Jump to content

Welcome to Geeks to Go - Register now for FREE
Geeks To Go is a helpful hub, where thousands of friendly volunteers serve up answers and support. Get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message and all ads will be removed once you have signed in.
Create an Account Login to Account

Too much going awry not sure what is going on [Closed]


  • This topic is locked This topic is locked

#1
lisa00

lisa00

    Member

  • Member
  • PipPip
  • 10 posts
Our computer is acting very strangly. My husbands login was completly wiped out. All his docs and picts were lost. Word is not functioning properly. It's not saving docs sometimes not opening. Screen turns blue regularly with fatal error message/physical memory dump message. My computer is very slow to open anything. Any help is appreciated.
Lisa

Malware log
Malwarebytes' Anti-Malware 1.41
Database version: 3130
Windows 5.1.2600 Service Pack 2

11/8/2009 7:51:17 PM
mbam-log-2009-11-08 (19-51-17).txt

Scan type: Quick Scan
Objects scanned: 157320
Time elapsed: 20 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\gamevancetext.linker (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gamevancetext.linker.1 (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Root Repeal would not run here is the crash log it generated
ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows XP SP2
Exception Code: 0xc0000005
Exception Address: 0x00422bf2
Attempt to read from address: 0x00000004


OTC extras log
OTL Extras logfile created on: 11/9/2009 4:38:33 PM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Lisa Adkins\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 574.67 Mb Available Physical Memory | 56.23% Memory free
3.27 Gb Paging File | 0.72 Gb Available in Paging File | 22.17% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.51 Gb Total Space | 45.19 Gb Free Space | 31.06% Space Free | Partition Type: NTFS
Drive D: | 604.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 939.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
Drive G: | 1.87 Gb Total Space | 0.72 Gb Free Space | 38.81% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D355XK51
Current User Name: Lisa Adkins
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Palm\HOTSYNC.EXE" = C:\Program Files\Palm\HOTSYNC.EXE:*:Enabled:HotSync® Manager Application -- (PalmSource, Inc)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- File not found
"C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Microsoft XNA\XNA Game Studio\v3.0\Bin\XnaLiveProxy.exe" = C:\Program Files\Microsoft XNA\XNA Game Studio\v3.0\Bin\XnaLiveProxy.exe:LocalSubNet:Enabled:XNA Framework Games for Windows - LIVE -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.0 (Platformer)
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{067A58C9-D5B9-41CE-81B0-669105593170}" = Dairy Connect
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0DB93918-2A77-11D3-805A-00C04FA329AA}" = Word in Works Suite add-in
"{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.0 (Redists)
"{10110FE9-1EE8-4A3D-ADFD-1294F86BE5FC}" = Logitech QuickCam
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{155D54E7-A6AE-45C1-8669-178D28B36A27}" = Freakstein
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 16
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3249FD43-B24B-413F-B786-F8FEA32FA747}" = V CAST Music
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}" = Microsoft XNA Game Studio 3.0 (VCSExpress)
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DE42752-385D-4FE7-AFE8-4609DC8F2838}" = MapleStory Beginner Version
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4E7E8E6A-15F1-4E26-9352-26AD235131E9}" = Documents To Go
"{5164E4B0-9CD0-454A-BAC0-6771A15EEB64}" = Air Mouse Server
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{646DA966-C8F5-4B87-8DB4-FE6CA3A3F644}" = AMF CD and DVD Label Maker
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{788B97E8-D825-419A-8558-1C0B344C5371}" = Costco Photo Organizer
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.0 Documentation
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91057632-CA70-413C-B628-2D3CDBBB906B}" = Macromedia Flash Player 8 Plugin
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98B672F2-857C-4CC9-A25D-6B218077F4F6}" = Yahoo! Autosync
"{9944aa9e-362d-11d3-81ab-00c04fb932ba}" = Microsoft Home Publishing 2000
"{9F2FE6CE-2ABD-4F10-BDE7-A4F0DF1B7FED}" = Creation Station Camera
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE57D6-DE01-4E06-BDD6-059067923D95}" = Greeting Card Factory
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A586D09E-1D2C-11D3-9A6B-00105A98B681}" = Microsoft Picture It! Express 2000
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A90DCEC1-22DE-11D4-B8A9-0050DAB648C6}" = AvantGo Client
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC3F9FEE-1A44-4FCE-BD72-BD27D4BC6279}" = Microsoft XNA Game Studio Platform Tools
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.0 (Shared Components)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B930BFA6-3FFD-401F-8786-9CDC2AC04CDB}" = JumpStart Phonics
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C51CD33D-D7A0-4328-A802-3CD9DA437208}" = Type to Learn 3 Home
"{C7239ACC-601B-46BC-B48D-3998303A326D}" = OverDrive Media Console
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D3161124-2B4D-478F-901A-D21BCAD72C7E}" = Addit
"{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.0 (XnaLiveProxy)
"{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.0 (ARP entry)
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"{FF8157AA-F640-45BD-B7C2-BAA1016B267A}" = palmOne
"10CB2083F7325ECF7648ED6DB0E2392F905A2829" = Windows Driver Package - Camera Maker (MR97310_USB_DUAL_CAMERA) Image (05/02/2006 2.0.1.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"Allok MPEG4 Converter_is1" = Allok MPEG4 Converter 4.1.0422
"AVI Movie Player" = AVI Movie Player
"Caillou® Magic Playhouse™" = Caillou® Magic Playhouse™
"Card Classics" = Card Classics
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Color Efex Pro 3.0 Wacom Edition 3" = Color Efex Pro 3.0 Wacom Edition 3
"comcastDD" = Desktop Doctor
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"ComcastToolbar" = Comcast Toolbar
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Creative Writer 2" = Microsoft Creative Writer 2
"DeleteProdRunControl_US" = IBM ViaVoice Command and Control Runtime 5.3
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922
"Digital Media Converter_is1" = Digital Media Converter 2.7
"Encarta Encyclopedia 2000 A" = Microsoft Encarta Encyclopedia 2000
"ERUNT_is1" = ERUNT 1.1j
"FaceMorpher" = FaceMorpher 2.5
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"Houghton Mifflin Test Generator" = Houghton Mifflin Test Generator
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Meta-Morpher 1" = Meta-Morpher 1
"Mickey Mouse Kindergarten" = Disney's Mickey Mouse Kindergarten
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Streets & Trips 2000" = Microsoft Expedia Streets & Trips 2000
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MP3 Rocket" = MP3 Rocket
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSMONEYV80" = Microsoft Money 2000 Standard Edition
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton PC Checkup" = Norton PC Checkup
"NSS" = Norton Security Scan
"Pen Tablet Driver" = Pen Tablet
"Photo Viewer" = Photo Viewer 2.3
"Power MP3 Cutter Joiner_is1" = Power MP3 Cutter Joiner 1.00
"PROSet" = Intel® PRO Network Adapters and Drivers
"QcDrv" = Logitech® Camera Driver
"RealPlayer 6.0" = RealPlayer
"RegCure" = RegCure 1.5.0.1
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Scratch" = Scratch
"Secured eMule" = Secured eMule
"Shockwave" = Shockwave
"SHRThinkingGamesDeluxe" = Schoolhouse Rock Thinking Games Deluxe
"Snood_is1" = Snood for Windows version 3.52-W
"Sprite Buddy" = Sprite Buddy 0.8
"Stagecast Creator 2" = Stagecast Creator 2
"Start To Read (Tune & Magic)" = Start To Read (Tune & Magic)
"Sveerz" = Sveerz
"SystemRequirementsLab" = System Requirements Lab
"ToolBox" = NCH Toolbox
"ViewpointMediaPlayer" = Viewpoint Media Player
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebBlender" = WebBlender
"WebPost" = Web Publishing Wizard
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinPatrol" = WinPatrol 2007
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2kSetup" = Microsoft Works 2000 Setup Launcher
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XNA Game Studio 3.0" = Microsoft XNA Game Studio 3.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"xvid" = XviD MPEG-4 Video Codec
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Mail AutoComplete" = Yahoo! Address AutoComplete
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"ymb" = Yahoo! Mail Quick Select Tool (PhotoMail)
"Your Image Robert Adkins 1.0.5" = Your Image Robert Adkins
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"GoToMeeting" = GoToMeeting 4.0.0.320
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/2/2009 7:25:16 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - Insufficient system resources
exist to complete the requested service. for C:\Documents and Settings\Lisa Adkins\ntuser.dat

Error - 11/2/2009 7:25:16 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Insufficient system resources exist
to complete the requested service.

Error - 11/2/2009 7:25:21 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - Insufficient system resources
exist to complete the requested service. for C:\Documents and Settings\Lisa Adkins\ntuser.dat

Error - 11/2/2009 7:25:39 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Insufficient system resources exist
to complete the requested service.

Error - 11/2/2009 7:26:33 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1512
Description = Windows cannot unload your registry file. The memory used by the registry
has not been freed. This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or NetworkService
account. If this problem persists, contact your administrator. DETAIL - Insufficient
system resources exist to complete the requested service.

Error - 11/3/2009 8:48:42 PM | Computer Name = D355XK51 | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0030c86a.

