OTL logfile created on: 4/13/2011 1:48:59 PM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\Anthony\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
958.00 Mb Total Physical Memory | 192.00 Mb Available Physical Memory | 20.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 128.00 Gb Total Space | 30.05 Gb Free Space | 23.48% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 14.32 Gb Free Space | 9.61% Space Free | Partition Type: NTFS
 
Computer Name: ANTHONY-53B3628 | User Name: Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/04/13 11:34:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anthony\desktop\OTL.exe
PRC - [2011/04/06 14:47:46 | 000,177,616 | R--- | M] (iS3, Inc.) -- C:\Program Files\STOPzilla!\STOPzilla.exe
PRC - [2011/04/06 14:47:42 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2011/03/23 13:49:21 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/02/25 16:12:26 | 001,320,272 | ---- | M] () -- C:\WINDOWS\system32\MPK\MPK.exe
PRC - [2011/02/18 11:00:12 | 000,100,184 | ---- | M] (AT&T Corporation) -- C:\Program Files\ATT Internet Tools\blsloader.exe
PRC - [2011/01/17 16:15:32 | 001,193,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2010/07/21 15:43:24 | 000,198,864 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
PRC - [2010/06/30 03:39:10 | 001,573,888 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2010/06/30 03:31:50 | 000,315,392 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciServiceHost.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/12/08 13:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr
PRC - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2004/08/24 13:16:31 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 6200 Series\ezprint.exe
PRC - [2004/08/20 07:30:32 | 000,188,416 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 6200 Series\lxbumon.exE
PRC - [2004/08/18 13:36:44 | 000,450,560 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\lxbucoms.exe
PRC - [2002/10/07 00:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
PRC - [2002/06/20 15:36:38 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2002/06/20 15:30:04 | 000,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/04/13 11:34:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anthony\desktop\OTL.exe
MOD - [2011/03/09 16:54:14 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2011/03/05 08:25:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ATT Internet Tools\Microsoft.VC90.CRT\msvcr90.dll
MOD - [2011/03/05 08:25:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ATT Internet Tools\Microsoft.VC90.CRT\msvcp90.dll
MOD - [2011/02/25 16:13:20 | 000,074,576 | ---- | M] () -- C:\WINDOWS\system32\MPK\Mpk.dll
MOD - [2011/02/18 10:51:42 | 000,232,448 | ---- | M] (AT&T Corporation) -- C:\Program Files\ATT Internet Tools\blshook_win32.dll
MOD - [2011/02/18 10:51:18 | 000,033,280 | ---- | M] (AT&T Corporation) -- C:\Program Files\ATT Internet Tools\Common_win32.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/06/30 03:31:46 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (LiveUpdate)
SRV - File not found [Auto | Stopped] --  -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] --  -- (Automatic LiveUpdate Scheduler)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/04/06 14:47:42 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/07/15 20:45:44 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/06/30 03:31:50 | 000,315,392 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciServiceHost.exe -- (McciServiceHost)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/09/08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2008/11/22 01:25:46 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2004/08/18 13:36:44 | 000,450,560 | ---- | M] (Lexmark International, Inc.) [On_Demand | Running] -- C:\WINDOWS\System32\lxbucoms.exe -- (lxbu_device)
SRV - [2003/05/19 16:07:38 | 000,086,016 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\YPcservice.exe -- (YPCService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/07/27 05:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 05:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/07/15 20:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/05/12 18:01:06 | 000,059,280 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\szkgfs.sys -- (szkgfs)
DRV - [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\szkg.sys -- (szkg5)
DRV - [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2009/05/26 17:38:12 | 000,026,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/11/24 18:04:10 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/09/11 08:50:58 | 000,075,264 | ---- | M] (u-blox AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ubloxusb.sys -- (ubloxusb)
DRV - [2008/08/18 11:24:40 | 000,011,264 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ICDUSB3.sys -- (ICDUSB3)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/11/20 17:56:54 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2007/11/20 17:56:28 | 000,017,920 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2007/09/04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007/07/03 17:59:10 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 17:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 17:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 17:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/02/23 21:21:22 | 000,611,441 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003/12/11 23:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002/07/24 04:30:00 | 000,032,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-iobit
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-842925246-1844823847-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Inbox.com Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Inbox.com Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:8477
FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.8.2
FF - prefs.js..extensions.enabledItems: LDSI_plashcor@gmail.com:0.6.8
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: blsfflock@att.com:4.0.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}:1.0.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.1
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\blsfflock@att.com: C:\Program Files\ATT Internet Tools\ffextension [2011/03/07 11:04:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/03/30 22:46:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/04 15:53:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/04 15:53:43 | 000,000,000 | ---D | M]
 
[2009/03/07 15:04:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions
[2008/10/12 17:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/03/07 15:04:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/13 12:06:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions
[2011/03/20 20:00:45 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/05/10 13:52:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/16 07:10:54 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/04/05 09:25:40 | 000,000,000 | ---D | M] (Bulk Image Downloader) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}
[2011/04/04 15:54:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/20 07:18:23 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/04/13 12:06:09 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/10 22:34:58 | 000,000,000 | ---D | M] (Somoto Toolbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}
[2011/03/16 07:10:55 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008/11/04 12:13:12 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2)
[2010/11/23 11:13:38 | 000,000,000 | ---D | M] ("ImageHost Grabber") -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
[2011/03/20 20:00:34 | 000,000,000 | ---D | M] ("Consumer Input") -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\ConsumerInput@Compete
[2011/03/20 20:00:40 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\engine@conduit.com
[2010/11/23 11:13:30 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\facepad@lazyrussian.com
[2008/11/04 15:20:52 | 000,000,000 | ---D | M] ("Foxmarks Bookmark Synchronizer") -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\foxmarks@kei(2).com
[2010/08/03 21:43:11 | 000,000,000 | ---D | M] (Save Images) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\LDSI_plashcor@gmail.com
[2011/03/20 19:58:59 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\personas@christopher.beard
[2011/03/20 19:59:00 | 000,000,000 | ---D | M] (Test Pilot) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\50085l8m.default\extensions\testpilot@labs.mozilla.com
[2011/04/04 15:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/06 09:25:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 21:39:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/01 06:10:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/16 08:13:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/04/04 15:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/04 15:53:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) -- 
[2010/04/02 08:10:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/30 22:46:36 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010/01/01 04:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
 
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O2 - BHO: (BlspcHlpr Class) - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\Program Files\ATT Internet Tools\blspc_win32.dll (AT&T Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110316130753.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Video Download Toolbar Intercept) - {B29002A0-87A1-4DC4-AC55-5982034EB61E} - C:\Program Files\VideoDownloadToolbar\VideoDownloadToolbarIntercept.dll (Sakysoft s.r.l. uninominale)
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2787EA8E-8D87-48AF-88AD-B30246C917AB} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-CEC4-75A487FD6484} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (no name) - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [blspcloader] C:\Program Files\ATT Internet Tools\blsloader.exe (AT&T Corporation)
O4 - HKLM..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [CyberDefender Registry Cleaner]  File not found
O4 - HKLM..\Run: [dvd43] C:\Program Files\dvd43\DVD43_Tray.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 6200 Series\ezprint.exe ()
O4 - HKLM..\Run: [LXBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.DLL (Lexmark International, Inc.)
O4 - HKLM..\Run: [lxbumon.exe] C:\Program Files\Lexmark 6200 Series\lxbumon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-842925246-1844823847-839522115-1004..\Run: [CyberDefender Registry Cleaner]  File not found
O4 - HKU\S-1-5-21-842925246-1844823847-839522115-1004..\Run: [MyCleanPC Registry Cleaner] C:\Program Files\CyberDefender\Registry Scanner\CDregclean.exe (CyberDefender)
O4 - HKU\S-1-5-21-842925246-1844823847-839522115-1004..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKU\S-1-5-21-842925246-1844823847-839522115-1004..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Anthony\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk = C:\Documents and Settings\Anthony\Local Settings\Application Data\vghd\bin\vghd.exe (Totem Entertainment)
O4 - Startup: C:\Documents and Settings\Anthony\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O4 - Startup: C:\Documents and Settings\Cristopher & Adam\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: att.com ([ufix] https in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\MPK\mpk.exe) - C:\WINDOWS\system32\MPK\MPK.exe ()
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll -  File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Anthony\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anthony\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/02 18:23:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/14 14:12:19 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{15edebfd-966c-11dd-bc33-00e04d4ff347}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-842925246-1844823847-839522115-1004\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/04/13 13:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/04/13 11:34:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anthony\Desktop\OTL.exe
[2011/04/13 06:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\Application Data\CyberDefender
[2011/04/13 06:30:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CyberDefender
[2011/04/13 06:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\CyberDefender
[2011/04/08 12:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\STOPzilla
[2011/04/08 12:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
[2011/04/08 12:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2011/04/08 12:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/04/06 14:47:36 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2011/04/06 14:47:36 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2011/04/06 14:47:36 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2011/04/06 14:47:34 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2011/04/06 14:47:34 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2011/04/06 14:47:34 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2011/04/06 14:47:32 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2011/04/06 14:47:32 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
[2011/04/06 14:47:32 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2011/04/06 14:47:32 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2011/04/06 14:47:32 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2011/04/06 14:47:30 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2011/03/28 14:31:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/28 14:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/20 20:38:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\MPK
[2011/03/20 19:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab 8
[2011/03/20 19:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\DVDFab 8
[2011/03/16 13:07:52 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2011/03/16 13:07:43 | 000,313,288 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2011/03/16 13:07:43 | 000,152,960 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2011/03/16 13:07:43 | 000,088,544 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2011/03/16 13:07:43 | 000,084,264 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2011/03/16 13:07:43 | 000,084,072 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2011/03/16 13:07:43 | 000,055,840 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2011/03/16 13:07:43 | 000,052,104 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2011/03/16 13:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/03/16 12:42:35 | 000,141,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2011/03/16 10:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\Start Menu\Programs\Google Chrome
[2011/03/16 08:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/03/15 12:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Random Password Generator
[2011/03/15 11:40:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2011/03/15 11:40:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2011/03/15 11:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011/03/15 11:40:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2011/03/15 11:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 3
[2011/03/15 11:32:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Security 360
[2011/03/15 11:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 2
[2011/03/15 09:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\Start Menu\Programs\Revo Uninstaller
[2011/03/15 09:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2008/08/03 06:35:11 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Anthony\Application Data\pcouffin.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Anthony\My Documents\*.tmp files -> C:\Documents and Settings\Anthony\My Documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/04/13 13:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4EAE61CE-8382-402C-94F2-B999F22D1D21}.job
[2011/04/13 13:46:49 | 000,000,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/04/13 13:46:08 | 000,000,007 | ---- | M] () -- C:\WINDOWS\treeskp.sys
[2011/04/13 13:46:08 | 000,000,007 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2011/04/13 13:43:55 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2011/04/13 13:43:54 | 000,249,406 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/04/13 13:43:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/13 13:43:37 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/04/13 13:43:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/13 13:43:24 | 1005,047,808 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/13 11:34:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anthony\Desktop\OTL.exe
[2011/04/13 10:33:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-839522115-1004Core.job
[2011/04/12 19:00:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011/04/11 23:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/09 19:53:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/07 10:08:55 | 000,127,338 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\DaniLopesMgs..wmv
[2011/04/06 14:47:36 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2011/04/06 14:47:36 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2011/04/06 14:47:36 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2011/04/06 14:47:34 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2011/04/06 14:47:34 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2011/04/06 14:47:34 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2011/04/06 14:47:32 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2011/04/06 14:47:32 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
[2011/04/06 14:47:32 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2011/04/06 14:47:32 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2011/04/06 14:47:32 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2011/04/06 14:47:30 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2011/04/05 16:22:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/05 14:48:22 | 001,054,803 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\ChannelGuide.pdf
[2011/04/05 11:16:59 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/04 15:54:09 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/04 15:54:08 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/04/04 09:55:47 | 008,565,804 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\Hidden Mast.wmv
[2011/04/03 07:35:01 | 000,184,064 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\Naugatuck Parent School Council Panel Discussion 2011.pdf
[2011/03/28 07:34:02 | 000,009,764 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\2.jpg
[2011/03/27 07:25:34 | 000,064,641 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\parent conference.pdf
[2011/03/26 03:24:59 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\Google Chrome.lnk
[2011/03/26 03:24:59 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/20 20:38:08 | 000,000,587 | ---- | M] () -- C:\WINDOWS\System32\runrefog.lnk
[2011/03/20 20:38:08 | 000,000,587 | ---- | M] () -- C:\WINDOWS\System32\runkgb.lnk
[2011/03/18 12:01:22 | 000,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/18 12:01:22 | 000,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/17 10:28:09 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Anthony\Start Menu\Programs\Startup\Webshots.lnk
[2011/03/16 13:01:26 | 000,439,239 | ---- | M] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\census.cache
[2011/03/16 12:59:35 | 000,251,478 | ---- | M] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\ars.cache
[2011/03/16 11:58:41 | 000,001,538 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\McAfee Virtual Technician.lnk
[2011/03/16 09:59:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/15 11:48:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Anthony\My Documents\*.tmp files -> C:\Documents and Settings\Anthony\My Documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/04/13 13:46:49 | 000,000,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/04/09 07:25:16 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2011/04/07 10:09:00 | 000,127,338 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\DaniLopesMgs..wmv
[2011/04/05 14:48:23 | 001,054,803 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\ChannelGuide.pdf
[2011/04/04 15:54:08 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/04 09:55:20 | 008,565,804 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\Hidden Mast.wmv
[2011/04/03 07:35:06 | 000,184,064 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\Naugatuck Parent School Council Panel Discussion 2011.pdf
[2011/03/28 07:34:06 | 000,009,764 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\2.jpg
[2011/03/27 07:25:35 | 000,064,641 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\parent conference.pdf
[2011/03/16 13:01:26 | 000,439,239 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\census.cache
[2011/03/16 12:59:35 | 000,251,478 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\ars.cache
[2011/03/16 10:31:02 | 000,002,302 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\Google Chrome.lnk
[2011/03/16 10:31:02 | 000,002,280 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/16 10:28:14 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-839522115-1004Core.job
[2011/03/16 07:00:26 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk
[2011/03/15 22:19:33 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/15 11:47:10 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/03/15 11:47:09 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/03/15 11:26:55 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/03/15 11:26:03 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/15 11:26:03 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/03/08 23:21:02 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/11/10 10:59:57 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/11/01 18:32:47 | 000,353,062 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\farm.bmp
[2010/10/27 22:59:53 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\settings.dat
[2010/10/27 21:34:45 | 000,005,052 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gtxhlulu.rrk
[2010/09/13 09:47:44 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2010/07/15 20:45:44 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/07/11 13:31:16 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010/06/15 12:08:06 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\housecall.guid.cache
[2010/03/30 11:55:19 | 000,000,007 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2009/12/26 08:24:14 | 000,000,073 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2009/09/27 17:12:22 | 001,604,482 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/14 05:59:34 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/08/25 21:04:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVEdit.INI
[2009/08/18 21:58:28 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\trc.dll
[2009/08/18 21:57:08 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/08/18 21:56:33 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\mp3dec.dll
[2009/08/18 21:56:33 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\IcdSptSvps.dll
[2009/08/18 21:56:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dsp_trc.dll
[2009/05/26 17:38:12 | 000,026,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/03/15 11:03:58 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/02/25 13:11:34 | 000,026,076 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/02/14 13:56:19 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2009/02/14 13:56:19 | 000,000,101 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2009/01/30 21:11:00 | 000,000,077 | ---- | C] () -- C:\WINDOWS\KA.INI
[2008/12/02 16:53:49 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2008/12/02 16:53:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2008/12/02 16:50:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbuvs.dll
[2008/11/18 10:46:33 | 000,007,382 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2008/11/14 13:37:20 | 010,920,000 | --S- | C] () -- C:\WINDOWS\System32\FotkiThumbDB.dat
[2008/11/14 13:37:20 | 000,000,000 | --S- | C] () -- C:\WINDOWS\System32\FotkiUploadThumbDB.dat
[2008/11/04 14:15:12 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/10/27 06:59:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/10/18 11:50:31 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2008/10/08 17:31:03 | 000,000,113 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/17 13:36:22 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008/09/17 13:36:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008/09/17 13:36:20 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008/09/17 13:36:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2008/09/02 18:23:09 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/09/01 16:45:53 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\fusioncache.dat
[2008/09/01 15:29:26 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/09/01 10:13:07 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\srkey.exe
[2008/08/14 22:48:09 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/11 21:55:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/10 11:43:01 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2008/08/10 11:42:55 | 000,065,024 | ---- | C] () -- C:\WINDOWS\IFinst26.exe
[2008/08/08 07:18:09 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/03 06:42:57 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftcun2k.ini
[2008/08/03 06:42:57 | 000,000,092 | ---- | C] () -- C:\WINDOWS\ftcun2k.ini
[2008/08/03 06:42:57 | 000,000,090 | ---- | C] () -- C:\WINDOWS\ftdiun2k.ini
[2008/08/03 06:42:56 | 000,000,090 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/08/03 06:35:11 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\inst.exe
[2008/08/03 06:35:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\pcouffin.cat
[2008/08/03 06:35:11 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\pcouffin.inf
[2008/08/03 06:18:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/08/02 19:59:02 | 000,006,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ypinfo.bin
[2008/08/02 18:35:19 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2008/08/02 18:25:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/02 18:20:38 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/02 14:13:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/02 14:12:04 | 000,123,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/12/05 02:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,441,432 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,071,176 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/02/09 15:18:18 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/11 16:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2008/09/02 18:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2011/03/15 12:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/04/13 13:43:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\MPK
[2008/11/15 12:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/02/17 19:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/01/10 07:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\scar5
[2009/12/14 10:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint
[2011/04/13 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/01/31 09:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2011/03/13 19:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/10/12 17:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/05/21 00:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ukprfree
[2008/11/04 14:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2011/03/04 11:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/06/21 18:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE
[2008/11/18 10:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2009/03/21 14:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/12/13 12:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/07 15:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/18 16:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/12/14 06:51:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/02/13 01:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\AGI
[2008/09/19 23:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Auslogics
[2009/06/19 08:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Bytemobile
[2010/07/21 07:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\CBS Interactive
[2011/04/13 06:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\CyberDefender
[2008/11/12 23:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\DataCast
[2011/01/10 22:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\dtband
[2008/08/06 21:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\DVDFab
[2010/12/15 06:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Error Fix
[2010/03/08 11:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\FKRMonitor
[2009/02/21 16:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\FLVPlayer4Free
[2008/11/15 10:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\FotkiDesktop
[2010/11/10 10:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\GetRightToGo
[2008/11/03 08:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\GlarySoft
[2011/04/11 20:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\IObit
[2009/12/14 10:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\MSNInstaller
[2010/12/14 23:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\PCHC
[2009/02/16 21:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\pdf995
[2011/01/10 07:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Photozig Albums
[2011/03/13 19:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Registry Mechanic
[2008/09/04 21:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\RipIt4Me
[2008/08/08 07:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\scar5
[2008/08/10 19:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Sirius
[2010/07/01 22:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Software Informer
[2011/04/11 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\somototoolbar
[2011/01/31 09:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\TaxCut
[2011/04/11 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\TeamViewer
[2008/10/12 17:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\TomTom
[2010/01/07 14:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Utherverse
[2009/09/14 05:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\vghd
[2010/11/09 22:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Vso
[2008/08/06 05:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\WeatherBug
[2008/08/05 22:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Webshots
[2009/06/19 11:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\Bytemobile
[2011/01/11 18:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\dtband
[2009/03/24 10:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\FloodLightGames
[2009/01/31 15:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\IObit
[2011/04/11 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\MYPOINTS
[2011/04/11 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\somototoolbar
[2011/03/15 04:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\Sony Online Entertainment
[2009/06/19 11:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\Sprint
[2009/12/12 20:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\Unity
[2010/02/24 21:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cristopher & Adam\Application Data\Webshots
[2009/06/20 12:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\Bytemobile
[2011/01/13 22:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\dtband
[2009/10/21 18:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\FLVPlayer4Free
[2008/11/07 15:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\IObit
[2010/12/23 00:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\LimeWire
[2011/04/11 20:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\MYPOINTS
[2009/12/14 19:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\Sirius
[2011/04/12 18:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\somototoolbar
[2009/06/20 12:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\Sprint
[2009/04/04 18:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\Ubisoft
[2010/02/08 21:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerald\Application Data\Webshots
[2011/01/26 14:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jami\Application Data\dtband
[2011/04/11 20:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jami\Application Data\somototoolbar
[2010/02/17 16:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jami\Application Data\Webshots
[2009/06/19 08:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Bytemobile
[2011/02/12 12:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/01/21 10:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\dtband
[2010/07/11 13:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\pdf995
[2011/04/11 20:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\somototoolbar
[2010/02/04 11:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Webshots
[2009/06/19 10:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Bytemobile
[2011/04/11 23:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/09/13 13:09:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
[2011/04/12 19:00:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2011/04/13 13:43:37 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2011/04/13 13:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4EAE61CE-8382-402C-94F2-B999F22D1D21}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55F44B88
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F1DEA771
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >