Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Clean?

Started by kazzman , Jun 26 2009 08:03 PM

  • Please log in to reply

#1
kazzman
Posted 26 June 2009 - 08:03 PM

kazzman

    Member

  • Member
  • PipPip
  • 46 posts
Hi, I wanted to get some help in the vista section but wanted to be sure that I don't have any virus on my system before that. I posted all of the logs below, let me know how it looks. Thanks, you guys are the best!! :)



Malwarebytes' Anti-Malware 1.38
Database version: 2339
Windows 6.0.6001 Service Pack 1

6/26/2009 7:01:30 PM
mbam-log-2009-06-26 (19-01-30).txt

Scan type: Quick Scan
Objects scanned: 87166
Time elapsed: 3 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




-----------
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6001) Service Pack 1
[32_bits] - x86 Family 16 Model 2 Stepping 2, AuthenticAMD
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Disabled !
User Account Control (UAC) -> Enabled
.
Internet Explorer 8.0.6001.18783
.
C:\ [Fixed-NTFS] .. ( Total:287 Go - Free:0 Go )
D:\ [Fixed-NTFS] .. ( Total:10 Go - Free:4 Go )
E:\ [CD_Rom]
F:\ [CD_Rom]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [Removable]
K:\ [Fixed-NTFS] .. ( Total:149 Go - Free:0 Go )
.
Scan : 18:43.03
Path : C:\Users\Brannon\Desktop\Rooter.exe
User : Brannon ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (564)
______ C:\Windows\system32\csrss.exe (632)
______ C:\Windows\system32\csrss.exe (680)
______ C:\Windows\system32\wininit.exe (688)
______ C:\Windows\system32\winlogon.exe (728)
______ C:\Windows\system32\services.exe (768)
______ C:\Windows\system32\lsass.exe (780)
______ C:\Windows\system32\lsm.exe (788)
______ C:\Windows\system32\svchost.exe (944)
______ C:\Windows\system32\nvvsvc.exe (988)
______ C:\Windows\system32\svchost.exe (1016)
______ C:\Windows\System32\svchost.exe (1180)
______ C:\Windows\System32\svchost.exe (1208)
______ C:\Windows\system32\svchost.exe (1220)
Locked audiodg.exe (1308)
______ C:\Windows\system32\svchost.exe (1328)
______ C:\Windows\system32\SLsvc.exe (1344)
______ C:\Windows\system32\svchost.exe (1376)
______ C:\Windows\system32\rundll32.exe (1516)
______ C:\Windows\system32\svchost.exe (1532)
______ C:\Windows\System32\spoolsv.exe (1804)
______ C:\Windows\system32\svchost.exe (1828)
______ C:\Windows\system32\Dwm.exe (1108)
______ C:\Windows\system32\taskeng.exe (1216)
______ C:\Windows\system32\taskeng.exe (1524)
______ C:\Windows\Explorer.EXE (1620)
______ C:\Program Files\Google\Update\GoogleUpdate.exe (1668)
______ C:\Windows\system32\agrsmsvc.exe (1948)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (892)
______ C:\Program Files\Bonjour\mDNSResponder.exe (2080)
______ C:\Windows\system32\cmd.exe (2340)
______ C:\Program Files\Autodesk\MentalRayStandalone3.6.1\bin\rayserver.exe (2352)
______ C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (2376)
______ C:\Windows\system32\svchost.exe (2468)
______ C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (2488)
______ C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (3008)
______ C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (3028)
______ C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (3124)
______ C:\Windows\system32\svchost.exe (3152)
______ C:\Windows\System32\svchost.exe (3200)
______ C:\Windows\system32\SearchIndexer.exe (3268)
______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (3344)
______ C:\Windows\system32\WUDFHost.exe (3508)
______ C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (292)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (3800)
______ C:\Windows\ehome\ehtray.exe (3052)
______ C:\Program Files\Windows Media Player\wmpnetwk.exe (916)
______ C:\Windows\ehome\ehmsas.exe (1104)
______ C:\Program Files\Internet Explorer\IEXPLORE.EXE (3672)
______ C:\Program Files\Internet Explorer\IEXPLORE.EXE (2452)
______ C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (576)
______ C:\Program Files\Internet Explorer\IEXPLORE.EXE (4396)
______ C:\Program Files\Internet Explorer\IEXPLORE.EXE (5304)
______ C:\Windows\system32\msiexec.exe (5252)
______ C:\Windows\servicing\TrustedInstaller.exe (1140)
______ C:\Windows\System32\svchost.exe (6140)
______ C:\Windows\system32\SearchProtocolHost.exe (6108)
______ C:\Windows\system32\SearchFilterHost.exe (3456)
______ C:\Users\Brannon\Desktop\Rooter.exe (5348)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:11753892864)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:11753925120 | Length:308316395520)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Google Software Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachine.job
C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Brannon.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{4FCE263C-8A77-4AD2-A37D-4E937D7B682B}.job
C:\Windows\Tasks\User_Feed_Synchronization-{F20E71C0-96AC-40A7-AC00-091AA4E421DF}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\Users\Brannon\AppData\Roaming\uTorrent\Acoustica Mixcraft 4.1 Build 88 cracked.rar.1.torrent
C:\Users\Brannon\AppData\Roaming\uTorrent\Acoustica Mixcraft 4.1 Build 88 cracked.rar.torrent
C:\Users\Brannon\AppData\Roaming\uTorrent\Acoustica Mixcraft 4.2 98 _crack.exe.torrent
C:\Users\Brannon\AppData\Roaming\uTorrent\power iso 3.2+crack.rar.torrent
C:\Users\Brannon\Documents\AUTO ROBOT\Maya 2008 Unlimited & RenderMan Studio & Server Pro\PIXAR RENDERMAN STUDIO 1.0 & RENDERMAN PRO SERVER 13.5\pixarrmsrms\pixar_win32\Crack\Pixar-crack-win32.rar
C:\Users\Brannon\Documents\AUTO ROBOT\Maya 2008 Unlimited & RenderMan Studio & Server Pro\Pixar's RenderMan\Renderman Studio 1.0.1 & Renderman Pro Server 13.5.2\Pixar\Crack\Pixar-crack-win32.rar
C:\Users\Brannon\Documents\BOUJOU\b4\BOUJ444444\2D3_BOUJOU_V4.0.1-XFORCE\Crack\boujou_4.0.1-crack.rar
C:\Users\Brannon\Documents\BOUJOU\b4\BOUJ444444\2D3_BOUJOU_V4.0.1-XFORCE\UNRARED\Crack\boujou_4.0.1-crack.rar
C:\Users\Brannon\Documents\Downloads\WINZIP PRO v11.0.7313\Crack\keygen.exe
==> Cracks & Keygens <==
.
----------------------\\ Scan completed at 18:43.11
.
C:\Rooter$\Rooter_2.txt - (26/06/2009 | 18:43.11).c
--------------------------------------------------------