Error - 11/3/2009 8:48:53 PM | Computer Name = D355XK51 | Source = Microsoft Office 10 | ID = 1001
Description = Fault bucket 00596603.

Error - 11/7/2009 8:43:08 PM | Computer Name = D355XK51 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office XP Professional with FrontPage -- Error
1706. Setup cannot find the required files. Check your connection to the network,
or CD-ROM drive. For other potential solutions to this problem, see C:\Program
Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error - 11/7/2009 8:43:14 PM | Computer Name = D355XK51 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office XP Professional with FrontPage - Update
'{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}' could not be installed. Error code 1603.
Windows Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127

Error - 11/8/2009 7:58:15 PM | Computer Name = D355XK51 | Source = Userenv | ID = 1512
Description = Windows cannot unload your registry file. The memory used by the registry
has not been freed. This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or NetworkService
account. If this problem persists, contact your administrator. DETAIL - Insufficient
system resources exist to complete the requested service.

[ System Events ]
Error - 11/8/2009 11:47:37 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:38 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:39 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:40 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:40 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:42 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:43 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:43 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/8/2009 11:47:44 PM | Computer Name = D355XK51 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/9/2009 8:13:40 AM | Computer Name = D355XK51 | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 bf9f4465, parameter3
eca19b00, parameter4 00000000.


< End of report >

OTc.txt log
OTL logfile created on: 11/9/2009 4:38:33 PM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Lisa Adkins\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 574.67 Mb Available Physical Memory | 56.23% Memory free
3.27 Gb Paging File | 0.72 Gb Available in Paging File | 22.17% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.51 Gb Total Space | 45.19 Gb Free Space | 31.06% Space Free | Partition Type: NTFS
Drive D: | 604.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 939.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
Drive G: | 1.87 Gb Total Space | 0.72 Gb Free Space | 38.81% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D355XK51
Current User Name: Lisa Adkins
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/09 16:37:09 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisa Adkins\My Documents\Downloads\OTL.exe
PRC - [2009/11/09 07:18:58 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Lisa Adkins\My Documents\Downloads\RootRepeal.exe
PRC - [2009/11/05 21:42:44 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/30 16:04:53 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/10/30 16:04:53 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/09/08 20:09:42 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/08 20:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/31 14:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/31 14:23:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/02/16 11:11:44 | 00,269,824 | ---- | M] () -- C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2009/02/03 08:15:18 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/01/29 17:09:14 | 00,578,920 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
PRC - [2009/01/25 22:01:25 | 00,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/01/19 11:14:44 | 00,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SYSTEM32\WTablet\Pen_TabletUser.exe
PRC - [2009/01/19 11:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SYSTEM32\Pen_Tablet.exe
PRC - [2009/01/19 11:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SYSTEM32\Pen_Tablet.exe
PRC - [2008/12/12 12:41:06 | 00,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/12/12 12:41:02 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ZuneBusEnum.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/09/10 23:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/08/21 13:28:52 | 00,391,680 | ---- | M] (Nokia Corporation.) -- C:\Program Files\Yahoo!\Yahoo! Autosync\AutosyncForYahoo.exe
PRC - [2007/07/10 01:15:28 | 00,368,640 | ---- | M] (Nokia Corporation.) -- C:\Program Files\Common Files\Intellisync\PushSyncService\PushSyncService.exe
PRC - [2007/06/26 17:29:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe
PRC - [2006/11/15 21:03:36 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/11/15 21:01:52 | 00,244,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006/11/15 20:58:40 | 00,746,520 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
PRC - [2006/11/15 20:57:20 | 00,171,544 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2006/10/31 00:03:48 | 00,284,184 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2004/02/10 11:51:30 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\hkcmd.exe
PRC - [2002/08/29 05:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
PRC - [2001/02/23 09:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe


========== Modules (SafeList) ==========

MOD - [2009/11/09 16:37:09 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisa Adkins\My Documents\Downloads\OTL.exe
MOD - [2009/10/30 16:04:36 | 00,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\asOEHook.dll
MOD - [2006/11/15 21:03:24 | 00,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
MOD - [2004/08/04 02:57:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 02:56:43 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\mslbui.dll
MOD - [2004/08/04 02:56:42 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WBEM\framedyn.dll
MOD - [2002/08/29 05:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SERWVDRV.DLL
MOD - [2002/08/29 05:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL


========== Win32 Services (SafeList) ==========

SRV - [2009/10/30 16:04:53 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/09/08 20:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/03 17:26:54 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/31 14:23:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/24 16:01:18 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/01/29 17:09:14 | 00,578,920 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -- (MrHealthyService)
SRV - [2009/01/19 11:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SYSTEM32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008/12/12 12:41:18 | 05,117,568 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/12/12 12:41:08 | 00,243,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/12/12 12:41:02 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/09/10 23:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/15 21:05:40 | 00,101,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/11/15 21:03:36 | 00,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 02:56:44 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2004/03/16 15:33:24 | 00,421,888 | ---- | M] (Dell) -- C:\WINDOWS\System32\dlbtcoms.exe -- (dlbt_device)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/03/03 13:33:40 | 00,143,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2001/02/23 09:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://m.www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/09/08 06:19:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/01/25 22:02:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 02:00:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/20 00:02:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/05 21:42:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/05 21:42:55 | 00,000,000 | ---D | M]

[2009/01/17 11:03:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Extensions
[2009/01/17 11:03:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/30 17:48:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\mfic9h1t.default\extensions
[2009/09/02 20:16:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\mfic9h1t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/22 18:29:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\mfic9h1t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/01/22 18:18:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\mfic9h1t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/08 12:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\xhlwi8zd.Lisa\extensions
[2009/11/01 11:14:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Mozilla\Firefox\Profiles\xhlwi8zd.Lisa\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/08 19:00:29 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/05 21:42:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/05 21:42:43 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/05 21:42:44 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/05 21:42:45 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/16 12:58:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/10/16 12:58:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/10/16 12:58:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/10/16 12:58:44 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/10/16 12:58:44 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/31 17:01:08 | 00,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml
[2009/10/16 12:58:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/10/16 12:58:44 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (624583 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 a9rhiwa.cn #[Google.Warning]
O1 - Hosts: 127.0.0.1 www.a9rhiwa.cn
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 16557 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Yahoo! Autosync.lnk = C:\Program Files\Yahoo!\Yahoo! Autosync\AutosyncForYahoo.exe (Nokia Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: investors.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.stonyfiel...criptX/smsx.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1DD81666-F3AD-11D3-BA86-00500487B4EC} http://www.investors.../WonSearchX.ocx (WonSearchX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish....fishActivia.cab (Snapfish Activia)
O16 - DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg...l_v1-0-3-36.cab (EPUImageControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1184783177171 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1206916468734 (MUWebControl Class)
O16 - DPF: {78267546-F2AC-11D2-A278-005004676C44} http://www.investors...ocx/WonList.ocx (WonList Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-cent...bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} http://www.investors...ocx/plotwon.ocx (Plotwon Control)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.c...utocomplete.cab (YAddBook Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EE3CD402-69EB-4B53-819D-0CA2F95AD7DA} http://www.investors.../ocx/PFMngr.ocx (PFMngr Control)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its51 {F6F1E82D-DE4D-11D2-875C-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\itss51.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/18 19:30:49 | 00,000,033 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1999/06/30 15:29:39 | 00,000,043 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{c4689e28-2f8b-11de-ba12-0011112146d5}\Shell\AutoRun\command - "" = F:\demo\winstart.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\SYSTEM32\IAS [2004/08/24 09:48:36 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\SYSTEM32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/11/08 19:26:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/08 19:26:26 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/11/02 18:37:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Daddy's Crap
[2009/10/31 17:04:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lisa Adkins\Application Data\WinRAR
[2009/10/31 17:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/10/31 16:35:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/10/31 16:27:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lisa Adkins\Local Settings\Application Data\ICS
[2009/10/31 15:53:15 | 01,528,680 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Lisa Adkins\Desktop\KB20090319114809EN.exe
[2009/10/31 15:38:01 | 00,000,000 | R--D | C] -- C:\Program Files\Norton Support
[2009/10/30 20:13:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\N360_BACKUP
[2009/10/30 16:05:12 | 00,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2009/10/30 16:05:06 | 00,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/10/30 16:05:06 | 00,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/10/30 16:05:06 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2009/10/30 16:04:57 | 00,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.sys
[2009/10/30 16:04:57 | 00,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.sys
[2009/10/30 16:04:57 | 00,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symtdi.sys
[2009/10/30 16:04:57 | 00,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symfw.sys
[2009/10/30 16:04:57 | 00,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symndisv.sys
[2009/10/30 16:04:57 | 00,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.sys
[2009/10/30 16:04:57 | 00,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symndis.sys
[2009/10/30 16:04:57 | 00,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symids.sys
[2009/10/30 16:04:56 | 00,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\cchpx86.sys
[2009/10/30 16:04:56 | 00,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\BHDrvx86.sys
[2009/10/30 16:03:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2009/10/30 16:03:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0305020.00B
[2009/10/30 16:03:47 | 00,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2009/10/30 15:50:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[5 C:\Documents and Settings\Lisa Adkins\My Documents\*.tmp files -> C:\Documents and Settings\Lisa Adkins\My Documents\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/11/09 16:36:04 | 00,034,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\rootrepeal2.sys
[2009/11/09 14:03:11 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/09 07:11:37 | 00,000,398 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/11/09 07:11:33 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/09 07:11:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/11/09 07:11:08 | 10,716,97920 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/09 07:11:07 | 17,611,1616 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/11/08 19:29:18 | 06,029,312 | -H-- | M] () -- C:\Documents and Settings\Lisa Adkins\NTUSER.DAT
[2009/11/08 19:26:27 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\Desktop\NTREGOPT.lnk
[2009/11/08 19:26:27 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\Desktop\ERUNT.lnk
[2009/11/08 18:58:15 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Lisa Adkins\NTUSER.INI
[2009/11/08 18:57:52 | 02,645,680 | -H-- | M] () -- C:\Documents and Settings\Lisa Adkins\Local Settings\Application Data\IconCache.db
[2009/11/08 18:41:03 | 00,000,914 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2009/11/08 18:38:58 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\~$-08-2009 06;38;21PM.RTF
[2009/11/08 18:38:51 | 00,003,110 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;38;21PM.RTF
[2009/11/08 18:36:26 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\~$-08-2009 06;35;54PM.RTF
[2009/11/08 18:36:19 | 00,002,994 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;35;54PM.RTF
[2009/11/08 18:34:27 | 00,000,211 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;34;01PM.RTF
[2009/11/08 18:00:00 | 00,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Alex Adkins.job
[2009/11/07 17:20:49 | 00,066,413 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Disney_Princess_colouring.jpg
[2009/11/07 17:17:27 | 00,135,299 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\disney-princess-wallpaper-4.jpg
[2009/11/05 18:57:43 | 01,241,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\Cat.DB
[2009/11/05 03:00:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/11/03 17:49:05 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/02 20:00:00 | 00,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Lisa Adkins.job
[2009/11/02 09:17:55 | 00,442,466 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/11/02 09:17:55 | 00,071,732 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/11/02 09:17:54 | 00,524,016 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/01 10:49:35 | 00,062,464 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\CrockPot_Recipes Nov1 2009.doc
[2009/10/31 17:01:07 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/31 16:47:55 | 00,001,692 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/10/31 16:47:55 | 00,000,243 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2009/10/31 16:47:55 | 00,000,211 | RHS- | M] () -- C:\BOOT.INI
[2009/10/31 15:53:23 | 01,528,680 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Lisa Adkins\Desktop\KB20090319114809EN.exe
[2009/10/30 16:05:06 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/10/30 16:05:06 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/10/30 16:05:06 | 00,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/10/30 16:05:06 | 00,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/10/30 16:04:59 | 00,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2009/10/30 16:04:57 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.sys
[2009/10/30 16:04:57 | 00,308,272 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.sys
[2009/10/30 16:04:57 | 00,217,136 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symtdi.sys
[2009/10/30 16:04:57 | 00,089,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symfw.sys
[2009/10/30 16:04:57 | 00,048,688 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symndisv.sys
[2009/10/30 16:04:57 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.sys
[2009/10/30 16:04:57 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2009/10/30 16:04:57 | 00,036,400 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symndis.sys
[2009/10/30 16:04:57 | 00,033,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symids.sys
[2009/10/30 16:04:56 | 00,482,432 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\cchpx86.sys
[2009/10/30 16:04:56 | 00,259,632 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00B\BHDrvx86.sys
[2009/10/30 16:04:29 | 00,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNetV.inf
[2009/10/30 16:04:29 | 00,001,561 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNet.inf
[2009/10/30 16:04:29 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\isolate.ini
[2009/10/30 16:04:28 | 00,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.inf
[2009/10/30 16:04:28 | 00,001,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\ccHPx86.inf
[2009/10/30 16:04:28 | 00,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.inf
[2009/10/30 16:04:28 | 00,001,382 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.inf
[2009/10/30 16:04:28 | 00,000,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\BHDrvx86.inf
[2009/10/30 16:03:57 | 00,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symnetv.cat
[2009/10/30 16:03:57 | 00,009,402 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNet.cat
[2009/10/30 16:03:56 | 00,007,431 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.cat
[2009/10/30 16:03:56 | 00,007,429 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.cat
[2009/10/30 16:03:56 | 00,007,425 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.cat
[2009/10/30 16:03:56 | 00,007,400 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\bhdrvx86.cat
[2009/10/30 16:03:56 | 00,007,383 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\ccHPx86.cat
[2009/10/29 18:53:45 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\2009-2010 CTL Meeting and Planning Dates.doc
[2009/10/29 16:09:51 | 00,070,144 | ---- | M] () -- C:\Documents and Settings\Lisa Adkins\My Documents\Mathematics Progress Report 2007-08 Grade 2.doc
[5 C:\Documents and Settings\Lisa Adkins\My Documents\*.tmp files -> C:\Documents and Settings\Lisa Adkins\My Documents\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/09 16:36:03 | 00,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootrepeal2.sys
[2009/11/08 19:26:27 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Desktop\NTREGOPT.lnk
[2009/11/08 19:26:27 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Desktop\ERUNT.lnk
[2009/11/08 18:38:58 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\~$-08-2009 06;38;21PM.RTF
[2009/11/08 18:38:51 | 00,003,110 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;38;21PM.RTF
[2009/11/08 18:36:26 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\~$-08-2009 06;35;54PM.RTF
[2009/11/08 18:36:19 | 00,002,994 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;35;54PM.RTF
[2009/11/08 18:34:27 | 00,000,211 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\11-08-2009 06;34;01PM.RTF
[2009/11/07 17:20:48 | 00,066,413 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Disney_Princess_colouring.jpg
[2009/11/07 17:17:26 | 00,135,299 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\disney-princess-wallpaper-4.jpg
[2009/11/01 10:49:35 | 00,062,464 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\CrockPot_Recipes Nov1 2009.doc
[2009/10/30 16:06:23 | 01,241,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\Cat.DB
[2009/10/30 16:05:06 | 00,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/10/30 16:05:06 | 00,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/10/30 16:04:59 | 00,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2009/10/30 16:04:29 | 00,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNetV.inf
[2009/10/30 16:04:29 | 00,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNet.inf
[2009/10/30 16:04:29 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\isolate.ini
[2009/10/30 16:04:28 | 00,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.inf
[2009/10/30 16:04:28 | 00,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\ccHPx86.inf
[2009/10/30 16:04:28 | 00,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.inf
[2009/10/30 16:04:28 | 00,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.inf
[2009/10/30 16:04:28 | 00,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\BHDrvx86.inf
[2009/10/30 16:03:57 | 00,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\symnetv.cat
[2009/10/30 16:03:57 | 00,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymNet.cat
[2009/10/30 16:03:56 | 00,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\SymEFA.cat
[2009/10/30 16:03:56 | 00,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtspx.cat
[2009/10/30 16:03:56 | 00,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\srtsp.cat
[2009/10/30 16:03:56 | 00,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\bhdrvx86.cat
[2009/10/30 16:03:56 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0305020.00B\ccHPx86.cat
[2009/10/29 18:53:45 | 00,041,984 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\My Documents\2009-2010 CTL Meeting and Planning Dates.doc
[2009/07/31 12:30:03 | 00,042,594 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/02/11 03:10:16 | 02,645,680 | -H-- | C] () -- C:\Documents and Settings\Lisa Adkins\Local Settings\Application Data\IconCache.db
[2008/12/25 12:02:28 | 00,000,037 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2008/12/09 17:16:28 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2008/12/09 17:16:28 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2008/06/13 06:03:25 | 00,000,024 | ---- | C] () -- C:\WINDOWS\System32\Drv32_16.ini
[2008/06/13 05:39:56 | 00,000,003 | ---- | C] () -- C:\WINDOWS\System32\xyddr.dll
[2008/04/09 20:40:09 | 03,049,984 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/04/09 20:40:09 | 00,404,480 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/04/09 20:40:09 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008/04/09 20:40:09 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/03/16 12:04:11 | 00,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2008/02/04 17:23:10 | 00,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/11 14:46:02 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/12/11 14:44:28 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/12/11 14:44:28 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/12/11 14:43:44 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/09/29 08:06:09 | 00,000,080 | RHS- | C] () -- C:\WINDOWS\System32\775C71C5FD.dll
[2007/09/28 21:05:54 | 00,002,838 | ---- | C] () -- C:\WINDOWS\System32\laf3.ini
[2007/09/28 21:05:52 | 00,002,850 | ---- | C] () -- C:\WINDOWS\System32\laf1.ini
[2007/09/28 10:09:32 | 00,159,884 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2007/09/23 08:13:59 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/08/20 02:02:39 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/11/26 09:39:07 | 00,000,186 | ---- | C] () -- C:\WINDOWS\cdgrabber.ini
[2006/11/25 12:31:28 | 00,000,046 | ---- | C] () -- C:\WINDOWS\System32\winitn.dll
[2006/11/25 12:31:25 | 00,000,046 | ---- | C] () -- C:\WINDOWS\System32\kakle.dll
[2006/11/25 12:31:15 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/25 12:31:15 | 00,000,005 | ---- | C] () -- C:\WINDOWS\subtot.dll
[2006/11/15 21:03:12 | 00,024,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006/11/15 21:00:56 | 01,678,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2006/09/03 14:46:50 | 00,000,254 | ---- | C] () -- C:\WINDOWS\System32\SunData.ini
[2006/09/03 14:46:01 | 00,000,128 | ---- | C] () -- C:\WINDOWS\TTL3.ini
[2006/06/29 14:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 14:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/16 11:15:05 | 00,000,117 | ---- | C] () -- C:\WINDOWS\PINOCHLE.INI
[2006/04/18 15:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 15:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/03/22 05:57:22 | 00,038,334 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Application Data\Microsoft Excel.ADR
[2006/01/14 21:57:30 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2006/01/14 21:57:29 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2006/01/14 21:57:29 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2006/01/14 20:17:08 | 00,189,952 | ---- | C] () -- C:\WINDOWS\Qcard32.dll
[2006/01/03 19:07:11 | 00,028,672 | ---- | C] () -- C:\WINDOWS\unvise32.dll
[2005/12/26 10:02:55 | 00,000,544 | ---- | C] () -- C:\WINDOWS\Madagascar.INI
[2005/11/22 19:01:46 | 00,000,082 | ---- | C] () -- C:\WINDOWS\hmi_ma.ini
[2005/11/16 19:26:06 | 00,000,203 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2005/11/03 17:32:25 | 00,000,233 | ---- | C] () -- C:\WINDOWS\SunData.ini
[2005/11/03 17:31:34 | 00,000,046 | ---- | C] () -- C:\WINDOWS\MathEss2.ini
[2005/09/05 14:30:54 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Application Data\dm.ini
[2005/08/05 18:46:48 | 00,000,508 | ---- | C] () -- C:\WINDOWS\powermp3cutterjoiner.ini
[2005/07/06 12:30:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2005/07/06 11:33:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2005/07/06 11:30:52 | 00,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2005/07/06 10:08:34 | 00,250,168 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2005/06/20 19:17:10 | 00,000,198 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2005/06/15 17:39:29 | 00,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll
[2005/06/15 17:39:29 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll
[2005/06/15 14:14:35 | 00,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/05/21 20:29:46 | 00,000,038 | ---- | C] () -- C:\WINDOWS\hds32.ini
[2005/04/24 11:55:43 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/04/24 11:17:59 | 00,000,056 | ---- | C] () -- C:\WINDOWS\fac32.ini
[2005/04/24 08:18:01 | 00,000,147 | ---- | C] () -- C:\WINDOWS\Disney's Magic Artist.INI
[2005/04/05 05:52:32 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/03/31 21:11:31 | 00,000,075 | ---- | C] () -- C:\WINDOWS\SSAW.INI
[2005/02/19 07:55:00 | 00,003,382 | ---- | C] () -- C:\WINDOWS\disney.ini
[2005/01/23 16:04:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/01/18 19:30:26 | 00,046,592 | ---- | C] () -- C:\WINDOWS\System32\shellses.dll
[2005/01/18 19:29:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2004/12/07 17:56:17 | 00,143,872 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/20 08:23:05 | 00,003,818 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/10/31 11:24:48 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/10/26 20:08:49 | 00,186,496 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Application Data\GDIPFONTCACHEV1.DAT
[2004/09/05 06:11:01 | 00,004,152 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2004/08/28 10:21:06 | 00,000,336 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/08/27 20:13:41 | 00,000,914 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2004/08/27 20:04:35 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/27 19:41:52 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Lisa Adkins\Application Data\DESKTOP.INI
[2004/08/27 19:41:51 | 00,186,496 | ---- | C] () -- C:\Documents and Settings\Lisa Adkins\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/08/24 10:28:48 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/24 10:05:50 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/24 09:51:28 | 00,000,549 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/11 10:02:24 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 16:59:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/03/25 18:06:58 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll
[2004/03/25 18:06:00 | 00,557,056 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll
[2004/03/25 17:59:50 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll
[2004/03/25 17:53:48 | 00,401,408 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll
[2003/10/08 09:09:46 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll
[2002/10/06 13:42:56 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 18:04:24 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 18:04:24 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 18:04:16 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/09/03 08:59:58 | 00,001,692 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 08:50:58 | 00,000,243 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2002/09/03 08:50:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\DESKTOP.INI
[2002/05/15 18:38:40 | 00,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/05 06:35:49 | 00,285,696 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2001/10/12 10:58:20 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 10:57:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2000/01/06 19:00:00 | 00,024,448 | ---- | C] () -- C:\WINDOWS\sysgtime.dll
[2000/01/06 19:00:00 | 00,024,448 | ---- | C] () -- C:\WINDOWS\System32\proclsvr.drv
[1998/03/10 10:10:54 | 00,009,317 | ---- | C] () -- C:\WINDOWS\Froggersetup.ini
[1996/07/01 11:12:46 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\GNNPOST.DLL
[1996/06/03 10:20:04 | 00,007,328 | ---- | C] () -- C:\WINDOWS\System32\GAUGE.DLL
[1980/01/01 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2004/11/26 12:40:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2004/11/26 12:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2008/10/20 18:55:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BufferZone
[2004/08/24 10:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/06/13 13:23:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chat Republic Games
[2009/09/04 21:20:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2005/06/12 07:58:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2005/02/19 07:56:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive
[2009/10/04 18:39:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2007/09/06 18:44:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2009/01/24 16:07:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/10/30 15:50:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2008/11/08 19:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Shared Phrogram Files
[2008/11/22 14:53:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/12/29 02:56:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/09/14 13:51:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2009/03/18 16:23:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/09/15 17:20:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/13 12:01:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/04/07 14:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\AutoSync for Yahoo
[2008/08/10 20:11:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\bang
[2007/07/18 19:19:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\ComcastToolbar
[2008/11/16 18:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Costco Photo Viewer US
[2007/09/06 18:43:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\HotSync
[2005/01/28 23:48:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Leadertech
[2008/04/07 14:07:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\PushSyncData
[2008/11/14 18:30:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Snapfish
[2009/08/15 14:08:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\SystemRequirementsLab
[2008/09/20 18:16:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Tech4Learning
[2008/03/31 21:04:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\Viewpoint
[2007/09/29 07:58:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Adkins\Application Data\WinPatrol
[2002/08/29 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/11/09 07:11:37 | 00,000,398 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2009/11/05 03:00:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2009/11/09 07:11:33 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2004/12/07 17:08:12 | 01,385,746 | ---- | M] () -- C:\FD2M15017E.EXE

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2002/08/29 05:00:00 | 00,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\I386\EVENTLOG.DLL
[1 C:\I386\*.tmp files -> C:\I386\*.tmp -> ]
[2002/08/29 05:00:00 | 00,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/04 02:56:42 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 02:56:42 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2 C:\WINDOWS\SYSTEM32\*.tmp files -> C:\WINDOWS\SYSTEM32\*.tmp -> ]

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2002/08/29 05:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\I386\SCECLI.DLL
[1 C:\I386\*.tmp files -> C:\I386\*.tmp -> ]
[2002/08/29 05:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/04 02:56:44 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2004/08/04 02:56:44 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\SYSTEM32\scecli.dll
[2 C:\WINDOWS\SYSTEM32\*.tmp files -> C:\WINDOWS\SYSTEM32\*.tmp -> ]

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2002/08/29 05:00:00 | 00,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\I386\NETLOGON.DLL
[1 C:\I386\*.tmp files -> C:\I386\*.tmp -> ]
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2002/08/29 05:00:00 | 00,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 02:56:44 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2004/08/04 02:56:44 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2 C:\WINDOWS\SYSTEM32\*.tmp files -> C:\WINDOWS\SYSTEM32\*.tmp -> ]

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2003/04/23 09:29:54 | 00,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\I386\atapi.sys
[1 C:\I386\*.tmp files -> C:\I386\*.tmp -> ]
[2003/04/23 09:29:54 | 00,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/04 00:59:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2003/04/23 09:29:54 | 00,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2003/04/23 09:29:54 | 00,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2001/08/17 13:58:00 | 00,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\I386\AGP440.SYS
[1 C:\I386\*.tmp files -> C:\I386\*.tmp -> ]
[2001/08/17 13:58:00 | 00,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/04 01:07:41 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/04 01:07:41 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24905485
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E994F9BF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AAAD97
< End of report >
  • 0

Advertisement


#2
Extremeboy

Extremeboy

    Malware Removal Staff

  • Retired Staff
  • 824 posts
Hello and welcome to G2G!

Before we continue I would like to see an update of the condition of your system.

Please follow the steps mentioned here and post the logs requested in your next reply: http://www.geekstogo...uide-t2852.html

Please provide with a description of any remaining problems or symptoms you may still have please.

Thanks.

With Regards,
Extremeboy
  • 0

#3
Extremeboy

Extremeboy

    Malware Removal Staff

  • Retired Staff
  • 824 posts
Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 7 from the last day I replied initially, the topic will need to be closed.

Thanks for understanding.

With Regards,
Extremeboy
  • 0

#4
Extremeboy

Extremeboy

    Malware Removal Staff

  • Retired Staff
  • 824 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Advertisement




Similar Topics: Too much going awry not sure what is going on [Closed]     x


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured