Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Manage Addons Pop up in IE8 and constant freezing


  • Please log in to reply

#1
bubblytolepainter

bubblytolepainter

    Member

  • Member
  • PipPip
  • 15 posts
I am running Windows XP and IE8.
At first I was getting an error message stating that "A program on your computer has corrupted your default search provider."
I tried to add a new search provider but live search wouldn't go away. I finally created a new user profile but I still keep getting a pop up of the Manage Addons window. And now there is NO default search provider at all nor can I add one. I am also having a lot of trouble with things programs and windows freezing up. I cannot close them and sometimes even "CTRL ALT DELETE" doesn't work.

I ran TFC, ERUNT, updated and ran Malware Bytes Anti Malware (which didn't find anything), and updated and ran AVG (which also didn't find anything) and ran GMER and OTL
Here are my log files

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4194

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13/06/2010 11:47:56 AM
mbam-log-2010-06-13 (11-47-56).txt

Scan type: Quick scan
Objects scanned: 141653
Time elapsed: 9 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-13 19:01:07
Windows 5.1.2600 Service Pack 3
Running: gmer.exe


---- Files - GMER 1.0.15 ----

File C:\Program Files\Tall Emu\Online Armor\oascan.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\antispam.dat 8434 bytes
File C:\Program Files\Tall Emu\Online Armor\avgate.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\firewall.dat 74469 bytes
File C:\Program Files\Tall Emu\Online Armor\fwdata.dat 20819 bytes
File C:\Program Files\Tall Emu\Online Armor\fwdata.dat.bak 20819 bytes
File C:\Program Files\Tall Emu\Online Armor\history.dat 139214 bytes
File C:\Program Files\Tall Emu\Online Armor\IPRanges.dat 1247823 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs 0 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006121432.log 31685 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006121508.log 3508 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006121518.log 86076 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006121750.log 8013 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006122202.log 2156 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006130005.log 72895 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006131125.log 118839 bytes
File C:\Program Files\Tall Emu\Online Armor\Logs\FW1006131826.log 16515 bytes
File C:\Program Files\Tall Emu\Online Armor\MacCodes.dat 40836 bytes
File C:\Program Files\Tall Emu\Online Armor\NoteBook.sig 34 bytes
File C:\Program Files\Tall Emu\Online Armor\oacached.dat 1238547 bytes
File C:\Program Files\Tall Emu\Online Armor\oacached.dat.bak 1238547 bytes
File C:\Program Files\Tall Emu\Online Armor\oacat.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oacat.exe 1284600 bytes
File C:\Program Files\Tall Emu\Online Armor\OADriver.bak 0 bytes
File C:\Program Files\Tall Emu\Online Armor\OADriver.dat 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oadump.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oadump.exe 2180088 bytes
File C:\Program Files\Tall Emu\Online Armor\oaevent.dll 925688 bytes
File C:\Program Files\Tall Emu\Online Armor\oahlp.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oahlp.exe 3065848 bytes
File C:\Program Files\Tall Emu\Online Armor\oamine.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\OAnet.inf 3459 bytes
File C:\Program Files\Tall Emu\Online Armor\OAnet_m.inf 1563 bytes
File C:\Program Files\Tall Emu\Online Armor\oarau.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\OAReg.exe 21784 bytes executable
File C:\Program Files\Tall Emu\Online Armor\oasrv.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oasrv.exe 3364856 bytes
File C:\Program Files\Tall Emu\Online Armor\oaui.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oaui.exe 6678008 bytes
File C:\Program Files\Tall Emu\Online Armor\oaview.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\oaview.exe 2190328 bytes
File C:\Program Files\Tall Emu\Online Armor\oawatch.dll 948216 bytes
File C:\Program Files\Tall Emu\Online Armor\process.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\reference.dat 37112 bytes
File C:\Program Files\Tall Emu\Online Armor\SentList.dat 0 bytes
File C:\Program Files\Tall Emu\Online Armor\server.dat 1167510 bytes
File C:\Program Files\Tall Emu\Online Armor\server.dat.bak 1167510 bytes
File C:\Program Files\Tall Emu\Online Armor\signs.dat 1435089 bytes
File C:\Program Files\Tall Emu\Online Armor\sites.dat 67847 bytes
File C:\Program Files\Tall Emu\Online Armor\sockets.dbg 0 bytes
File C:\Program Files\Tall Emu\Online Armor\taskman.dat 270 bytes
File C:\Program Files\Tall Emu\Online Armor\taskman.dat.bak 270 bytes
File C:\Program Files\Tall Emu\Online Armor\unins000.dat 48530 bytes
File C:\Program Files\Tall Emu\Online Armor\unins000.exe 695585 bytes
File C:\Program Files\Tall Emu\Online Armor\Vista 0 bytes