----------

OTL Extras logfile created on: 6/26/2009 6:48:16 PM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Users\Brannon\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 90.11% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.14 Gb Total Space | 0.66 Gb Free Space | 0.23% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 4.78 Gb Free Space | 43.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 149.05 Gb Total Space | 0.23 Gb Free Space | 0.16% Space Free | Partition Type: NTFS

Computer Name: BRANNON-PC
Current User Name: Brannon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0AF122B4-4580-47BA-A868-8994D6648320}" = Autodesk Concrete Building Structures
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Copy
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{2920A6EA-D104-415E-A5DA-51573F6112FF}" = Autodesk Concrete Building Structures
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F4E6617-2AE6-43A0-91F5-6B7465467665}" = Autodesk Concrete Building Structures
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{50856A49-9717-490D-AAF9-3893370C500F}" = Canon Utilities CONSOLE 1.1
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{537F8519-8698-445D-9DF1-4E4AFC6F98A8}" = Autodesk ImageModeler 2009
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{58F36CF2-EADD-443D-AD66-923F16B3C92E}" = Autodesk Concrete Building Structures 2010
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}" = Maya 2008 Documentation (en_US)
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75BD1A4C-8825-4694-8A7B-F7B883D616A1}" = mental ray Standalone 3.6.1 for Autodesk Maya 2008 (32 bit)
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7CB1E63B-C999-4D17-8133-E138F41D9ECF}" = BlackBerry Desktop Software 4.6
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D419BFA-1A0F-4EEA-946A-A9C67AF2D0BE}" = ImageModeler2009 AdLM
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B561F0D9-32FA-4F04-A336-317EB3897D2A}" = Steinberg Cubase AI 4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}" = Autodesk DirectConnect 2.0
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}" = Maya 2008
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{de2f2d9c-53e2-40ee-8209-74da63cb060e}" = Python 3.0.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E9388CB2-9B1E-46E4-9CCA-C08DFA67133D}" = Autodesk Concrete Building Structures
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EBFE81A5-1C98-434E-ADA4-7C1CA9478A78}" = mental ray Standalone 3.6.1 Licensing for Autodesk Maya 2008
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2BE7620-398B-4022-A673-2EFC64C830C3}" = Autodesk Concrete Building Structures
"{F6377647-81AF-41C0-BC7E-06CF37E204AB}" = Roxio Media Manager
"{F9FBBFFE-5CFD-3271-B127-C2326D796F94}" = Google Gears
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"AC3Filter" = AC3Filter (remove only)
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 4.1" = Acoustica Mixcraft 4.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Applian FLV Player2.0.24" = Applian FLV Player
"ASIO4ALL" = ASIO4ALL
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"AudioLabel" = AudioLabel
"Autodesk FBX Plug-in 2010.0.2 - Maya 2008" = Autodesk FBX Plug-in 2010.0.2 - Maya 2008
"BlackBerry_{7CB1E63B-C999-4D17-8133-E138F41D9ECF}" = BlackBerry Desktop Software 4.6
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CurseClient" = Curse Client
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FlashLynx" = FlashLynx Video Download Software
"Free YouTube Download_is1" = Free YouTube Download 2.2
"FrostWire" = FrostWire 4.18.0
"FXhome VisionLab Studio" = FXhome VisionLab Studio (remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HASP HL Device Driver" = HASP HL Device Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{50856A49-9717-490D-AAF9-3893370C500F}" = Canon Utilities CONSOLE 1.1
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.4.5 Full
"LightWave 3D 9.5 9.5" = LightWave 3D 9.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maps Download_is1" = MapsDownload 1.01
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"My Screen Recorder Pro_is1" = My Screen Recorder Pro 2.67
"NIS" = Norton Internet Security
"Nuke 5.1v5_is1" = Nuke 5.1v5
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PowerISO" = PowerISO
"Prism" = Prism Video Converter
"Satellite Images Download Setup" = Satellite Images Download Setup
"Syncrosoft License Control" = Syncrosoft License Control
"TVEpaDrv" = KWorld USB 2860 Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Maps Downloader_is1" = Universal Maps Downloader 4.6
"Vue 7 Infinite RenderCow" = Vue 7 Infinite RenderCow
"Vue 7 xStream 32bit" = Vue 7 xStream 32bit
"WildTangent gateway Master Uninstall" = Gateway Games
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"World of Warcraft" = World of Warcraft
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/19/2009 12:05:53 AM | Computer Name = Brannon-PC | Source = Application Hang | ID = 1002
Description = The program Adobe Premiere Pro.exe version 3.2.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1654 Start Time: 01c9f06f23101416 Termination Time: 413

Error - 6/19/2009 12:09:56 AM | Computer Name = Brannon-PC | Source = SPM_syslog | ID = 4100
Description = SPM_ERROR (C:\Windows\system32\spm\spmd.exe): Can't get display name
for service: "SPM License Server" (The specified service does not exist as an
installed service.)

Error - 6/19/2009 12:10:38 AM | Computer Name = Brannon-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/19/2009 1:12:39 AM | Computer Name = Brannon-PC | Source = Application Error | ID = 1000
Description = Faulting application maya.exe, version 2007.8.2.2245, time stamp 0x46b2ff70,
faulting module kernel32.dll, version 6.0.6001.18215, time stamp 0x49953395, exception
code 0xe06d7363, fault offset 0x000442eb, process id 0xe8c, application start time
0x01c9f09a5d9fd104.

Error - 6/19/2009 2:21:42 AM | Computer Name = Brannon-PC | Source = Application Hang | ID = 1002
Description = The program maya.exe version 2007.8.2.2245 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1110 Start Time: 01c9f0a49cb5a4a4 Termination Time: 218

Error - 6/19/2009 2:25:16 AM | Computer Name = Brannon-PC | Source = SPM_syslog | ID = 4100
Description = SPM_ERROR (C:\Windows\system32\spm\spmd.exe): Can't get display name
for service: "SPM License Server" (The specified service does not exist as an
installed service.)

Error - 6/19/2009 2:25:58 AM | Computer Name = Brannon-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/19/2009 2:46:41 AM | Computer Name = Brannon-PC | Source = Application Hang | ID = 1002
Description = The program maya.exe version 2007.8.2.2245 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 7fc Start Time: 01c9f0a850bb45b8 Termination Time: 94

Error - 6/19/2009 3:16:48 AM | Computer Name = Brannon-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 6/19/2009 7:36:53 AM | Computer Name = Brannon-PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 6/3/2008 6:05:51 AM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/8/2008 1:14:23 PM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/28/2008 7:53:26 AM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/27/2008 7:45:38 PM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/29/2009 10:34:29 PM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/20/2009 11:40:21 PM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/11/2009 8:18:09 PM | Computer Name = Brannon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 11/27/2008 7:08:07 AM | Computer Name = Brannon-PC | Source = HTTP | ID = 15016
Description =


< End of report >


-------------
OTL logfile created on: 6/26/2009 6:48:16 PM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Users\Brannon\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 90.11% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.14 Gb Total Space | 0.66 Gb Free Space | 0.23% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 4.78 Gb Free Space | 43.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 149.05 Gb Total Space | 0.23 Gb Free Space | 0.16% Space Free | Partition Type: NTFS

Computer Name: BRANNON-PC
Current User Name: Brannon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files\Autodesk\MentalRayStandalone3.6.1\bin\rayserver.exe ()
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
PRC - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
PRC - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Users\Brannon\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe Version Cue CS3 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (AgereModemAudio [Auto | Running]) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (gupdate1c9bd677bfbf663 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (MAYAMR361 [Auto | Running]) -- C:\Program Files\Autodesk\MentalRayStandalone3.6.1\bin\rayservice.bat ()
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Norton Internet Security [Auto | Running]) -- C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
SRV - (nvsvc [Auto | Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PrismXL [Auto | Running]) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9 [Auto | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (SentinelKeysServer [Auto | Running]) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (SentinelProtectionServer [Auto | Running]) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SPMLM [Auto | Stopped]) -- C:\Windows\System32\spm\spmd.exe (mental images GmbH)
SRV - (StarWindServiceAE [Auto | Running]) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (Symantec RemoteAssist [On_Demand | Stopped]) -- File not found
SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (ACCSKMD [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\accskmd.sys (Canon Inc)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (AgereSoftModem [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (ASPI32 [System | Running]) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (BHDrvx86 [System | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys (Symantec Corporation)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (ccHP [System | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys (Symantec Corporation)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Hardlock [Auto | Running]) -- C:\Windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (IDSVix86 [System | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090618.002\IDSvix86.sys (Symantec Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (MSDV [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090626.016\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090626.016\NAVEX15.SYS (Symantec Corporation)
DRV - (NETw2v32 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\NETw2v32.sys (Intel® Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Boot | Running]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (nvstor32 [Boot | Running]) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\Windows\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (RTSTOR [On_Demand | Running]) -- C:\Windows\System32\drivers\RTSTOR.SYS (Realtek Semiconductor Corp.)
DRV - (SASDIFSV [System | Running]) -- K:\spywareblaster\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- K:\spywareblaster\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- K:\spywareblaster\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SCDEmu [System | Running]) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Sentinel [Auto | Running]) -- C:\Windows\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (sptd [Boot | Running]) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SRTSP [System | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\Windows\System32\drivers\NIS\1005000.087\SRTSPX.SYS (Symantec Corporation)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (SymEFA [Boot | Running]) -- C:\Windows\system32\drivers\NIS\1005000.087\SYMEFA.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS (Symantec Corporation)
DRV - (SymIM [System | Running]) -- C:\Windows\System32\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMTDI.SYS (Symantec Corporation)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (SynasUSB [On_Demand | Stopped]) -- C:\Windows\System32\drivers\SynasUSB.sys (SIA Syncrosoft)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (USB28xxBGA [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\emOEM.sys (eMPIA Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vvcr [On_Demand | Stopped]) -- C:\Windows\System32\drivers\vvcr.sys (Canon Inc. All rights reserved)
DRV - (yukonwlh [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...TP&M=GT5670
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: - Reg Error: Key error. File not found
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 03:01:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/06/19 21:38:29 | 00,000,000 | ---D | M]


O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS3\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Windows\System32\BAE.dll (Gateway Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS3\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\launcher.exe (soft thinks)
O4 - Startup: C:\Users\Brannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: ketsujin.com ([fighterace] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ketsujin.com ([primary] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ketsujin.com ([update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ketsujin.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: stormofaces.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} http://www.cyberlink...LVistaGenie.cab (CLVistaGenie Control)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer....l/installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.75.160.63 66.75.160.64
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - K:\spywareblaster\SASWINLO.dll - K:\spywareblaster\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - K:\spywareblaster\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/08 20:55:40 | 00,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - File not found - -- [ NTFS ]
O32 - AutoRun File - [2009/03/11 15:22:42 | 00,341,520 | -H-- | M] (Ceedo Technologies Ltd.) - K:\AutoDetect.exe -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 23:36:12 | 00,000,000 | ---D | M] - K:\AUTOMOBILES -- [ NTFS ]
O32 - AutoRun File - [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.) - K:\Autorun.exe -- [ NTFS ]
O32 - AutoRun File - [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.) - K:\Autorun.exe -- [ NTFS ]
O32 - AutoRun File - [2009/04/30 16:46:38 | 00,000,774 | -H-- | M] () - K:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{16276fd1-1ed1-11dd-94e5-001e902426d2}\Shell\AutoRun\command - "" = K:\Autorun.exe -- [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.)
O33 - MountPoints2\{16276fd1-1ed1-11dd-94e5-001e902426d2}\Shell\Shell00\Command - "" = K:\Autorun.exe -- [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.)
O33 - MountPoints2\{16276fd1-1ed1-11dd-94e5-001e902426d2}\Shell\Shell01\Command - "" = K:\Autorun.exe -- [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.)
O33 - MountPoints2\{16276fd1-1ed1-11dd-94e5-001e902426d2}\Shell\Shell02\Command - "" = K:\Autorun.exe -- [2009/03/11 15:22:38 | 00,435,728 | ---- | M] (Ceedo Technologies Ltd.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/06/26 18:45:47 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Brannon\Desktop\OTL.exe
[2009/06/26 18:45:35 | 00,007,192 | ---- | C] () -- C:\Users\Brannon\Desktop\scans.rtf
[2009/06/26 18:41:39 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/26 18:13:36 | 00,173,119 | ---- | C] (Eric_71) -- C:\Users\Brannon\Desktop\Rooter.exe
[2009/06/26 12:31:25 | 00,000,913 | ---- | C] () -- C:\Users\Brannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/06/26 12:31:20 | 00,000,714 | ---- | C] () -- C:\Users\Brannon\Desktop\ERUNT.lnk
[2009/06/26 12:27:46 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Brannon\Desktop\SysRestorePoint.exe
[2009/06/25 20:43:42 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\scripts
[2009/06/25 20:32:41 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\AUDIO FOR FILM
[2009/06/24 22:32:35 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\mustang
[2009/06/24 16:36:07 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\satellite pics
[2009/06/24 16:34:46 | 00,054,363 | ---- | C] () -- C:\Users\Brannon\Documents\satellite pics.jpg
[2009/06/24 15:44:09 | 00,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/06/24 15:43:54 | 00,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/06/24 15:43:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2009/06/24 15:43:00 | 00,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2009/06/24 14:50:25 | 00,001,558 | ---- | C] () -- C:\Users\Brannon\Desktop\SatID.lnk
[2009/06/24 14:50:25 | 00,000,000 | ---D | C] -- C:\Program Files\SatID
[2009/06/24 14:46:11 | 00,000,000 | ---D | C] -- C:\umdtask
[2009/06/24 14:40:53 | 00,000,690 | ---- | C] () -- C:\Users\Brannon\Desktop\Universal Maps Downloader.lnk
[2009/06/24 14:40:53 | 00,000,000 | ---D | C] -- C:\Program Files\umd
[2009/06/24 14:38:30 | 00,001,736 | ---- | C] () -- C:\Users\Brannon\Desktop\MapsDownload.lnk
[2009/06/24 14:38:29 | 00,000,000 | ---D | C] -- C:\Program Files\MapsDownload
[2009/06/24 13:48:17 | 00,000,000 | ---D | C] -- C:\Adobe Footage02
[2009/06/23 20:22:39 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\hermshair
[2009/06/23 19:45:19 | 00,001,032 | ---- | C] () -- C:\Users\Brannon\Desktop\DVDVideoSoft Free Studio.lnk
[2009/06/23 19:45:18 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2009/06/23 19:45:18 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\DVDVideoSoft
[2009/06/23 19:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2009/06/23 19:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2009/06/20 18:20:49 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\VFX REEL
[2009/06/20 12:50:31 | 00,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2009/06/19 23:28:26 | 00,000,806 | ---- | C] () -- C:\Users\Brannon\Desktop\Nuke 5.1v5 (32 bit).lnk
[2009/06/19 23:26:22 | 00,000,000 | ---D | C] -- C:\Program Files\The Foundry
[2009/06/19 23:26:22 | 00,000,000 | ---D | C] -- C:\Program Files\Nuke5.1v5
[2009/06/19 22:29:15 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\NUKE
[2009/06/18 15:17:21 | 00,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/06/18 15:02:40 | 00,000,427 | ---- | C] () -- C:\Windows\System32\QuickTimeFavorites.qtr
[2009/06/18 14:47:35 | 00,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2009/06/18 14:47:35 | 00,008,633 | ---- | C] () -- C:\Windows\System32\QuickTime.qtp
[2009/06/18 14:47:35 | 00,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2009/06/18 14:15:30 | 00,000,000 | ---D | C] -- C:\ProgramData\QuickTime
[2009/06/17 18:18:32 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\Craft Animations
[2009/06/17 18:12:32 | 00,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2009/06/17 18:12:32 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/06/17 17:15:30 | 00,000,000 | ---D | C] -- C:\Program Files\Craft Animations
[2009/06/17 15:05:45 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\MODELS CARS APARTMENTS
[2009/06/17 13:35:37 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\MODELS AIRCRAFTS
[2009/06/17 13:07:30 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\Deep Exploration
[2009/06/17 12:47:44 | 00,000,000 | ---D | C] -- C:\ProgramData\3DVIA
[2009/06/17 12:47:41 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2009/06/17 12:47:40 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2009/06/17 12:47:28 | 00,000,000 | ---D | C] -- C:\Program Files\Virtools
[2009/06/17 12:39:24 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\MODELS
[2009/06/17 11:26:14 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\facial animation toolset
[2009/06/16 16:23:52 | 00,102,400 | ---- | C] (TechSmith Corporation) -- C:\Windows\System32\tsccvid.dll
[2009/06/14 15:11:50 | 00,000,000 | ---D | C] -- C:\Python30
[2009/06/14 11:23:55 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Blender Foundation
[2009/06/14 11:17:31 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\Blender Installed
[2009/06/14 06:16:53 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/06/14 06:16:53 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/06/14 06:16:53 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/06/14 06:16:53 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/06/14 06:16:52 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/06/12 18:55:46 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\CUBASE
[2009/06/12 18:49:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Steinberg
[2009/06/12 18:49:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Steinberg
[2009/06/12 18:48:13 | 00,001,970 | ---- | C] () -- C:\Users\Brannon\Desktop\Cubase AI 4.lnk
[2009/06/12 18:47:54 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Steinberg
[2009/06/12 18:47:54 | 00,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2009/06/12 18:47:26 | 00,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2009/06/12 18:47:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Syncrosoft
[2009/06/12 18:47:22 | 00,147,425 | ---- | C] () -- C:\Windows\System32\SYNSOACC-Aide.chm
[2009/06/12 18:47:22 | 00,120,468 | ---- | C] () -- C:\Windows\System32\SYNSOACC-Hilfe.chm
[2009/06/12 18:47:22 | 00,114,279 | ---- | C] () -- C:\Windows\System32\SYNSOACC-Help.chm
[2009/06/12 18:47:05 | 00,018,432 | ---- | C] (SIA Syncrosoft) -- C:\Windows\System32\drivers\synasUSB.sys
[2009/06/12 18:44:50 | 00,045,056 | ---- | C] (SIA Syncrosoft) -- C:\Windows\System32\Synsopos.exe
[2009/06/12 18:44:48 | 00,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2009/06/12 18:44:24 | 00,147,456 | ---- | C] (SIA Syncrosoft) -- C:\Windows\System32\SynsoLChk.dll
[2009/06/12 18:44:18 | 00,765,952 | ---- | C] (SIA Syncrosoft) -- C:\Windows\System32\SYNSOACC.dll
[2009/06/12 18:44:16 | 00,000,000 | ---D | C] -- C:\Program Files\Syncrosoft
[2009/06/10 21:36:39 | 05,936,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/06/10 21:36:38 | 11,064,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/06/10 21:36:37 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/06/10 21:36:37 | 01,207,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/06/10 21:36:37 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/06/10 21:36:37 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/06/10 21:36:36 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/06/10 21:36:36 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/06/10 21:36:35 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/06/10 21:36:35 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/06/10 21:36:35 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/06/10 21:36:35 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/06/10 21:36:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/06/10 20:10:24 | 00,001,186 | ---- | C] () -- C:\Users\Brannon\Desktop\Adobe After Effects CS3.lnk
[2009/06/10 20:01:07 | 02,033,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/06/10 19:55:06 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/06/10 19:55:02 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/06/10 12:33:57 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\itunes
[2009/06/09 18:23:20 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\after effects training
[2009/06/09 13:12:07 | 00,001,994 | ---- | C] () -- C:\Users\Brannon\Desktop\boujou 4.lnk
[2009/06/08 22:43:01 | 00,000,000 | ---D | C] -- C:\Program Files\2d3
[2009/06/08 22:42:32 | 02,164,411 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\haspds_windows.dll
[2009/06/08 22:42:32 | 00,164,864 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2009/06/08 22:42:32 | 00,024,576 | ---- | C] () -- C:\Windows\System32\hdsuinst.exe
[2009/06/08 21:41:58 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Thinstall
[2009/06/08 21:27:19 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\MAYA ULTIMATE TRAINING
[2009/06/08 21:04:52 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\BOUJOU
[2009/06/04 14:53:37 | 00,008,614 | ---- | C] () -- C:\Users\Brannon\Desktop\11.jpg
[2009/06/03 19:47:03 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Uberware
[2009/06/03 19:47:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Uberware
[2009/06/02 10:33:33 | 00,000,782 | ---- | C] () -- C:\Users\Brannon\Desktop\FrostWire 4.18.0.lnk
[2009/06/02 10:32:37 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Mozilla
[2009/06/02 10:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/06/02 10:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/05/31 16:47:58 | 00,000,000 | ---D | C] -- C:\Scenes
[2009/05/31 16:47:58 | 00,000,000 | ---D | C] -- C:\radiositycache
[2009/05/30 15:19:38 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Roxio
[2009/05/30 14:59:50 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Blackberry Desktop
[2009/05/30 14:58:58 | 00,000,000 | ---D | C] -- C:\Users\Brannon\Documents\blackberry backups
[2009/05/30 14:50:00 | 00,000,000 | ---D | C] -- C:\Users\Brannon\AppData\Roaming\Research In Motion
[2009/05/30 12:00:39 | 00,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2009/05/30 12:00:34 | 00,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2009/05/30 11:57:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2009/05/30 11:57:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2009/05/30 11:57:39 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio
[2009/05/30 11:57:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/05/30 11:49:52 | 00,026,496 | ---- | C] (Research in Motion Ltd) -- C:\Windows\System32\drivers\RimSerial.sys
[2009/05/30 11:49:02 | 00,001,933 | ---- | C] () -- C:\Users\Brannon\Desktop\Desktop Manager.lnk
[2009/05/30 11:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2009/05/30 11:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/05/28 13:52:22 | 00,000,460 | ---- | C] () -- C:\Users\Brannon\Desktop\maya - Shortcut.lnk
[2009/05/12 20:52:01 | 00,716,272 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/05/12 20:39:23 | 00,000,224 | ---- | C] () -- C:\Windows\mixstrings.ini
[2009/05/12 20:39:20 | 00,034,308 | ---- | C] () -- C:\Windows\System32\Chip.dll
[2009/05/07 17:09:04 | 00,000,268 | ---- | C] () -- C:\Windows\Robot Office Common.ini
[2009/05/06 05:56:40 | 00,000,242 | ---- | C] () -- C:\Windows\Caligari.ini
[2009/04/17 18:54:16 | 00,001,279 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/05/17 19:07:44 | 00,000,001 | ---- | C] () -- C:\Windows\pvc11.dll
[2008/05/17 18:08:55 | 00,163,840 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/05/17 18:08:53 | 00,564,224 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2008/05/17 18:08:52 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/17 18:08:51 | 00,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/05/17 18:08:51 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/05/10 14:14:12 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/03/04 19:52:34 | 00,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007/10/31 10:39:54 | 00,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/07/25 15:24:30 | 01,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/05/17 14:58:10 | 00,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2006/11/02 05:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 03:23:31 | 00,000,169 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/02/26 16:08:28 | 00,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2003/12/22 14:40:06 | 01,663,068 | ---- | C] () -- C:\Windows\System32\libmmd.dll

========== Files - Modified Within 30 Days ==========

[2009/06/26 18:50:00 | 00,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F20E71C0-96AC-40A7-AC00-091AA4E421DF}.job
[2009/06/26 18:46:00 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/06/26 18:45:57 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Brannon\Desktop\OTL.exe
[2009/06/26 18:45:35 | 00,007,192 | ---- | M] () -- C:\Users\Brannon\Desktop\scans.rtf
[2009/06/26 18:13:39 | 00,173,119 | ---- | M] (Eric_71) -- C:\Users\Brannon\Desktop\Rooter.exe
[2009/06/26 18:01:09 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009/06/26 18:01:02 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/06/26 18:01:02 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/06/26 18:01:00 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/06/26 18:00:55 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/06/26 17:59:27 | 03,276,696 | -H-- | M] () -- C:\Users\Brannon\AppData\Local\IconCache.db
[2009/06/26 15:26:29 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FCE263C-8A77-4AD2-A37D-4E937D7B682B}.job
[2009/06/26 12:31:25 | 00,000,913 | ---- | M] () -- C:\Users\Brannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/06/26 12:31:20 | 00,000,733 | ---- | M] () -- C:\Users\Brannon\Desktop\NTREGOPT.lnk
[2009/06/26 12:31:20 | 00,000,714 | ---- | M] () -- C:\Users\Brannon\Desktop\ERUNT.lnk
[2009/06/26 00:27:44 | 00,001,218 | ---- | M] () -- C:\Users\Brannon\AppData\Roaming\wklnhst.dat
[2009/06/24 16:39:10 | 00,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/06/24 16:34:46 | 00,054,363 | ---- | M] () -- C:\Users\Brannon\Documents\satellite pics.jpg
[2009/06/24 15:43:54 | 00,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/06/24 14:50:25 | 00,001,558 | ---- | M] () -- C:\Users\Brannon\Desktop\SatID.lnk
[2009/06/24 14:40:53 | 00,000,690 | ---- | M] () -- C:\Users\Brannon\Desktop\Universal Maps Downloader.lnk
[2009/06/24 14:38:30 | 00,001,736 | ---- | M] () -- C:\Users\Brannon\Desktop\MapsDownload.lnk
[2009/06/23 19:45:19 | 00,001,032 | ---- | M] () -- C:\Users\Brannon\Desktop\DVDVideoSoft Free Studio.lnk
[2009/06/22 20:00:00 | 00,000,550 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Brannon.job
[2009/06/22 16:39:10 | 00,088,064 | ---- | M] () -- C:\Users\Brannon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/19 23:28:26 | 00,000,806 | ---- | M] () -- C:\Users\Brannon\Desktop\Nuke 5.1v5 (32 bit).lnk
[2009/06/18 15:17:21 | 00,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/06/18 15:07:02 | 00,008,633 | ---- | M] () -- C:\Windows\System32\QuickTime.qtp
[2009/06/18 15:02:40 | 00,000,427 | ---- | M] () -- C:\Windows\System32\QuickTimeFavorites.qtr
[2009/06/18 14:47:40 | 00,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2009/06/18 14:47:40 | 00,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/06/12 21:08:09 | 00,090,712 | ---- | M] () -- C:\Users\Brannon\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/12 20:05:30 | 01,692,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/06/12 18:48:14 | 00,001,970 | ---- | M] () -- C:\Users\Brannon\Desktop\Cubase AI 4.lnk
[2009/06/12 18:47:26 | 00,002,892 | ---- | M] () -- C:\Windows\System32\audcon.sys
[2009/06/10 20:10:24 | 00,001,186 | ---- | M] () -- C:\Users\Brannon\Desktop\Adobe After Effects CS3.lnk
[2009/06/10 12:59:33 | 00,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/06/10 12:07:16 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/06/10 12:07:16 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/06/10 12:07:16 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/06/09 13:12:07 | 00,001,994 | ---- | M] () -- C:\Users\Brannon\Desktop\boujou 4.lnk
[2009/06/04 14:53:38 | 00,008,614 | ---- | M] () -- C:\Users\Brannon\Desktop\11.jpg
[2009/06/02 10:33:33 | 00,000,782 | ---- | M] () -- C:\Users\Brannon\Desktop\FrostWire 4.18.0.lnk
[2009/06/01 09:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009/05/30 11:49:02 | 00,001,933 | ---- | M] () -- C:\Users\Brannon\Desktop\Desktop Manager.lnk
[2009/05/28 13:52:22 | 00,000,460 | ---- | M] () -- C:\Users\Brannon\Desktop\maya - Shortcut.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5D351BC6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4240575B
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D158BAF9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:901E30B2
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:C119EC96
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP