OTL logfile created on: 10/21/2010 3:21:59 PM - Run 1 OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\Michael Delaney\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 230.31 Gb Total Space | 192.03 Gb Free Space | 83.38% Space Free | Partition Type: NTFS Computer Name: MXD6 | User Name: Michael Delaney | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/10/21 15:21:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael Delaney\Desktop\OTL.exe PRC - [2010/10/12 17:08:21 | 001,006,672 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe PRC - [2010/10/12 17:08:21 | 000,238,928 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe PRC - [2010/10/12 17:08:21 | 000,112,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe PRC - [2010/10/12 17:07:57 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe PRC - [2010/10/12 11:08:06 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010/08/25 22:49:30 | 000,196,320 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2010/03/25 21:40:42 | 000,203,312 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe PRC - [2007/11/26 14:47:30 | 001,206,600 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\wwDisp.exe PRC - [2007/10/11 10:49:50 | 000,465,136 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe PRC - [2007/05/25 12:39:38 | 000,964,144 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\ezi_hnm2.exe PRC - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe PRC - [2005/07/12 17:20:24 | 004,534,272 | R--- | M] (SJ Labs, Inc.) -- C:\Program Files\SJLabs\SJphone\SJphone.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/10/21 15:21:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael Delaney\Desktop\OTL.exe MOD - [2010/10/12 17:08:24 | 000,079,184 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2008/04/13 19:12:06 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\sptip.dll MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008/04/13 11:43:18 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\spgrmr.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010/10/12 11:08:06 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2010/10/12 11:08:06 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2010/08/25 22:49:30 | 000,196,320 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp) SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2009/09/27 01:59:34 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008/10/06 14:18:18 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc) SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService) SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc) SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DDMI2.sys -- (SDDMI2) DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Internet Explorer\SABProcEnum.sys -- (SABProcEnum) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\AFGSp50.sys -- (AFGSp50) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\AFGMp50.sys -- (AFGMp50) DRV - [2010/10/12 17:08:08 | 000,341,072 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw) DRV - [2010/10/12 17:08:08 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm) DRV - [2010/10/12 17:08:08 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi) DRV - [2010/10/12 17:08:08 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon) DRV - [2010/10/12 17:08:08 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr) DRV - [2009/12/01 16:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009/07/14 00:33:40 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PzWDM.sys -- (PzWDM) DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt) DRV - [2007/12/11 14:22:24 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2007/12/02 19:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2007/12/02 19:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2007/12/02 19:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\datunidr.sys -- (datunidr) DRV - [2007/06/06 16:30:32 | 005,707,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2007/06/06 16:28:16 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2007/06/03 15:20:58 | 000,202,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2007/05/08 22:49:02 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2007/05/08 22:46:12 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/05/08 22:46:08 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/05/08 22:46:06 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/05/08 21:22:58 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor) DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet) DRV - [2006/11/02 13:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02) DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct) DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV) DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080303 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2010/10/20 12:53:44 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/10/12 17:13:45 | 000,259,786 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.139mm.com O1 - Hosts: 127.0.0.1 139mm.com O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 127.0.0.1 171203.com O1 - Hosts: 9011 more lines... O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1008.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1008.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [OE] C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKCU..\Run: [DellAutomatedPCTuneUp] C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe (Gteko Ltd.) O4 - HKCU..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe (Webroot Software, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk = C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SJphone.lnk = C:\WINDOWS\Installer\{322BC585-68EE-4071-B500-31F33C3AE3DA}\Icon1F409B47.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177 O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM () O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM () O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: //@install.mar@/ ([]msni in My Computer) O15 - HKCU\..Trusted Domains: //@mail.mar@/ ([]msni in Local intranet) O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {3527C5BD-4A46-4362-94B6-12341D087A4B} http://roadrunnerrecords.echospin.com/wizard/files/esWizard.cab (Echospin Proxy Control) O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe (MSN Money Charting) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (Reg Error: Key error.) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (Reg Error: Key error.) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://upload.streetfire.net/upload/ImageUploader5.cab (Reg Error: Key error.) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205197327671 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (Reg Error: Key error.) O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl) O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Reg Error: Key error.) O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (Reg Error: Key error.) O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 () - file:///C:/DOCUME~1/MICHAE~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg O24 - Desktop WallPaper: C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (ows\s) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/09/06 02:13:23 | 000,000,000 | -HS- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2621b444-f3a8-11dd-8e75-001e4cc4e681}\Shell - "" = AutoRun O33 - MountPoints2\{2621b444-f3a8-11dd-8e75-001e4cc4e681}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{2621b444-f3a8-11dd-8e75-001e4cc4e681}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{afc2006e-1f8b-11dd-8bd0-001e4cc4e681}\Shell\AutoRun\command - "" = setupSNK.exe O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/10/21 15:21:22 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael Delaney\Desktop\OTL.exe [2010/10/21 15:17:12 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2010/10/21 15:04:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010/10/21 15:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010/10/21 15:02:45 | 013,063,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-en-us-xp.exe [2010/10/21 14:54:16 | 000,600,235 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe [2010/10/20 12:55:12 | 000,000,000 | ---D | C] -- C:\temp [2010/10/17 23:26:39 | 002,233,016 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll [2010/10/17 23:26:39 | 000,087,688 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll [2010/10/17 23:26:37 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe [2010/10/17 23:26:37 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe [2010/10/17 23:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\iolo [2010/10/17 23:10:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\LMI8A.tmp [2010/10/15 00:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot [2010/10/12 17:28:48 | 000,341,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\TM_CFW.sys [2010/10/12 17:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Trend Micro [2010/10/12 17:22:19 | 000,092,112 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmtdi.sys [2010/10/12 17:22:11 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys [2010/10/12 17:22:11 | 000,080,464 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys [2010/10/12 17:22:11 | 000,064,080 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys [2010/10/12 16:59:59 | 054,924,140 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\All Users\Desktop\TTi_MR_Download_32bit.exe [2010/10/07 12:59:49 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/10/05 15:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael Delaney\My Documents\Letters [2010/09/25 21:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/09/25 21:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/09/25 21:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/09/25 21:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010/09/22 23:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael Delaney\Application Data\ieSpell [2010/09/22 23:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\ieSpell [2009/06/05 05:07:14 | 018,914,120 | ---- | C] (iolo technologies, LLC ) -- C:\Program Files\SystemMechanic.exe [2009/05/02 02:09:16 | 040,346,704 | ---- | C] (Webroot Software, Inc. ) -- C:\Program Files\SpySweeperBestBuySetup_EN.exe [2008/09/09 16:52:02 | 011,261,616 | ---- | C] (Doctor Web, Ltd.) -- C:\Program Files\drweb-cureit.exe [2008/09/01 06:34:18 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe [2008/09/01 04:02:39 | 015,083,520 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd160.exe [2008/09/01 02:17:32 | 007,182,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\windows-kb890830-v2.1.exe [2008/04/02 22:51:42 | 003,230,781 | ---- | C] (Evonsoft ) -- C:\Program Files\ASRLSetup.exe [2008/03/14 22:33:09 | 007,507,296 | ---- | C] (PC Tools ) -- C:\Program Files\rminstall.exe [2008/03/12 19:01:36 | 003,864,904 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files\wwsetup1_158628.exe [1997/04/08 09:27:18 | 000,490,096 | ---- | C] (Microsoft Corporation) -- C:\Program Files\oadist.exe [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/10/21 15:30:37 | 000,000,374 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job [2010/10/21 15:21:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael Delaney\Desktop\OTL.exe [2010/10/21 15:11:00 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/21 15:09:16 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/10/21 15:03:51 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/10/21 15:03:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/10/21 15:03:20 | 013,063,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-en-us-xp.exe [2010/10/21 14:54:28 | 000,600,235 | ---- | M] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe [2010/10/21 14:31:32 | 000,002,319 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SJphone.lnk [2010/10/21 14:31:31 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk [2010/10/21 14:31:29 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/21 14:31:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/21 14:31:16 | 2137,038,848 | -HS- | M] () -- C:\hiberfil.sys [2010/10/21 14:26:38 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010/10/21 12:58:23 | 000,009,048 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\Deanna Favre.jpg [2010/10/20 18:53:03 | 000,000,234 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Application Data\default.rss [2010/10/19 15:51:33 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2010/10/17 23:26:41 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\System Mechanic.lnk [2010/10/16 21:05:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/10/15 00:39:36 | 000,001,596 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\Window Washer.lnk [2010/10/14 21:51:55 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\BOK Costmetics.doc [2010/10/14 21:30:23 | 054,924,140 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\All Users\Desktop\TTi_MR_Download_32bit.exe [2010/10/14 12:22:57 | 000,190,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/13 17:31:50 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/10/12 17:23:20 | 000,456,910 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/10/12 17:23:20 | 000,076,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/10/12 17:23:17 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\Trend Micro Titanium Internet Security.lnk [2010/10/12 17:13:45 | 000,259,786 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/10/12 17:08:08 | 000,341,072 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\TM_CFW.sys [2010/10/12 17:08:08 | 000,189,520 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys [2010/10/12 17:08:08 | 000,092,112 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmtdi.sys [2010/10/12 17:08:08 | 000,080,464 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys [2010/10/12 17:08:08 | 000,064,080 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys [2010/10/12 14:02:38 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\Court 2010.doc [2010/10/12 12:58:50 | 018,914,120 | ---- | M] (iolo technologies, LLC ) -- C:\Program Files\SystemMechanic.exe [2010/10/12 12:55:54 | 000,087,688 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll [2010/10/12 12:55:18 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe [2010/10/12 12:55:10 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe [2010/10/12 12:46:12 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\Microsoft Office Word 2003.lnk [2010/10/12 11:08:52 | 002,233,016 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll [2010/10/07 12:46:41 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SJphone.lnk [2010/10/01 22:18:57 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\Microsoft Office Excel 2003.lnk [2010/10/01 22:16:44 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\meds.doc [2010/10/01 22:10:29 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\Medication.doc [2010/09/29 18:31:45 | 000,051,228 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\Integrity Auto.jpg [2010/09/25 21:30:28 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/09/25 21:22:04 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/09/24 15:25:19 | 000,035,014 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\67gpm34.jpg [2010/09/24 15:24:44 | 000,073,256 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\My Documents\ATT000011.jpg [2010/09/24 15:24:44 | 000,073,256 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Desktop\ATT000011.jpg [2010/09/24 14:44:30 | 000,125,440 | ---- | M] () -- C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/09/24 00:48:17 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI [2010/09/23 23:16:47 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/21 15:17:35 | 000,000,374 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job [2010/10/21 15:09:15 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/10/21 15:03:51 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk [2010/10/21 14:31:16 | 2137,038,848 | -HS- | C] () -- C:\hiberfil.sys [2010/10/21 13:36:55 | 000,009,048 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\My Documents\Deanna Favre.jpg [2010/10/17 23:26:41 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\System Mechanic.lnk [2010/10/15 00:39:36 | 000,001,596 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\Window Washer.lnk [2010/10/12 17:23:08 | 000,000,932 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\Trend Micro Titanium Internet Security.lnk [2010/10/12 12:50:28 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\My Documents\Court 2010.doc [2010/10/01 22:10:29 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\My Documents\Medication.doc [2010/09/29 18:31:45 | 000,051,228 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\Integrity Auto.jpg [2010/09/25 21:30:28 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010/09/25 21:22:04 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2010/09/24 15:28:43 | 000,073,256 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\ATT000011.jpg [2010/09/24 15:25:56 | 000,035,014 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Desktop\67gpm34.jpg [2010/09/24 15:25:13 | 000,073,256 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\My Documents\ATT000011.jpg [2010/09/23 23:16:47 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/08/14 23:31:20 | 000,111,504 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/06/14 21:38:13 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010/05/15 18:39:26 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll [2010/05/15 18:38:27 | 007,744,980 | ---- | C] () -- C:\Program Files\FreewarePrimoPDF.exe [2009/09/26 00:45:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/09/23 11:58:03 | 000,000,234 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Application Data\default.rss [2009/09/22 17:17:08 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009/09/20 12:15:41 | 000,002,456 | ---- | C] () -- C:\Program Files\Neromigo [2009/07/30 20:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini [2009/06/05 05:07:19 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2009/06/05 05:02:35 | 000,426,352 | ---- | C] () -- C:\Program Files\sm_dm.exe [2009/02/15 00:55:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\TmPfw.ini [2009/02/15 00:55:53 | 000,000,147 | ---- | C] () -- C:\WINDOWS\TmProxy.ini [2008/12/31 17:04:42 | 000,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2008/10/19 01:40:06 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\fusioncache.dat [2008/05/24 05:46:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\rx_image.Cache [2008/05/23 15:21:02 | 004,265,576 | ---- | C] () -- C:\Program Files\winzip100.exe [2008/05/19 21:22:51 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt [2008/03/30 02:07:04 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2008/03/23 16:37:52 | 000,000,255 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2008/03/16 12:24:32 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2008/03/16 12:23:20 | 000,879,683 | ---- | C] () -- C:\Program Files\2000-WIN2K_XP-EN-0319.EXE [2008/03/15 17:47:17 | 003,207,680 | ---- | C] () -- C:\Program Files\PCCall.msi [2008/03/13 18:52:00 | 000,125,440 | ---- | C] () -- C:\Documents and Settings\Michael Delaney\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/03/10 21:17:31 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/03/03 09:01:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008/03/03 08:56:26 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll [2008/03/03 08:49:40 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll [2008/03/03 08:49:39 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll [2008/03/03 08:27:21 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2008/03/03 08:27:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll [2008/03/03 08:27:19 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2008/03/03 08:25:48 | 000,001,118 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/08/29 17:29:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/08/10 14:12:05 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/08/10 13:51:35 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2004/08/10 13:51:35 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2004/08/10 13:51:35 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2004/08/10 13:51:35 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2004/08/10 13:51:35 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\uTMBackup.exe:SummaryInformation @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\All Users\Desktop\TTi_MR_Download_32bit.exe:SummaryInformation @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\My Documents\doc:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\the big one.wmv:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\tenure_map.gif:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\sweet.wmv:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\Saipem 5914_5915:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\Picture 129.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\NIGHTS.wmv:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\MLD10-11-03KUWAIT.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\MD10-11-03KUWAIT.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\Favorites:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\DSCF0268.JPG:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\DSCF0156.JPG:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\CAR 012.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Michael Delaney\Desktop\97 240SX GTO:Roxio EMC Stream @Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E2D794 < End of report >