OTL logfile created on: 13/06/2010 8:00:11 PM - Run 3
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\New Linda\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

958.00 Mb Total Physical Memory | 453.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.79 Gb Total Space | 119.17 Gb Free Space | 66.28% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.18 Gb Free Space | 18.22% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHUCKSLINDACOMP
Current User Name: New Linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
PRC - [2010/04/20 04:42:10 | 003,065,848 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2010/04/20 04:42:08 | 006,678,008 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2010/04/20 04:42:08 | 003,364,856 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2010/04/20 04:42:08 | 001,284,600 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2010/02/26 01:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\New Linda\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2009/10/12 18:58:08 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/10/12 18:58:08 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/10/12 18:58:06 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/10/12 18:58:02 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/10/12 18:58:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/10 11:12:30 | 000,099,936 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
MOD - [2010/04/20 04:42:10 | 000,948,216 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2010/04/20 04:42:10 | 000,925,688 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaevent.dll
MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/13 20:12:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 20:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 20:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 20:11:55 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (KodakCCS)
SRV - File not found [Auto | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - [2010/04/20 04:42:08 | 003,364,856 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2010/04/20 04:42:08 | 001,284,600 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/10/12 18:58:02 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/10/12 18:58:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2006/11/10 11:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2010/05/16 19:52:01 | 000,068,168 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/20 04:13:30 | 000,024,440 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2010/04/20 04:13:14 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2010/04/20 04:13:10 | 000,228,216 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2010/02/23 20:18:41 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/23 20:18:41 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/19 11:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/19 11:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/10/12 18:58:08 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/10/12 18:58:08 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/06/01 17:14:24 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2007/01/09 19:36:42 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/12/24 03:04:33 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006/01/18 23:17:38 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/01/18 09:44:46 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2005/12/12 21:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/06/08 01:44:36 | 001,235,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/04/20 14:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/15 00:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 21:09:18 | 000,870,912 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 14:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/25 09:56:00 | 000,923,863 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2004/11/22 19:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 19:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2004/10/15 19:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 18:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
DRV - [2003/08/05 03:07:00 | 000,083,552 | R--- | M] (ALinx Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m4301A.sys -- (m4301a)
DRV - [2001/08/17 23:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2007/10/16 05:29:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/07/15 16:49:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2006/09/08 01:14:39 | 002,078,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk = C:\Program Files\Organize Quick & Easy 5.0\Organize.exe (Individual Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/25 01:32:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 23:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell - "" = AutoRun
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/13 19:16:47 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
[2010/06/13 11:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Malwarebytes
[2010/06/13 11:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/13 11:22:15 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\TFC.exe
[2010/06/13 11:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/06/13 11:07:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\IECompatCache
[2010/06/13 10:08:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Dropbox
[2010/06/13 10:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Dropbox
[2010/06/12 21:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Identities
[2010/06/12 16:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Template
[2010/06/12 16:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Talkback
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\yahoo!
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\U3
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Thunderbird
[2010/06/12 16:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\.limewire
[2010/06/12 15:42:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Application Data\Brother
[2010/06/12 15:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\HPQ
[2010/06/12 15:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\SUPERAntiSpyware.com
[2010/06/11 20:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010/06/11 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Macromedia
[2010/06/11 18:34:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\PrivacIE
[2010/06/10 20:00:26 | 000,000,000 | ---D | C] -- C:\740c9b4892d0251b7daa2c1edd
[2010/06/03 18:45:46 | 001,048,576 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\Roboex32.dll
[2010/06/03 18:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\Organize Quick & Easy 5.0
[2010/05/18 17:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Adobe
[2010/05/18 17:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Adobe
[2010/05/18 16:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\OnlineArmor
[2010/05/18 16:47:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Recent
[2010/05/18 16:47:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Favorites
[2010/05/18 16:47:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\IETldCache
[2010/05/18 16:47:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\Cookies
[2010/05/18 16:47:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\New Linda\Local Settings
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\WINDOWS
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Templates
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Symantec
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Start Menu
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\SendTo
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\SampleView
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Real
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\PrintHood
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\NetHood
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\My Documents
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft Help
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Microsoft
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Intuit
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Identities
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Google
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Desktop
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\ApplicationHistory
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Apple Computer
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Apple Computer
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2010/05/12 21:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
[2010/05/12 19:26:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\OneNote Notebooks
[2010/05/12 19:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/12 19:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/05/12 19:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/05/12 18:59:31 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/07 21:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/05/07 05:38:48 | 000,228,216 | ---- | C] (Tall Emu) -- C:\WINDOWS\System32\drivers\OADriver.sys
[2010/05/07 05:38:48 | 000,029,560 | ---- | C] (Tall Emu Pty Ltd) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/05/07 05:38:48 | 000,024,440 | ---- | C] (Tall Emu) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/05/07 05:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\Tall Emu
[2010/05/05 21:01:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/05 20:58:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/04 13:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/05/04 13:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bell

========== Files - Modified Within 90 Days ==========

[2010/06/13 19:41:43 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\New Linda\NTUSER.DAT
[2010/06/13 19:23:01 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009UA.job
[2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
[2010/06/13 19:02:09 | 000,011,125 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\GMER 1.docx
[2010/06/13 19:01:35 | 000,013,542 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Address Book Gramma.docx
[2010/06/13 18:32:56 | 000,000,521 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/13 18:32:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/06/13 18:32:56 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/13 18:26:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/13 18:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/13 18:18:41 | 061,032,436 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/13 18:03:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/13 11:24:36 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\New Linda\ntuser.ini
[2010/06/13 11:22:28 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\TFC.exe
[2010/06/13 11:14:29 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\HijackThis.lnk
[2010/06/13 10:34:10 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\apprentice report 2010may.doc
[2010/06/13 10:30:32 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\CAF report.doc
[2010/06/13 10:26:34 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\June 2010 NL.doc
[2010/06/13 10:12:34 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\jay johnston.doc
[2010/06/13 10:08:05 | 000,000,998 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Dropbox.lnk
[2010/06/13 09:57:51 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to My Dropbox.lnk
[2010/06/13 09:45:00 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to iexplore.lnk
[2010/06/12 21:23:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009Core.job
[2010/06/12 18:16:05 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to Linda's Documents.lnk
[2010/06/11 21:19:54 | 016,793,600 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\front cover.sig
[2010/06/11 20:15:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/11 18:29:22 | 000,146,620 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\fix.docx
[2010/06/11 18:20:15 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\My Sharing Folders.lnk
[2010/06/11 18:14:32 | 000,012,307 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\For information about how to edit the registry.docx
[2010/06/10 20:29:05 | 000,581,678 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/10 20:29:05 | 000,501,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/10 20:29:05 | 000,089,688 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/10 17:33:07 | 000,994,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/06 17:12:55 | 000,697,914 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HOme bar plans.docx
[2010/06/03 21:05:24 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2_backup.atw
[2010/06/03 21:05:24 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATW
[2010/06/03 20:30:16 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Organize Quick & Easy 5.0.lnk
[2010/06/03 20:30:12 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk
[2010/06/03 20:28:23 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATL
[2010/06/03 19:54:46 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATW
[2010/06/03 19:53:29 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1_backup.atw
[2010/06/03 19:53:29 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATL
[2010/05/24 00:23:28 | 000,001,901 | ---- | M] () -- C:\WINDOWS\panose.bin
[2010/05/24 00:06:56 | 000,167,096 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/05/18 17:14:40 | 004,844,040 | -H-- | M] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\IconCache.db
[2010/05/18 17:01:49 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/12 19:26:17 | 000,109,222 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Hello.docx
[2010/05/12 18:53:01 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/05/12 17:17:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/05/12 17:17:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/05/10 20:54:05 | 000,711,168 | ---- | M] () -- C:\WINDOWS\is-RJG6M.exe
[2010/05/10 20:54:05 | 000,010,562 | ---- | M] () -- C:\WINDOWS\is-RJG6M.msg
[2010/05/10 20:54:05 | 000,000,399 | ---- | M] () -- C:\WINDOWS\is-RJG6M.lst
[2010/05/09 08:16:07 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Make sure IE 8 is closed then navigate to registry key.doc
[2010/05/06 18:01:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/06 18:01:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/05 20:23:23 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/05 20:23:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/04 19:41:00 | 000,001,081 | ---- | M] () -- C:\WINDOWS\checkip.dat
[2010/05/04 19:13:27 | 000,001,174 | ---- | M] () -- C:\WINDOWS\ipconfig.dat
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/20 04:13:30 | 000,024,440 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/04/20 04:13:14 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/04/20 04:13:10 | 000,228,216 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OADriver.sys

========== Files Created - No Company Name ==========

[2010/06/13 19:02:09 | 000,011,125 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\GMER 1.docx
[2010/06/13 19:01:34 | 000,013,542 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Address Book Gramma.docx
[2010/06/13 11:14:29 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\HijackThis.lnk
[2010/06/13 10:31:21 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\apprentice report 2010may.doc
[2010/06/13 10:30:32 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\CAF report.doc
[2010/06/13 10:15:43 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\June 2010 NL.doc
[2010/06/13 10:08:36 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\jay johnston.doc
[2010/06/13 10:08:05 | 000,000,998 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Dropbox.lnk
[2010/06/13 09:57:51 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to My Dropbox.lnk
[2010/06/13 09:45:00 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to iexplore.lnk
[2010/06/12 21:05:20 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\FASTWiz.log
[2010/06/12 18:15:56 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to Linda's Documents.lnk
[2010/06/12 16:44:31 | 000,005,454 | R--- | C] () -- C:\Documents and Settings\New Linda\Application Data\wklnhst.dat
[2010/06/12 16:44:31 | 000,000,067 | R--- | C] () -- C:\Documents and Settings\New Linda\Application Data\photoshow_express_45_efigsj.txt
[2010/06/12 16:26:52 | 000,001,051 | R--- | C] () -- C:\Documents and Settings\New Linda\lindasaddresses
[2010/06/11 21:07:08 | 016,793,600 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\front cover.sig
[2010/06/11 18:29:22 | 000,146,620 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\fix.docx
[2010/06/11 18:14:32 | 000,012,307 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\For information about how to edit the registry.docx
[2010/06/06 16:53:34 | 000,697,914 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HOme bar plans.docx
[2010/06/03 20:31:00 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2_backup.atw
[2010/06/03 20:27:19 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATW
[2010/06/03 20:27:19 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATL
[2010/06/03 19:53:43 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1_backup.atw
[2010/06/03 19:53:29 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATW
[2010/06/03 19:53:29 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATL
[2010/06/03 18:58:07 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Organize Quick & Easy 5.0.lnk
[2010/06/03 18:58:05 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk
[2010/05/18 17:01:40 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/18 16:47:57 | 000,002,846 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Help and Support.lnk
[2010/05/18 16:47:50 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\New Linda\NTUSER.DAT
[2010/05/18 16:47:50 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\New Linda\ntuser.dat.LOG
[2010/05/18 16:47:50 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\New Linda\ntuser.ini
[2010/05/12 21:18:09 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009UA.job
[2010/05/12 21:18:09 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009Core.job
[2010/05/12 19:26:16 | 000,109,222 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Hello.docx
[2010/05/10 20:54:05 | 000,711,168 | ---- | C] () -- C:\WINDOWS\is-RJG6M.exe
[2010/05/10 20:54:05 | 000,010,562 | ---- | C] () -- C:\WINDOWS\is-RJG6M.msg
[2010/05/10 20:54:05 | 000,000,399 | ---- | C] () -- C:\WINDOWS\is-RJG6M.lst
[2010/05/09 08:16:06 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Make sure IE 8 is closed then navigate to registry key.doc
[2010/05/05 20:23:23 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/05 20:23:23 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/12/01 19:15:58 | 000,000,161 | ---- | C] () -- C:\WINDOWS\pm.INI
[2007/07/19 21:38:59 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS66.DLL
[2007/07/10 10:49:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/06/07 20:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2007/02/15 17:41:12 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/02/04 17:34:10 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/12/24 02:17:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/12/23 01:50:04 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/08/15 11:12:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QXConvrt.INI
[2006/03/21 20:45:58 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2005/11/21 00:52:06 | 000,000,123 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2005/11/20 23:50:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2005/10/17 20:50:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/17 20:25:28 | 000,012,968 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/10/17 20:25:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/10/17 20:19:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/17 20:15:31 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/10/17 20:15:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/10/17 20:15:30 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/10/17 20:15:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/10/17 20:15:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/10/17 20:15:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/10/17 20:10:26 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/10/17 20:06:10 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005/10/17 20:03:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005/10/17 20:03:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005/10/17 20:03:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005/10/17 19:52:15 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/10/17 19:48:46 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/10/17 19:48:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/10/17 19:48:25 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/07/07 16:07:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/06/16 01:38:02 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/03/21 19:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999/01/22 06:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2006/08/27 18:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/05/04 13:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bell
[2008/10/01 09:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2006/10/18 18:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/12/09 09:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2007/01/09 19:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2010/05/18 16:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/05/04 13:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2006/10/18 18:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2007/07/03 11:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/07/28 11:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VCOM
[2010/05/18 17:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/06/13 18:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Dropbox
[2010/05/18 16:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\OnlineArmor
[2005/10/17 20:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\SampleView
[2010/06/12 16:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Template
[2010/06/12 16:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Thunderbird

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/24 23:15:13 | 000,000,707 | ---- | M] () -- C:\9a0c428c-e24f-47d8-8893-ea7e0b2ebf83.cab
[2007/03/26 13:00:48 | 000,000,493 | ---- | M] () -- C:\additdiag.txt
[2005/06/25 01:32:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/12/20 23:06:58 | 000,000,213 | RHS- | M] () -- C:\BOOT.BAK
[2010/06/13 18:32:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2006/12/23 15:58:04 | 000,212,563 | ---- | M] () -- C:\ClearLog.txt
[2004/08/04 08:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2005/06/25 01:32:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/12/23 13:49:26 | 005,610,676 | ---- | M] () -- C:\EasyShareInstall.log
[2005/06/25 01:32:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/12/13 06:41:23 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2005/06/25 01:32:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/09 17:48:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/13 18:26:21 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
[2007/07/02 15:08:47 | 000,002,632 | ---- | M] () -- C:\Profile.xml
[2009/05/09 17:32:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/05/09 17:33:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/05/09 17:33:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/05/09 17:37:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/05/30 17:46:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/06/17 12:12:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/12/09 14:50:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/12/18 15:10:28 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/01/07 11:32:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/05/06 18:01:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/12 17:17:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2008/09/26 15:08:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2008/10/02 21:56:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2008/10/02 22:19:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2008/10/02 22:28:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/03/21 11:17:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/03/21 11:37:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/03/21 11:39:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/04/01 21:00:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/04/01 21:18:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/04/01 21:18:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/05/09 17:32:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/05/09 17:33:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/05/09 17:33:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/05/09 17:37:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/05/30 17:46:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/06/17 12:12:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/12/09 14:50:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/12/18 15:10:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/01/07 11:32:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/05/06 18:01:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/12 17:17:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2008/09/26 15:08:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2008/10/02 21:56:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2008/10/02 22:19:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2008/10/02 22:28:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/03/21 11:17:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/03/21 11:37:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/03/21 11:39:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/04/01 21:00:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2006/09/24 23:15:11 | 000,081,193 | ---- | M] () -- C:\threatalerts.txt
[2006/12/23 22:02:49 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2004/05/21 01:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD66.DLL
[2006/11/06 01:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2004/05/21 01:00:00 | 000,054,272 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP66.DLL
[2006/11/06 01:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 15:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 20:11:54 | 000,344,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\hnetcfg.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/06/24 18:25:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/06/24 18:25:14 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/06/24 18:25:14 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< End of report >


OTL logfile created on: 13/06/2010 8:00:11 PM - Run 3
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\New Linda\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

958.00 Mb Total Physical Memory | 453.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.79 Gb Total Space | 119.17 Gb Free Space | 66.28% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.18 Gb Free Space | 18.22% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHUCKSLINDACOMP
Current User Name: New Linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
PRC - [2010/04/20 04:42:10 | 003,065,848 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2010/04/20 04:42:08 | 006,678,008 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2010/04/20 04:42:08 | 003,364,856 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2010/04/20 04:42:08 | 001,284,600 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2010/02/26 01:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\New Linda\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2009/10/12 18:58:08 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/10/12 18:58:08 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/10/12 18:58:06 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/10/12 18:58:02 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/10/12 18:58:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/10 11:12:30 | 000,099,936 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
MOD - [2010/04/20 04:42:10 | 000,948,216 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2010/04/20 04:42:10 | 000,925,688 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaevent.dll
MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/13 20:12:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 20:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 20:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 20:11:55 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (KodakCCS)
SRV - File not found [Auto | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - [2010/04/20 04:42:08 | 003,364,856 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2010/04/20 04:42:08 | 001,284,600 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/10/12 18:58:02 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/10/12 18:58:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2006/11/10 11:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2010/05/16 19:52:01 | 000,068,168 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/20 04:13:30 | 000,024,440 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2010/04/20 04:13:14 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2010/04/20 04:13:10 | 000,228,216 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2010/02/23 20:18:41 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/23 20:18:41 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/19 11:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/19 11:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/10/12 18:58:08 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/10/12 18:58:08 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/06/01 17:14:24 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2007/01/09 19:36:42 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/12/24 03:04:33 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006/01/18 23:17:38 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/01/18 09:44:46 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2005/12/12 21:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/06/08 01:44:36 | 001,235,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/04/20 14:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/15 00:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 21:09:18 | 000,870,912 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 14:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/25 09:56:00 | 000,923,863 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2004/11/22 19:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 19:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2004/10/15 19:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 18:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
DRV - [2003/08/05 03:07:00 | 000,083,552 | R--- | M] (ALinx Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m4301A.sys -- (m4301a)
DRV - [2001/08/17 23:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2007/10/16 05:29:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/07/15 16:49:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2006/09/08 01:14:39 | 002,078,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk = C:\Program Files\Organize Quick & Easy 5.0\Organize.exe (Individual Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/25 01:32:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 23:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell - "" = AutoRun
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/13 19:16:47 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
[2010/06/13 11:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Malwarebytes
[2010/06/13 11:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/13 11:22:15 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\TFC.exe
[2010/06/13 11:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/06/13 11:07:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\IECompatCache
[2010/06/13 10:08:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Dropbox
[2010/06/13 10:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Dropbox
[2010/06/12 21:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Identities
[2010/06/12 16:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Template
[2010/06/12 16:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Talkback
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\yahoo!
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\U3
[2010/06/12 16:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Thunderbird
[2010/06/12 16:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\.limewire
[2010/06/12 15:42:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Application Data\Brother
[2010/06/12 15:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\HPQ
[2010/06/12 15:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\SUPERAntiSpyware.com
[2010/06/11 20:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010/06/11 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Macromedia
[2010/06/11 18:34:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\PrivacIE
[2010/06/10 20:00:26 | 000,000,000 | ---D | C] -- C:\740c9b4892d0251b7daa2c1edd
[2010/06/03 18:45:46 | 001,048,576 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\Roboex32.dll
[2010/06/03 18:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\Organize Quick & Easy 5.0
[2010/05/18 17:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Adobe
[2010/05/18 17:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Adobe
[2010/05/18 16:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\OnlineArmor
[2010/05/18 16:47:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Recent
[2010/05/18 16:47:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New Linda\Favorites
[2010/05/18 16:47:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\IETldCache
[2010/05/18 16:47:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\New Linda\Cookies
[2010/05/18 16:47:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\New Linda\Local Settings
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\WINDOWS
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Templates
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Symantec
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Start Menu
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\SendTo
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\SampleView
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Real
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\PrintHood
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\NetHood
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\My Documents
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft Help
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Microsoft
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Microsoft
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Intuit
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Identities
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Google
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Desktop
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\ApplicationHistory
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\Apple Computer
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Application Data\Apple Computer
[2010/05/18 16:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New Linda\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2010/05/12 21:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
[2010/05/12 19:26:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\OneNote Notebooks
[2010/05/12 19:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/12 19:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/05/12 19:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/05/12 18:59:31 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/07 21:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/05/07 05:38:48 | 000,228,216 | ---- | C] (Tall Emu) -- C:\WINDOWS\System32\drivers\OADriver.sys
[2010/05/07 05:38:48 | 000,029,560 | ---- | C] (Tall Emu Pty Ltd) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/05/07 05:38:48 | 000,024,440 | ---- | C] (Tall Emu) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/05/07 05:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\Tall Emu
[2010/05/05 21:01:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/05 20:58:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/04 13:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/05/04 13:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bell

========== Files - Modified Within 90 Days ==========

[2010/06/13 19:41:43 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\New Linda\NTUSER.DAT
[2010/06/13 19:23:01 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009UA.job
[2010/06/13 19:16:55 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\OTL.exe
[2010/06/13 19:02:09 | 000,011,125 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\GMER 1.docx
[2010/06/13 19:01:35 | 000,013,542 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Address Book Gramma.docx
[2010/06/13 18:32:56 | 000,000,521 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/13 18:32:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/06/13 18:32:56 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/13 18:26:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/13 18:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/13 18:18:41 | 061,032,436 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/13 18:03:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/13 11:24:36 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\New Linda\ntuser.ini
[2010/06/13 11:22:28 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New Linda\Desktop\TFC.exe
[2010/06/13 11:14:29 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\HijackThis.lnk
[2010/06/13 10:34:10 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\apprentice report 2010may.doc
[2010/06/13 10:30:32 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\CAF report.doc
[2010/06/13 10:26:34 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\June 2010 NL.doc
[2010/06/13 10:12:34 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\jay johnston.doc
[2010/06/13 10:08:05 | 000,000,998 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Dropbox.lnk
[2010/06/13 09:57:51 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to My Dropbox.lnk
[2010/06/13 09:45:00 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to iexplore.lnk
[2010/06/12 21:23:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009Core.job
[2010/06/12 18:16:05 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to Linda's Documents.lnk
[2010/06/11 21:19:54 | 016,793,600 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\front cover.sig
[2010/06/11 20:15:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/11 18:29:22 | 000,146,620 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\fix.docx
[2010/06/11 18:20:15 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\My Sharing Folders.lnk
[2010/06/11 18:14:32 | 000,012,307 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\For information about how to edit the registry.docx
[2010/06/10 20:29:05 | 000,581,678 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/10 20:29:05 | 000,501,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/10 20:29:05 | 000,089,688 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/10 17:33:07 | 000,994,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/06 17:12:55 | 000,697,914 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HOme bar plans.docx
[2010/06/03 21:05:24 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2_backup.atw
[2010/06/03 21:05:24 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATW
[2010/06/03 20:30:16 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Organize Quick & Easy 5.0.lnk
[2010/06/03 20:30:12 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk
[2010/06/03 20:28:23 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATL
[2010/06/03 19:54:46 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATW
[2010/06/03 19:53:29 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1_backup.atw
[2010/06/03 19:53:29 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATL
[2010/05/24 00:23:28 | 000,001,901 | ---- | M] () -- C:\WINDOWS\panose.bin
[2010/05/24 00:06:56 | 000,167,096 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/05/18 17:14:40 | 004,844,040 | -H-- | M] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\IconCache.db
[2010/05/18 17:01:49 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/12 19:26:17 | 000,109,222 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Hello.docx
[2010/05/12 18:53:01 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/05/12 17:17:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/05/12 17:17:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/05/10 20:54:05 | 000,711,168 | ---- | M] () -- C:\WINDOWS\is-RJG6M.exe
[2010/05/10 20:54:05 | 000,010,562 | ---- | M] () -- C:\WINDOWS\is-RJG6M.msg
[2010/05/10 20:54:05 | 000,000,399 | ---- | M] () -- C:\WINDOWS\is-RJG6M.lst
[2010/05/09 08:16:07 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Make sure IE 8 is closed then navigate to registry key.doc
[2010/05/06 18:01:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/06 18:01:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/05 20:23:23 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/05 20:23:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/05/04 19:41:00 | 000,001,081 | ---- | M] () -- C:\WINDOWS\checkip.dat
[2010/05/04 19:13:27 | 000,001,174 | ---- | M] () -- C:\WINDOWS\ipconfig.dat
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/20 04:13:30 | 000,024,440 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/04/20 04:13:14 | 000,029,560 | ---- | M] (Tall Emu Pty Ltd) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/04/20 04:13:10 | 000,228,216 | ---- | M] (Tall Emu) -- C:\WINDOWS\System32\drivers\OADriver.sys

========== Files Created - No Company Name ==========

[2010/06/13 19:02:09 | 000,011,125 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\GMER 1.docx
[2010/06/13 19:01:34 | 000,013,542 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Address Book Gramma.docx
[2010/06/13 11:14:29 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\HijackThis.lnk
[2010/06/13 10:31:21 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\apprentice report 2010may.doc
[2010/06/13 10:30:32 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\CAF report.doc
[2010/06/13 10:15:43 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\June 2010 NL.doc
[2010/06/13 10:08:36 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\jay johnston.doc
[2010/06/13 10:08:05 | 000,000,998 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Dropbox.lnk
[2010/06/13 09:57:51 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to My Dropbox.lnk
[2010/06/13 09:45:00 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to iexplore.lnk
[2010/06/12 21:05:20 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\FASTWiz.log
[2010/06/12 18:15:56 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Shortcut to Linda's Documents.lnk
[2010/06/12 16:44:31 | 000,005,454 | R--- | C] () -- C:\Documents and Settings\New Linda\Application Data\wklnhst.dat
[2010/06/12 16:44:31 | 000,000,067 | R--- | C] () -- C:\Documents and Settings\New Linda\Application Data\photoshow_express_45_efigsj.txt
[2010/06/12 16:26:52 | 000,001,051 | R--- | C] () -- C:\Documents and Settings\New Linda\lindasaddresses
[2010/06/11 21:07:08 | 016,793,600 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\front cover.sig
[2010/06/11 18:29:22 | 000,146,620 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\fix.docx
[2010/06/11 18:14:32 | 000,012,307 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\For information about how to edit the registry.docx
[2010/06/06 16:53:34 | 000,697,914 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HOme bar plans.docx
[2010/06/03 20:31:00 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2_backup.atw
[2010/06/03 20:27:19 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATW
[2010/06/03 20:27:19 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize2.ATL
[2010/06/03 19:53:43 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1_backup.atw
[2010/06/03 19:53:29 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATW
[2010/06/03 19:53:29 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Organize1.ATL
[2010/06/03 18:58:07 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Organize Quick & Easy 5.0.lnk
[2010/06/03 18:58:05 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Organize Quick & Easy 5.0.lnk
[2010/05/18 17:01:40 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\New Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/18 16:47:57 | 000,002,846 | ---- | C] () -- C:\Documents and Settings\New Linda\Desktop\Help and Support.lnk
[2010/05/18 16:47:50 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\New Linda\NTUSER.DAT
[2010/05/18 16:47:50 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\New Linda\ntuser.dat.LOG
[2010/05/18 16:47:50 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\New Linda\ntuser.ini
[2010/05/12 21:18:09 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009UA.job
[2010/05/12 21:18:09 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3033578174-706561412-1797122899-1009Core.job
[2010/05/12 19:26:16 | 000,109,222 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Hello.docx
[2010/05/10 20:54:05 | 000,711,168 | ---- | C] () -- C:\WINDOWS\is-RJG6M.exe
[2010/05/10 20:54:05 | 000,010,562 | ---- | C] () -- C:\WINDOWS\is-RJG6M.msg
[2010/05/10 20:54:05 | 000,000,399 | ---- | C] () -- C:\WINDOWS\is-RJG6M.lst
[2010/05/09 08:16:06 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Make sure IE 8 is closed then navigate to registry key.doc
[2010/05/05 20:23:23 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/05 20:23:23 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/12/01 19:15:58 | 000,000,161 | ---- | C] () -- C:\WINDOWS\pm.INI
[2007/07/19 21:38:59 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS66.DLL
[2007/07/10 10:49:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/06/07 20:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2007/02/15 17:41:12 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/02/04 17:34:10 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/12/24 02:17:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/12/23 01:50:04 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/08/15 11:12:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QXConvrt.INI
[2006/03/21 20:45:58 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2005/11/21 00:52:06 | 000,000,123 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2005/11/20 23:50:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2005/10/17 20:50:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/17 20:25:28 | 000,012,968 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/10/17 20:25:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/10/17 20:19:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/17 20:15:31 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/10/17 20:15:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/10/17 20:15:30 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/10/17 20:15:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/10/17 20:15:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/10/17 20:15:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/10/17 20:10:26 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/10/17 20:06:10 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005/10/17 20:03:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005/10/17 20:03:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005/10/17 20:03:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005/10/17 20:03:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005/10/17 19:52:15 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/10/17 19:48:46 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/10/17 19:48:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/10/17 19:48:25 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/07/07 16:07:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/06/16 01:38:02 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/03/21 19:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999/01/22 06:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2006/08/27 18:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/05/04 13:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bell
[2008/10/01 09:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2006/10/18 18:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/12/09 09:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2007/01/09 19:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2010/05/18 16:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/05/04 13:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2006/10/18 18:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2007/07/03 11:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/07/28 11:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VCOM
[2010/05/18 17:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/06/13 18:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Dropbox
[2010/05/18 16:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\OnlineArmor
[2005/10/17 20:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\SampleView
[2010/06/12 16:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Template
[2010/06/12 16:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\New Linda\Application Data\Thunderbird

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/24 23:15:13 | 000,000,707 | ---- | M] () -- C:\9a0c428c-e24f-47d8-8893-ea7e0b2ebf83.cab
[2007/03/26 13:00:48 | 000,000,493 | ---- | M] () -- C:\additdiag.txt
[2005/06/25 01:32:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/12/20 23:06:58 | 000,000,213 | RHS- | M] () -- C:\BOOT.BAK
[2010/06/13 18:32:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2006/12/23 15:58:04 | 000,212,563 | ---- | M] () -- C:\ClearLog.txt
[2004/08/04 08:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2005/06/25 01:32:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/12/23 13:49:26 | 005,610,676 | ---- | M] () -- C:\EasyShareInstall.log
[2005/06/25 01:32:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/12/13 06:41:23 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2005/06/25 01:32:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/09 17:48:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/13 18:26:21 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
[2007/07/02 15:08:47 | 000,002,632 | ---- | M] () -- C:\Profile.xml
[2009/05/09 17:32:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/05/09 17:33:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/05/09 17:33:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/05/09 17:37:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/05/30 17:46:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/06/17 12:12:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/12/09 14:50:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/12/18 15:10:28 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/01/07 11:32:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/05/06 18:01:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/12 17:17:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2008/09/26 15:08:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2008/10/02 21:56:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2008/10/02 22:19:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2008/10/02 22:28:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/03/21 11:17:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/03/21 11:37:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/03/21 11:39:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/04/01 21:00:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/04/01 21:18:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/04/01 21:18:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/05/09 17:32:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/05/09 17:33:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/05/09 17:33:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/05/09 17:37:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/05/30 17:46:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/06/17 12:12:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/12/09 14:50:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/12/18 15:10:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/01/07 11:32:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/05/06 18:01:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/12 17:17:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2008/09/26 15:08:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2008/10/02 21:56:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2008/10/02 22:19:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2008/10/02 22:28:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/03/21 11:17:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/03/21 11:37:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/03/21 11:39:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/04/01 21:00:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2006/09/24 23:15:11 | 000,081,193 | ---- | M] () -- C:\threatalerts.txt
[2006/12/23 22:02:49 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2004/05/21 01:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD66.DLL
[2006/11/06 01:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2004/05/21 01:00:00 | 000,054,272 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP66.DLL
[2006/11/06 01:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/03/22 15:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 20:11:54 | 000,344,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\hnetcfg.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/06/24 18:25:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/06/24 18:25:14 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/06/24 18:25:14 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP