,6.06.6001.18000
ULead Infinite Pin Tee,0x00200000,1,1,uinftee.ax,1.00.0000.0002
Overlay Mixer2,0x00200000,1,1,,6.06.6001.18000
Ulead MPEG-4 Splitter,0x00600000,1,3,ulspmp4.ax,1.00.0004.0000
Ulead MPEG-4 Audio Decoder,0x00400000,1,1,uladmp4.ax,2.00.0001.0004
Ulead MPEG-4 Video Decoder,0x00400000,1,1,ulvdmp4.ax,2.00.0001.0005
InterVideo MPEG4 Video Encoder,0x00200000,1,1,MP4VENC.ax,0.08.0008.0000
AVI Draw,0x00600064,9,1,,6.06.6001.18063
Ulead DVD Audio decoder 2,0x00200001,1,1,ulDVDAudio.ax,2.00.0000.0045
InterVideo Stream Writer,0x00200000,1,0,StmRite.ax,1.00.0002.0000
Microsoft MPEG-2 Audio Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000
WST Pager,0x00800000,1,1,WSTPager.ax,6.06.6001.18000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.6001.18322
PDFrameGrabFilter,0x00200000,1,1,FrameGrabFilter.ax,5.00.0005.52727
DV Video Decoder,0x00800000,1,1,,6.06.6001.18000
RealPlayer Transcode Filter,0x00600000,0,0,rdsf3260.dll,6.00.0013.0068
CyberLink Video/SP Decoder,0x00200000,2,3,CLVSD.ax,6.00.0000.4316
Screen Capture filter,0x00200000,0,1,wmesrcwp.dll,9.00.0000.2980
TOSHIBA DualMono,0x00200000,1,1,TosDualMono.ax,2.00.0001.0000
CyberLink Video Regulator,0x00200000,1,1,CLRGL.ax,2.00.0000.5002
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.6001.18000
Null Renderer,0x00200000,1,0,qedit.dll,6.06.6001.18000
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.6001.18000
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,11.00.6001.7000
IDM Filter,0x00200000,1,1,idmf.ax,1.00.0000.3909
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.6001.18000
InterVideo AAC (XForm) Decoder,0x00700000,1,1,iviAACDec.ax,1.00.0000.0000
CyberLink MPEG Splitter,0x00200000,1,2,CLSplter.ax,3.01.0000.1928
Smart Tee,0x00200000,1,2,,6.06.6001.18000
Overlay Mixer,0x00200000,0,0,,6.06.6001.18000
RealPlayer Audio Filter,0x00200000,1,1,rdsf3260.dll,6.00.0013.0068
AVI Decompressor,0x00600000,1,1,,6.06.6001.18063
Ulead MPEG Splitter,0x00400002,1,2,Ulspmpeg.ax,1.00.0000.0105
Ulead MPEG Audio Decoder,0x00400000,1,1,ulDVDAudio.ax,2.00.0000.0045
Ulead MPEG Video Decoder,0x00200000,1,1,Uldsmpeg.ax,1.00.0000.0085
Ulead MPEG Encoder,0x00200000,2,1,Ulesmpeg.ax,1.00.0002.0049
Ulead MPEG Muxer,0x00200000,5,1,Ulmxmpeg.ax,1.00.0001.0170
ULead File Writer,0x00200000,1,0,ULDump.ax,1.00.0000.0002
ULead File Source (Async.),0x00400000,0,1,Ulasync.ax,1.00.0000.0013
CyberLink Scene Detect Filter 2,0x00200000,1,1,CLScnDt2.dll,1.01.0000.3202
InterVideo File Writer,0x00200000,1,0,IVIwrite.ax,3.01.0006.0000
AVI/WAV File Source,0x00400000,0,2,,6.06.6001.18063
Wave Parser,0x00400000,1,1,,6.06.6001.18063
MIDI Parser,0x00400000,1,1,,6.06.6001.18063
Multi-file Parser,0x00400000,1,1,,6.06.6001.18063
File stream renderer,0x00400000,1,1,,6.06.6001.18063
Amazon Format Change Fixer,0x00200000,1,1,FormatChangeFix.ax,2.01.0000.0124
Intervideo 3gFileWrite,0x00200000,2,0,Write3g.ax,9.00.0000.0000
InterVideo Still Capture,0x00200000,1,1,IVIscapt.ax,3.01.0006.0000
Video Source,0x00200000,0,1,wmprevu.dll,9.00.0000.2980
TOSHIBA Audio Decoder DVD,0x00200000,1,1,TosAudDecL.ax,2.00.0001.0007
CyberLink Video/SP Decoder (ShEX),0x00200000,2,3,CLImageVSD.ax,6.00.0000.3202
Microsoft MPEG-1/DD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,11.00.6001.7000
AVI Mux,0x00200000,1,0,,6.06.6001.18000
PDT Resize and Letterbox Filter,0x00200000,1,1,PurpleComposite.ax,5.00.0005.52727
CyberLink QuickTime Source Filter,0x00200000,0,2,CLQTSrc.ax,2.00.0000.0901
Line 21 Decoder 2,0x00600002,1,1,,6.06.6001.18063
File Source (Async.),0x00400000,0,1,,6.06.6001.18063
File Source (URL),0x00400000,0,1,,6.06.6001.18063
Samsung Video Encoder (3ivx),0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
Ulead DVB Parser,0x00200000,1,0,ulDVBParser.ax,2.00.0000.0017
Ulead Audio Dual Channel Filter,0x00200000,1,1,UAudioDCFilter.ax,1.00.0000.0002
Ulead OggVorbis Decoder,0x00400000,1,1,ulOggVorbisDecoderFilter.ax,1.00.0000.0001
InterVideo DV Pre-Process,0x00200000,1,1,dvProcs.ax,1.02.0003.0000
Infinite Pin Tee Filter,0x00200000,1,1,,6.06.6001.18000
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.00.6001.18000
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.6001.18322
MPEG Video Decoder,0x40000001,1,1,,6.06.6001.18063
Intervideo AMR Encoder,0x00200000,1,1,AmrEnc.ax,8.01.0000.0000
PDT IPP MP4 Muxer,0x00400000,2,0,IPPMP4Muxer.ax,5.00.0005.52727

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
3ivx MPEG-4 Video Encoder,0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
DivX Video Encoder (3ivx),0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
DV Video Encoder,0x00200000,0,0,,6.06.6001.18000
InterVideo MPEG4 Video Encoder,0x00200000,1,1,MP4VENC.ax,0.08.0008.0000
InterVideo Video Encoder,0x00200000,2,1,IVIVENC.ax,3.01.0006.0000
MJPEG Compressor,0x00200000,0,0,,6.06.6001.18063
Samsung Video Encoder (3ivx),0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184
3ivx MPEG-4 5.0.3 Video Codec,0x00200000,1,1,,6.06.6001.18000
Cinepak Codec by Radius,0x00200000,1,1,,6.06.6001.18000
Intel IYUV codec,0x00200000,1,1,,6.06.6001.18000
Intel IYUV codec,0x00200000,1,1,,6.06.6001.18000
Microsoft RLE,0x00200000,1,1,,6.06.6001.18000
Microsoft Video 1,0x00200000,1,1,,6.06.6001.18000

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
InterVideo Audio Encoder,0x00200000,1,1,iviaenc.ax,3.01.0006.0000
Intervideo AAC Encoder,0x00600000,0,0,AACEnc.ax,1.00.0000.0001
Intervideo AMR Encoder,0x00600000,1,1,AmrEnc.ax,8.01.0000.0000
IMA ADPCM,0x00200000,1,1,,6.06.6001.18063
PCM,0x00200000,1,1,,6.06.6001.18063
Microsoft ADPCM,0x00200000,1,1,,6.06.6001.18063
GSM 6.10,0x00200000,1,1,,6.06.6001.18063
DV Audio -- NTSC,0x00200000,1,1,,6.06.6001.18063
DV Audio -- PAL,0x00200000,1,1,,6.06.6001.18063
Messenger Audio Codec,0x00200000,1,1,,6.06.6001.18063
CCITT A-Law,0x00200000,1,1,,6.06.6001.18063
CCITT u-Law,0x00200000,1,1,,6.06.6001.18063
MPEG Layer-3,0x00200000,1,1,,6.06.6001.18063

Audio Capture Sources:
Microphone (Realtek High Defini,0x00200000,0,0,,6.06.6001.18000
FM radio (Realtek High Definiti,0x00200000,0,0,,6.06.6001.18000
Microphone (PlayOn Virtual Audi,0x00200000,0,0,,6.06.6001.18000
MIDI (PlayOn Virtual Audio Devi,0x00200000,0,0,,6.06.6001.18000

3ivx Filters:
3ivx MPEG-4 Media Muxer,0x00200000,1,1,3ivxDSMediaMux.ax,5.00.0003.0184
3ivx MPEG-4 Media Splitter,0x00800000,1,1,3ivxDSMediaSplitter.ax,5.00.0003.0184
3ivx MPEG-4 Video Decoder,0x00800000,1,1,3ivxDSVideoDecoder.ax,5.00.0003.0184
3ivx MPEG-4 Video Encoder,0x00100000,1,1,3ivxDSVideoEncoder.ax,5.00.0003.0184

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,,6.06.6001.18063
Microsoft GS Wavetable Synth,0x00200000,1,0,,6.06.6001.18063

WDM Streaming Capture Devices:
,0x00000000,0,0,,
,0x00000000,0,0,,
,0x00000000,0,0,,
MSVAD Wave,0x00200000,2,2,,6.00.6001.18000
Chicony USB 2.0 Camera,0x00200000,1,1,,6.00.6001.18000

WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,,6.00.6001.18000
Realtek HDA SPDIF Out,0x00200000,1,1,,6.00.6001.18000
MSVAD Wave,0x00200000,2,2,,6.00.6001.18000

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.6001.18322

Video Capture Sources:
Chicony USB 2.0 Camera,0x00200000,1,1,,6.00.6001.18000
Google Camera Adapter 0,0x00000000,0,0,,
Google Camera Adapter 1,0x00000000,0,0,,

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.6001.18322
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.6001.18000

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,EncDec.dll,6.06.6001.18322
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.6001.18322
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.6001.18322

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000

Audio Renderers:
Speakers (Realtek High Definiti,0x00200000,1,0,,6.06.6001.18063
CyberLink Audio Renderer (PCM45),0x00200000,1,0,CLADR.ax,6.00.0000.3916
Default DirectSound Device,0x00800000,1,0,,6.06.6001.18063
Default WaveOut Device,0x00200000,1,0,,6.06.6001.18063
DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,,6.06.6001.18063
DirectSound: Speakers (PlayOn Virtual Audio Device),0x00200000,1,0,,6.06.6001.18063
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,,6.06.6001.18063
Realtek Digital Output (Realtek,0x00200000,1,0,,6.06.6001.18063
Speakers (PlayOn Virtual Audio ,0x00200000,1,0,,6.06.6001.18063

Re: Clock changes to 24 hour mode upon reboot, among other things.8th September 2010, 9:19 pm

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Press the None button.
Under the Custom Scan box paste this in

cdrom.sys /md5 /64
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

Re: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 12:32 am

OTL logfile created on: 9/16/2010 17:26:48 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 31.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.62 Gb Total Space | 35.96 Gb Free Space | 12.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-PC
Current User Name: owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/13 20:47:22 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/09/13 20:47:21 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/09/09 18:01:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
PRC - [2010/09/01 08:31:54 | 009,777,448 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunes.exe
PRC - [2010/08/13 13:08:46 | 000,033,056 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/08/10 00:00:42 | 000,013,088 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/06/27 15:29:14 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/06/20 23:20:54 | 000,041,984 | ---- | M] (Mobile Stream) -- C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe
PRC - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010/03/12 13:08:54 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe
PRC - [2009/10/22 05:29:58 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
PRC - [2009/10/03 05:07:50 | 000,349,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2009/09/26 20:43:23 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/08/17 23:59:28 | 000,408,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009/03/23 15:53:58 | 000,101,376 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe
PRC - [2009/03/23 15:02:50 | 000,159,744 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe
PRC - [2009/03/23 15:01:22 | 000,199,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe
PRC - [2008/10/16 20:11:26 | 000,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/10/16 20:11:26 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2008/10/16 19:23:30 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2008/10/02 09:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2008/08/14 15:12:08 | 004,789,248 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008/08/14 13:46:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008/07/21 17:16:06 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008/07/10 18:35:30 | 000,188,416 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
PRC - [2008/07/10 17:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/01/20 19:50:38 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieuser.exe
PRC - [2007/12/13 19:52:00 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
PRC - [2007/02/10 05:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2007/02/10 05:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
PRC - [2006/08/28 02:53:48 | 000,092,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe
PRC - [2002/04/11 05:19:36 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2002/04/11 05:19:34 | 000,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

========== Modules (SafeList) ==========

MOD - [2010/09/09 18:01:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008/01/20 19:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/10/15 00:04:40 | 001,038,088 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2008/09/26 02:27:00 | 000,562,440 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2008/09/26 02:26:52 | 000,899,848 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:64bit: - [2008/09/26 02:26:46 | 000,590,792 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV:64bit: - [2008/09/26 02:24:22 | 000,823,560 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:64bit: - [2008/09/02 07:06:00 | 000,048,128 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\TAMSvr.exe -- (Authentec memory manager)
SRV:64bit: - [2008/08/25 09:58:12 | 000,089,600 | ---- | M] (Toshiba) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV:64bit: - [2008/08/18 23:24:02 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008/07/17 11:00:14 | 000,139,776 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV:64bit: - [2008/04/30 20:20:42 | 001,371,136 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 19:42:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/07 16:10:16 | 000,547,456 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2007/11/21 16:53:16 | 000,135,168 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2010/09/08 16:04:57 | 002,854,488 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3746.dll -- (Akamai)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [Disabled | Stopped] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/01/12 12:01:28 | 003,077,488 | ---- | M] (MediaMall Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2009/11/19 12:26:54 | 000,455,944 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/10/15 00:04:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/21 20:21:18 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/16 19:31:12 | 000,906,752 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/10/16 19:24:24 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/08/19 21:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/08/04 14:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/06/27 18:46:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2008/05/22 22:55:32 | 000,150,376 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/02/10 05:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2007/02/10 05:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$PRIMAVERA) SQL Server (PRIMAVERA)
SRV - [2006/08/28 02:53:48 | 000,092,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$PRIMAVERA) SQL Server FullText Search (PRIMAVERA)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/06/20 21:01:08 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\easytthr.sys -- (easytether)
DRV:64bit: - [2009/12/04 09:40:30 | 000,265,744 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2009/12/04 09:39:44 | 000,042,000 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2009/12/04 09:30:22 | 002,007,056 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\vsapint.sys -- (vsapint)
DRV:64bit: - [2009/10/14 11:02:20 | 000,027,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/26 02:27:18 | 000,304,656 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2008/09/26 02:27:18 | 000,199,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2008/09/26 02:27:18 | 000,096,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2008/08/19 21:01:44 | 000,504,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2008/08/14 19:40:44 | 000,260,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/08/14 09:52:00 | 000,217,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATSwpDrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV:64bit: - [2008/07/20 17:44:54 | 000,402,456 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/30 05:52:44 | 000,126,976 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/06/26 16:24:18 | 000,020,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/12 18:51:36 | 007,911,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/05/02 13:59:48 | 000,166,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/04/28 06:38:12 | 004,730,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/03/27 07:14:02 | 000,143,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mr97310c.sys -- (mr97310c)
DRV:64bit: - [2008/02/21 10:24:20 | 000,062,976 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/01/20 19:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 19:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/11 23:00:14 | 000,033,400 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2007/12/11 14:03:36 | 000,027,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2007/11/09 14:00:30 | 000,026,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007/09/04 10:29:04 | 000,014,872 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2006/11/19 22:11:06 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2006/11/08 23:34:00 | 000,237,568 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10n64.sys -- (KR10N64)
DRV:64bit: - [2006/11/08 23:33:00 | 000,248,320 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10i64.sys -- (KR10I64)
DRV:64bit: - [2006/10/23 16:33:08 | 000,018,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2006/09/18 14:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2009/02/23 13:37:06 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007/10/19 14:05:38 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Program Files (x86)\NXP\FM Radio\OpenLibSysX64.sys -- (OpenLibSys)
DRV - [2005/03/15 17:25:44 | 000,127,574 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MR97310c.sys -- (mr97310c)
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\PxHlpa64.sys -- (PxHlpa64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaultthis.engineName: "TenchisTV Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2411669&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "TenchisTV Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "news.google.com"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {ece24dcf-8548-4655-b392-47a388721482}:2.5.8.6
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files (x86)\Real\RealPlayer\browserrecord [2009/09/26 20:43:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/08 14:37:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/13 20:47:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/13 20:47:24 | 000,000,000 | ---D | M]

[2010/04/27 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions
[2010/04/27 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/09/14 09:38:31 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions
[2009/08/13 16:07:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/07 03:18:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/28 16:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/04/10 20:19:13 | 000,000,000 | ---D | M] (TenchisTV Toolbar) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\{ece24dcf-8548-4655-b392-47a388721482}
[2009/02/25 15:05:01 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\ChoiceGuard@Microsoft
[2008/12/24 00:51:24 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\createandprint@ag.com
[2010/02/28 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\extensions\firefox@tvunetworks.com
[2010/03/24 16:13:08 | 000,000,921 | ---- | M] () -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\searchplugins\conduit.xml
[2009/02/25 15:18:00 | 000,001,632 | ---- | M] () -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\py7snsrh.default\searchplugins\live-search.xml
[2010/03/23 22:07:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/23 22:07:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

O1 HOSTS File: ([2010/09/14 18:35:34 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SporTV Toolbar) - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.1303.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.1303.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O3 - HKLM\..\Toolbar: (SporTV Toolbar) - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O3 - HKCU\..\Toolbar\WebBrowser: (SporTV Toolbar) - {A298ED31-D405-40E2-880F-B7511948E582} - C:\Program Files (x86)\SporTV\tbSpor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\Windows\SysNative\thpsrv.exe ()
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PCMAgent] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RunTasktray] File not found
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [zzzHPSETUP] D:\Setup.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\SysWow64\p2phost.exe File not found
O4 - HKCU..\Run: [EasyTether] C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: hp.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: hp.com ([]https in Trusted sites)
O16 - DPF: {0BCADE60-1E93-11D8-ABDA-0004759647B3} http://www.bxwa.com/fastbid/fastbidx1.cab (FastBid1 Class)
O16 - DPF: {32322460-3E7D-11D7-ABD8-0001029A9BA6} http://www.bxwa.com/fastbid/fastbidx_plugin.cab (FastBid Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/imgag/cp/install/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\HPDCS {ba135f49-a12c-4e26-a2c4-6ea945999072} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppfile {C4E2084B-ED27-4893-A43D-488CA3F370E2} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppsam {C4E2084B-ED27-4893-A43D-488CA3F370E2} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppzip {C4E2084B-ED27-4893-A43D-488CA3F370E2} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\HPDCS {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppfile {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppsam {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppzip {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Xobni\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/28 20:40:49 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/09/02 19:58:03 | 000,000,000 | ---D | M] - C:\Autodesk2 -- [ NTFS ]
O32 - AutoRun File - [2010/04/14 22:49:13 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{299e9f3b-c062-11dd-bdb5-001e336c3a9e}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{7276353d-80bb-11dd-a0f4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7276353d-80bb-11dd-a0f4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Launch.exe -- File not found
O33 - MountPoints2\{a563a139-f129-11de-b41c-001e336c3a9e}\Shell\AutoRun\command - "" = D:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{a563a139-f129-11de-b41c-001e336c3a9e}\Shell\Setup FlipShare\command - "" = D:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\E\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/09 18:01:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2010/09/08 20:11:59 | 000,000,000 | ---D | C] -- C:\Users\owner\StanfordUCourses
[2010/09/07 21:15:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\TVUAx
[2010/09/02 22:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/02 22:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/02 22:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/02 22:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/09/02 21:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/08/27 13:44:57 | 000,000,000 | ---D | C] -- C:\Users\owner\Documents\Nicholas - School
[2010/08/25 12:49:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/08/24 23:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobile Stream
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\owner\AppData\Local\*.tmp files -> C:\Users\owner\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/16 17:27:52 | 006,553,600 | -HS- | M] () -- C:\Users\owner\NTUSER.DAT
[2010/09/16 17:08:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/16 16:42:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4287032534-2594818880-2464098818-1000UA.job
[2010/09/16 15:32:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/16 08:10:33 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 08:10:32 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 00:35:13 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5A8E921D-6B96-4344-9BC3-0C05FE9E410B}.job
[2010/09/15 22:42:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4287032534-2594818880-2464098818-1000Core.job
[2010/09/15 22:25:31 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/15 19:08:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/15 12:43:40 | 000,869,396 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/15 12:43:40 | 000,725,308 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/15 12:43:40 | 000,145,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/13 22:40:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/13 22:40:03 | 4156,555,264 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/13 22:37:44 | 000,524,288 | -HS- | M] () -- C:\Users\owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/09/13 22:37:44 | 000,065,536 | -HS- | M] () -- C:\Users\owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/09/13 22:36:42 | 004,788,890 | -H-- | M] () -- C:\Users\owner\AppData\Local\IconCache.db
[2010/09/13 20:37:08 | 000,047,616 | ---- | M] () -- C:\Users\owner\Desktop\Client_Questionnaire_Kyle_Kittelman.doc
[2010/09/09 18:01:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2010/09/09 15:49:53 | 000,053,321 | ---- | M] () -- C:\Users\owner\Desktop\DefermentWizard.do.pdf
[2010/09/06 15:23:11 | 000,000,152 | ---- | M] () -- C:\Users\owner\Desktop\fixtime.reg
[2010/09/03 07:15:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/09/02 22:09:37 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/02 22:03:06 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/02 09:55:46 | 000,155,136 | ---- | M] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/01 14:51:46 | 000,000,162 | -H-- | M] () -- C:\Users\owner\Desktop\~$ass or Program Proposal (3).doc
[2010/09/01 06:51:49 | 000,032,256 | ---- | M] () -- C:\Users\owner\Desktop\Class or Program Proposal (3).doc
[2010/08/25 07:41:43 | 000,051,418 | ---- | M] () -- C:\Users\owner\Desktop\video_map_SeattleMetroAug252010.gif
[2010/08/24 08:24:29 | 000,088,448 | ---- | M] () -- C:\Users\owner\Desktop\schedule.pdf
[2010/08/17 18:06:19 | 000,015,480 | ---- | M] () -- C:\Users\owner\Desktop\hijackthis817
[2010/08/17 18:04:57 | 000,001,960 | ---- | M] () -- C:\Users\owner\Desktop\HiJackThis.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\owner\AppData\Local\*.tmp files -> C:\Users\owner\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/13 19:54:43 | 000,047,616 | ---- | C] () -- C:\Users\owner\Desktop\Client_Questionnaire_Kyle_Kittelman.doc
[2010/09/09 15:49:52 | 000,053,321 | ---- | C] () -- C:\Users\owner\Desktop\DefermentWizard.do.pdf
[2010/09/06 15:23:11 | 000,000,152 | ---- | C] () -- C:\Users\owner\Desktop\fixtime.reg
[2010/09/03 07:28:51 | 000,020,480 | ---- | C] () -- C:\Windows\SysNative\winusb.dll
[2010/09/03 07:15:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/09/03 07:14:38 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/09/03 07:14:34 | 000,042,064 | ---- | C] () -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2010/09/03 07:14:33 | 000,654,928 | ---- | C] () -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2010/09/02 22:09:37 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/02 22:03:06 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/01 14:51:46 | 000,000,162 | -H-- | C] () -- C:\Users\owner\Desktop\~$ass or Program Proposal (3).doc
[2010/09/01 06:51:48 | 000,032,256 | ---- | C] () -- C:\Users\owner\Desktop\Class or Program Proposal (3).doc
[2010/08/25 07:41:19 | 000,051,418 | ---- | C] () -- C:\Users\owner\Desktop\video_map_SeattleMetroAug252010.gif
[2010/08/24 23:19:39 | 000,014,336 | ---- | C] () -- C:\Windows\SysNative\drivers\easytthr.sys
[2010/08/24 08:24:28 | 000,088,448 | ---- | C] () -- C:\Users\owner\Desktop\schedule.pdf
[2010/08/21 17:13:42 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010/08/17 18:06:19 | 000,015,480 | ---- | C] () -- C:\Users\owner\Desktop\hijackthis817
[2010/08/17 18:04:57 | 000,001,960 | ---- | C] () -- C:\Users\owner\Desktop\HiJackThis.lnk
[2010/05/15 09:45:35 | 000,000,827 | ---- | C] () -- C:\Windows\BTI.INI
[2010/05/15 09:45:31 | 000,038,576 | ---- | C] () -- C:\Windows\SysWow64\NWLOCALE.DLL
[2010/05/15 09:45:31 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2010/05/15 09:45:13 | 000,001,072 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/04/14 22:58:35 | 000,000,036 | ---- | C] () -- C:\Users\owner\AppData\Local\housecall.guid.cache
[2010/04/02 20:00:24 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\mr310exv.dll
[2010/04/02 20:00:24 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\mr310exd.dll
[2010/04/02 20:00:24 | 000,015,164 | ---- | C] () -- C:\Windows\mr310twc.ini
[2010/04/01 13:35:21 | 000,438,184 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_vcredistMSI3C8F.txt
[2010/04/01 13:35:20 | 000,012,276 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_vcredistUI3C8F.txt
[2010/04/01 12:06:55 | 000,012,307 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/02/16 23:37:48 | 000,024,226 | ---- | C] () -- C:\Users\owner\AppData\Roaming\UserTile.png
[2010/01/26 12:59:12 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100126.log
[2010/01/18 01:41:04 | 000,004,096 | -H-- | C] () -- C:\Users\owner\AppData\Local\keyfile3.drm
[2010/01/05 18:07:59 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/01/05 18:07:59 | 000,000,088 | RHS- | C] () -- C:\ProgramData\BB83B5B1DC.sys
[2009/10/14 14:55:23 | 000,000,510 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/28 16:57:11 | 000,011,742 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_vcredistUI6A53.txt
[2009/08/28 16:57:07 | 000,011,742 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_vcredistUI6A46.txt
[2009/08/07 19:14:05 | 000,337,714 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_SharedManagementObjects_MSI6A4F.txt
[2009/08/07 19:14:00 | 000,172,456 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_SQLSysClrTypes_msi6A3F.txt
[2009/08/07 19:09:44 | 010,826,474 | ---- | C] () -- C:\Users\owner\AppData\Local\VSMsiLog66FB.txt
[2009/08/07 19:09:38 | 000,200,286 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI66E8.txt
[2009/08/07 19:09:34 | 000,213,754 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_WinSDK_ExpTools_x64_MSI66DA.txt
[2009/08/07 19:08:36 | 005,359,116 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_WinSDK_Build_x64_MSI661D.txt
[2009/08/07 19:08:20 | 001,228,286 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_ExpRemoteDbg_x64_MSI65E9.txt
[2009/08/07 19:08:08 | 000,408,724 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_VC_Red_MSI65C2.txt
[2009/08/07 19:01:36 | 000,116,768 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_depcheck_VC_EXP_90.txt
[2009/08/07 19:01:28 | 000,352,326 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_install_vc_xcor_90.txt
[2009/08/07 19:01:28 | 000,005,296 | ---- | C] () -- C:\Users\owner\AppData\Local\uxeventlog.txt
[2009/08/07 19:01:28 | 000,000,002 | ---- | C] () -- C:\Users\owner\AppData\Local\dd_error_vc_xcor_90.txt
[2009/06/28 16:33:06 | 000,821,964 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/04/11 11:34:20 | 000,000,732 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d9caps64.dat
[2009/02/10 14:33:16 | 000,181,248 | ---- | C] () -- C:\Windows\SysWow64\HPEPCEnm.dll
[2009/02/10 14:33:02 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2009/01/25 20:55:27 | 000,000,171 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/12/02 23:55:13 | 000,155,136 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/01 12:28:52 | 000,005,972 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d9caps.dat
[2008/11/13 11:07:38 | 000,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys
[2008/09/09 13:11:01 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/09/09 12:14:11 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2008/09/09 12:14:11 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2008/09/09 12:14:11 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2008/09/09 12:14:11 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2008/09/09 12:14:11 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2008/09/09 12:14:11 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 19:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\TosBtAcc.dll
[2006/07/31 17:45:20 | 000,086,528 | R--- | C] () -- C:\Windows\SysWow64\libjnbzip2.dll
[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\TosCommAPI.dll
[1996/09/24 19:40:44 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\W32MKRC.DLL
[1995/04/10 18:30:50 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\WDBUUI32.DLL

========== Custom Scans ==========

< cdrom.sys /md5 /64 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:63596073
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:BDBBA690
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:404390E0
< End of report >

Re: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 12:38 am

Extras.txt was not produced.

Re: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 9:06 am

Please open OTL -- Click None and paste this in the Custom Scans box:

Code:

/md5start
cdrom.sys
/md5stop

Then click Run Scan. It shall launch a log. Please post it in your next reply.

Re: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 4:32 pm

OTL logfile created on: 9/17/2010 08:57:10 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 29.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.62 Gb Total Space | 34.45 Gb Free Space | 11.61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-PC
Current User Name: owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Custom Scans ==========

< MD5 for: CDROM.SYS >
[2008/01/20 19:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009/04/10 22:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys
< End of report >

Re: Clock changes to 24 hour mode upon reboot, among other things.18th September 2010, 12:54 am

Please run OTL

Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

Code:
:files C:\Windows\System32\drivers\cdrom.sys|C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys /replace :commands [reboot]
Then click the Run Fix button at the top.
Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, this is normal.
Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)

Re: Clock changes to 24 hour mode upon reboot, among other things.19th September 2010, 4:45 pm

========== FILES ==========
Unable to replace file: C:\Windows\System32\drivers\cdrom.sys with C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys without a reboot.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.11.0 log created on 09192010_092106

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Clock changes to 24 hour mode upon reboot, among other things.19th September 2010, 4:46 pm

btw, my clock changed back to 24 hour upon a previous reboot.

Re: Clock changes to 24 hour mode upon reboot, among other things.20th September 2010, 9:13 am

Please download ComboFix Clock changes to 24 hour mode upon reboot, among other things. Combofix

from BleepingComputer.com

Alternate link: Forospyware.com (Click the green button on the page to download it).

Rename ComboFix.exe to combo-fix.exe before you save it to your Desktop

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
killall::

fcopy::
C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys | C:\Windows\System32\drivers\cdrom.sys

Reboot::
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
Please post the contents of the log in your next reply.

NOTE:

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Clock changes to 24 hour mode upon reboot, among other things. Query_RC

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Clock changes to 24 hour mode upon reboot, among other things. RC_successful

Clock changes to 24 hour mode upon reboot, among other things. RC_successful

Click on Yes, to continue scanning for malware.

Re: Clock changes to 24 hour mode upon reboot, among other things.23rd September 2010, 4:26 am

I received a 'Error - Win32 only' message. 'OS incompatable'.
My system is 64 bit.

Re: Clock changes to 24 hour mode upon reboot, among other things.23rd September 2010, 9:12 pm

Let's try this way real quick...

Please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet

Double-click on drweb-cureit.exe to start the program.
An Express Scan of your PC notice will appear.
Under Start the Express Scan Now, Click OK to start the scan.
This is a short scan that will scan the files currently running in memory.
If something is found, click the Yes button when it asks you if you want to cure it.
Once the short scan has finished, Click Options > Change settings
Choose the Scan tab and UNcheck Heuristic analysis
Back at the main window, click Custom Scan, then Select drives (a red dot will show which drives have been chosen).
Then click the Start/Stop Scanning button (green arrow on the right, and the scan will start.
When finished, a message will be displayed at the bottom advising if any viruses were found.
Click Yes to all if it asks if you want to cure/move the file.
When the scan has finished, look if you can see the icon next to the files found.
If so, click it, then click the next icon right below and select Move incurable.
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
Save the DrWeb.csv report to your Desktop.
Exit Dr.Web Cureit when you have finished.
Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Clock changes to 24 hour mode upon reboot, among other things.

descriptionClock changes to 24 hour mode upon reboot, among other things.18th August 2010, 1:06 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:04 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 4:01 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:21 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 6:56 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 7:03 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 7:14 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th August 2010, 9:05 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.25th August 2010, 6:10 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.25th August 2010, 9:27 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.31st August 2010, 9:26 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.1st September 2010, 10:04 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.2nd September 2010, 4:26 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.4th September 2010, 4:40 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 2:02 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 3:28 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.7th September 2010, 4:00 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.8th September 2010, 9:19 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 12:32 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 12:38 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 9:06 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.17th September 2010, 4:32 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.18th September 2010, 12:54 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.19th September 2010, 4:45 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.19th September 2010, 4:46 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.20th September 2010, 9:13 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.23rd September 2010, 4:26 am

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.23rd September 2010, 9:12 pm

descriptionRe: Clock changes to 24 hour mode upon reboot, among other things.