Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware, Virus help

Started by tifleah , Jun 18 2010 11:40 PM

  • Please log in to reply

#1
tifleah
Posted 18 June 2010 - 11:40 PM

tifleah

    New Member

  • Member
  • Pip
  • 1 posts
Hi, I am having some major issues with my laptop, and I believe it is all due to malware and/or viruses. I am trying to follow the forum directions and will try to give the needed details and leave out the details that aren't needed...Symptoms started a few days ago. After logging into Windows, after a few minutes, the mouse pointer spins and I cannot click on anything. Sometimes the computer just shuts down. It runs almost always without problems in SafeMode. The first thing I did was ran AVG virus scan. (I can't remember the results at this juncture). I ran SUPERanti-spyware and had 189 tracking cookies. I ran ESET online scan with 8 detected files. I ran Panda ActiveScan with 28 infected files. I ran SpyBot, and RemoveIt, which found 11 files but I didn't clean them because when I did some Googling the RemoveIt was known for false positives such as OSA.exe files. I'm sorry I do not know the name of the trojans that I did find in some of these scans and cleaned. The thing is it is still not fixed. I have followed the guide here and will post those logs. The GMER will not run and crashes every time, however. OS Vista.

These were the files found using ESET:
C:\SWSetup\AOLIMS\setup.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\jar_cache2389502608710190240.tmp a variant of Java/TrojanDownloader.Agent.NAN trojan deleted - quarantined
C:\Users\Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3ebcf5d2-1d757352 multiple threats deleted - quarantined
C:\Users\Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\238ef117-195292dc multiple threats deleted - quarantined
C:\Users\Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\5b6bd665-512b0cb8 multiple threats deleted - quarantined
C:\Users\Family\Documents\Downloads\unconfirmed 15159.download a variant of Win32/Skintrim.CC trojan cleaned by deleting - quarantined
C:\Users\Family\Documents\Downloads\unconfirmed 61675.download a variant of Win32/Skintrim.CC trojan cleaned by deleting - quarantined
C:\Users\Tiffany\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\30b9e4e6-2fbc5109 multiple threats deleted - quarantined


MBAM Log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4211

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 7.0.6002.18005

6/18/2010 2:26:43 AM
mbam-log-2010-06-18 (02-26-43).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 362578
Time elapsed: 1 hour(s), 45 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL extras log:
OTL Extras logfile created on: 6/19/2010 1:23:00 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Tiffany\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 202.22 Gb Total Space | 96.10 Gb Free Space | 47.52% Space Free | Partition Type: NTFS
Drive D: | 11.08 Gb Total Space | 1.93 Gb Free Space | 17.43% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 19.58 Gb Total Space | 19.33 Gb Free Space | 98.73% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HPLAPTOP
Current User Name: Tiffany
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Tiffany\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3EA6C935-DCE0-437F-8EF4-F688A1BE27D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B6B25BB3-A10F-4118-AAA5-BFC8DAF30C77}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051E76DE-D806-4F03-846D-83295324AC67}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{201F2824-2094-4148-81FF-3428352A5B44}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{29CFD65D-35F1-4ECF-A8DF-7D04677A99B2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{533BCF9D-AF9A-42FB-A0E9-3C85A761F7F7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{90830889-C353-4A03-9AAD-4CDBC76784AA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9806427D-EC41-4463-A70C-F7B59A210B9F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9B9B7D1F-D621-4394-B929-F1FB691C1267}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A6D88D72-2391-4721-816E-2C94B52A5F00}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AB7A5D5D-B4A5-4E3E-AEED-95C04FED0CE0}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{BBCB85D4-AB55-40F3-A2F6-D2E3FFD60EDC}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C21B3CC0-6AC9-44F8-8698-DDA4C02F2D5D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{D287CAA9-6FA9-4844-AC17-49224F13CF0F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FA18650C-9C0D-4FCF-84B5-ACF5DC7774BA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{FBD668B0-9977-472A-B5D9-24DF9E847B5E}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"TCP Query User{49CC5DBC-A343-4EA1-98DB-AF630C818F52}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{A72D3380-992D-4B3B-B26F-26CF5B4C6498}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe" = protocol=6 | dir=in | app=c:\program files\incode solutions\removeit pro v4 - se\removeit.exe |
"TCP Query User{F469FAAB-5383-428C-8FD9-6552E9246E58}C:\users\family\appdata\local\temp\dqeimjky.exe" = protocol=6 | dir=in | app=c:\users\family\appdata\local\temp\dqeimjky.exe |
"UDP Query User{599930B1-A8F4-43CC-9E23-9E36C886A000}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{D4DD85B7-1DDB-42A2-AA3B-B424CAF48BEC}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe" = protocol=17 | dir=in | app=c:\program files\incode solutions\removeit pro v4 - se\removeit.exe |
"UDP Query User{F49B1297-12AD-4DE6-9EF4-6C340CAD317A}C:\users\family\appdata\local\temp\dqeimjky.exe" = protocol=17 | dir=in | app=c:\users\family\appdata\local\temp\dqeimjky.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{0733788C-BE48-48AB-94CF-B62DD0B28949}" = SoftMed Net Client
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1F6257D6-0FC6-4AB3-8D9F-7F86E4BA9EF1}" = SoftMed NetClient
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{240947BD-2F65-4912-8B29-1025A96A898E}" = BeyondTXT Desktop
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 19
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40ABE28B-26C4-4A93-84B2-4B5BEB5E4ABB}" = Meet Your Computer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_InfoPath_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_InfoPath_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_InfoPath_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0000-0000-0000000FF1CE}" = Microsoft Office InfoPath 2007
"{90120000-0044-0000-0000-0000000FF1CE}_InfoPath_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0000-0000-0000000FF1CE}_InfoPath_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_InfoPath_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_InfoPath_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_InfoPath_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word 2003
"{90E00409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9DF095E1-8EC2-4892-8740-93769DB1E944}" = User Agent String Utility
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{9FC18E06-247F-4878-BCC6-A8850F980975}" = muvee autoProducer 6.1
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AFB69A06-A094-49F4-AC7D-FBED8DB0C47F}" = SoftMed Netclient .NET
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4DB7658-A8D2-458C-B68C-9DBA74F1CCD3}" = iTivity
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}" = HP User Guides 0090
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_6" = AIM 6
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InfoPath" = Microsoft Office InfoPath 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{0733788C-BE48-48AB-94CF-B62DD0B28949}" = SoftMed Net Client
"InstallShield_{1F6257D6-0FC6-4AB3-8D9F-7F86E4BA9EF1}" = SoftMed NetClient
"InstallShield_{240947BD-2F65-4912-8B29-1025A96A898E}" = BeyondTXT Desktop
"InstallShield_{AFB69A06-A094-49F4-AC7D-FBED8DB0C47F}" = SoftMed Netclient .NET
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Instant Text V Pro" = Instant Text V Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSC" = McAfee SecurityCenter
"RemoveIT Pro v4 - SE" = RemoveIT Pro v4 - SE
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d77335ed1e6a73da" = ChartScript.com
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.456

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/18/2010 5:20:54 AM | Computer Name = HPLaptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Tiffany\AppData\Local\Temp\RarSFX0\redist.dll".
Dependent
Assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/18/2010 9:54:58 AM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

Error - 6/18/2010 10:01:57 AM | Computer Name = HPLaptop | Source = EventSystem | ID = 4609
Description =

Error - 6/18/2010 10:02:42 AM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

Error - 6/18/2010 10:11:31 AM | Computer Name = HPLaptop | Source = EventSystem | ID = 4609
Description =

Error - 6/18/2010 10:12:13 AM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

Error - 6/18/2010 10:28:57 AM | Computer Name = HPLaptop | Source = EventSystem | ID = 4609
Description =

Error - 6/18/2010 10:29:12 AM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

Error - 6/18/2010 3:39:23 PM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

Error - 6/18/2010 6:54:41 PM | Computer Name = HPLaptop | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 6/19/2010 12:19:47 AM | Computer Name = HPLaptop | Source = Service Control Manager | ID = 7000
Description =

Error - 6/19/2010 12:21:27 AM | Computer Name = HPLaptop | Source = Service Control Manager | ID = 7022
Description =

Error - 6/19/2010 12:21:28 AM | Computer Name = HPLaptop | Source = Service Control Manager | ID = 7001
Description =

Error - 6/19/2010 12:28:42 AM | Computer Name = HPLaptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:27:06 AM on 6/19/2010 was unexpected.

Error - 6/19/2010 12:29:53 AM | Computer Name = HPLaptop | Source = Service Control Manager | ID = 7001
Description =

Error - 6/19/2010 12:29:53 AM | Computer Name = HPLaptop | Source = Service Control Manager | ID = 7026
Description =

Error - 6/19/2010 12:32:55 AM | Computer Name = HPLaptop | Source = DCOM | ID = 10005
Description =

Error - 6/19/2010 1:17:56 AM | Computer Name = HPLaptop | Source = DCOM | ID = 10005
Description =

Error - 6/19/2010 1:18:05 AM | Computer Name = HPLaptop | Source = DCOM | ID = 10005
Description =

Error - 6/19/2010 1:18:10 AM | Computer Name = HPLaptop | Source = DCOM | ID = 10005
Description =


OTL log:
OTL logfile created on: 6/19/2010 1:23:00 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Tiffany\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 202.22 Gb Total Space | 96.10 Gb Free Space | 47.52% Space Free | Partition Type: NTFS
Drive D: | 11.08 Gb Total Space | 1.93 Gb Free Space | 17.43% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 19.58 Gb Total Space | 19.33 Gb Free Space | 98.73% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HPLAPTOP
Current User Name: Tiffany
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/19 01:22:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\OTL.exe
PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/20 22:24:02 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe


========== Modules (SafeList) ==========

MOD - [2010/06/19 01:22:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\OTL.exe
MOD - [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/11/13 14:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/16 11:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Stopped] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/03/05 13:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - [2010/05/06 17:10:20 | 000,068,168 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/14 12:50:14 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/03/28 11:30:55 | 000,024,576 | ---- | M] (HTC1124 Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/07/16 12:32:26 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/02/13 14:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/03/04 05:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/06 09:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/11/01 08:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 08:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 08:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/01 11:35:52 | 000,183,352 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/08/08 23:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 14:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 13:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/13 01:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/07/11 13:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/28 11:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/18 08:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/04/03 16:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 03:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...n&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/06/19 00:24:29 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/06/18 04:43:59 | 000,408,454 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14126 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\456\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\WINDOWS\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Tiffany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: chartscriptnet ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: transcendservices.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: trcr.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: uhseast.com ([capebowling] https in Trusted sites)
O16 - DPF: {43FD544E-CA49-4E7C-AA2D-EAC09DE389C2} https://capebowling....edNetClient.cab (ExpresivNC.ExpresivNetClient)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {9DDB393E-A5C2-40F7-A37F-4957CAC7C65C} http://workportal01....tiveXLoader.CAB (ActiveXLoader.Loader)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CFDCBEFF-24E5-49B9-9172-91D7E2C834F2} https://capebowling....tclientcore.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF2E2523-5E55-4A8F-A0C9-0F2B7457290C} https://mls.trcr.com...WTrackerCTL.CAB (SWTrackerCTL.ucTrackerCTL)
O16 - DPF: BBTActiveXCryptoInstall https://capebowling....yptoInstall.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/20 20:32:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{b4e99a4c-3916-11df-9a87-001d725ad19e}\Shell - "" = AutoRun
O33 - MountPoints2\{b4e99a4c-3916-11df-9a87-001d725ad19e}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias [2008/01/20 22:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/06/19 01:22:03 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\OTL.exe
[2010/06/18 23:33:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/18 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/18 23:17:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/06/18 22:56:42 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\TFC.exe
[2010/06/18 22:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\InCode Solutions
[2010/06/18 05:36:23 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2010/06/18 05:36:23 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/06/18 05:36:23 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2010/06/18 05:36:23 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/06/18 05:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/06/18 05:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/06/18 05:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/06/18 05:34:17 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/06/18 05:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/06/18 04:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/06/18 04:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/06/18 03:59:56 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Tiffany\Desktop\moreyuck.exe
[2010/06/18 03:22:45 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/06/18 03:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/06/18 00:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/18 00:40:03 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Malwarebytes
[2010/06/18 00:39:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/18 00:39:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/18 00:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/18 00:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/18 00:38:36 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tiffany\Desktop\yuckhelp.exe
[2010/06/18 00:28:52 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys.prepare
[2010/06/18 00:28:51 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys.prepare
[2010/05/30 03:38:17 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Template
[2010/05/28 01:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2010/05/21 06:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/05/21 06:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/05/21 06:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\PC Cleaner
[2010/05/21 06:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/05/21 05:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/05/21 05:52:15 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\SUPERAntiSpyware.com
[2010/05/21 05:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/05/21 05:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/05/12 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Yahoo!
[2010/05/12 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Yahoo
[2010/05/12 14:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/05/07 02:59:21 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Apple Computer
[2010/05/07 02:59:20 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Apple Computer
[2010/05/07 02:58:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/05/07 02:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/07 02:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/05/07 02:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/07 02:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/05/07 02:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/05/07 02:54:35 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Apple
[2010/05/07 02:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/05/07 02:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/05/07 02:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/05/07 02:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/05/04 00:11:06 | 000,000,000 | ---D | C] -- C:\PFiles
[2010/04/28 16:51:13 | 000,000,000 | ---D | C] -- C:\DUMP_DICOM
[2010/04/24 01:54:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/22 23:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/04/20 02:47:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\x64
[2010/04/20 02:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/04/14 19:57:06 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\ICAClient
[2010/04/14 12:50:14 | 000,385,536 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2010/04/10 14:39:57 | 000,000,000 | -HSD | C] -- C:\found.000
[2010/04/04 12:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/04/04 06:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/04 06:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2010/04/03 14:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\Shorthand for Windows
[2010/04/02 19:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks
[2010/04/02 19:46:57 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\NeoSmart_Technologies
[2010/04/02 19:14:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\CheckSur
[2010/04/02 18:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft User Agent String Utility
[2010/04/02 05:17:11 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Sony Corporation
[2010/04/02 05:17:11 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\Picture Motion Browser
[2010/04/02 05:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/04/02 05:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/04/02 04:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/04/02 00:38:08 | 000,000,000 | ---D | C] -- C:\0dfb5898f3b0c5b580e0e356fa0e
[2010/04/01 22:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Citrix
[2010/04/01 19:51:30 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\CCBAA1F7E5E148B29ED9A79C6A37CE78.TMP
[2010/04/01 14:49:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\eu-ES
[2010/04/01 14:49:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ca-ES
[2010/04/01 14:49:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vi-VN
[2010/03/31 17:00:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\EventProviders
[2010/03/31 16:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/03/31 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Desktop\Programs not frequently used
[2010/03/31 15:14:35 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Desktop\TRCR
[2010/03/31 14:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/03/31 10:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/31 08:39:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/31 07:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2010/03/31 07:10:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/03/31 03:53:17 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\My Drivers
[2010/03/31 03:53:17 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Innovative Solutions
[2010/03/31 03:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2010/03/31 03:09:37 | 000,000,000 | ---D | C] -- C:\XPISO
[2010/03/31 03:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2010/03/31 02:00:06 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\acccore
[2010/03/31 01:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2010/03/31 01:59:44 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\AOL OCP
[2010/03/31 01:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010/03/30 23:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/03/30 23:25:29 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\uTorrent
[2010/03/30 16:53:27 | 000,000,000 | ---D | C] -- C:\OutlookDownload
[2010/03/30 16:52:17 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Transcend
[2010/03/30 16:50:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppData
[2010/03/30 16:47:49 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\Transcend
[2010/03/30 16:42:53 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\TRCR
[2010/03/30 16:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MModal
[2010/03/30 16:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TRCR
[2010/03/28 11:30:55 | 000,024,576 | ---- | C] (HTC1124 Inc) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys
[2010/03/28 11:21:56 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Teleca
[2010/03/28 11:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
[2010/03/28 11:12:52 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\HTCsync[1]
[2010/03/28 02:54:33 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\Youcam
[2010/03/27 17:58:15 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\Downloads
[2010/03/27 16:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2010/03/27 16:32:51 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\NCH Swift Sound
[2010/03/27 15:04:46 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\Feedback
[2010/03/27 06:53:30 | 000,000,000 | ---D | C] -- C:\InstText
[2010/03/27 06:32:41 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\itivity_data
[2010/03/27 06:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTivity
[2010/03/27 06:32:09 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\InstallShield
[2010/03/27 06:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/03/27 05:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\VoiceScribe
[2010/03/27 05:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\TRCR
[2010/03/27 02:16:22 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Western_Digital
[2010/03/27 02:15:57 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Western Digital
[2010/03/27 02:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010/03/27 02:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2010/03/27 02:11:45 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Western Digital
[2010/03/26 16:16:39 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\SoftMed
[2010/03/26 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\SoftMed
[2010/03/26 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DBS
[2010/03/26 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Documents\My Received Files
[2010/03/26 14:41:38 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\Tracing
[2010/03/26 14:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/26 14:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/26 14:22:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/03/26 14:22:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/03/26 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\3M
[2010/03/26 14:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/26 14:09:56 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Apps
[2010/03/26 14:09:52 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Deployment
[2010/03/26 14:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/26 14:06:43 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Microsoft Help
[2010/03/26 14:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/03/26 14:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/03/26 14:05:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/03/26 11:26:05 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Adobe
[2010/03/26 11:20:04 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\CyberLink
[2010/03/26 11:19:14 | 003,356,989 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/03/26 11:19:14 | 003,347,890 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/03/26 11:19:14 | 003,266,369 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/03/26 11:19:13 | 002,598,373 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/03/26 11:19:13 | 002,430,849 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/03/26 11:19:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ENU
[2010/03/26 06:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/03/26 06:12:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2010/03/26 06:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/26 05:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2010/03/26 05:20:37 | 000,127,376 | ---- | C] (Deterministic Networks, Inc.) -- C:\WINDOWS\System32\drivers\dne2000.sys
[2010/03/26 05:20:37 | 000,101,904 | ---- | C] (Deterministic Networks, Inc.) -- C:\WINDOWS\System32\dneinobj.dll
[2010/03/26 05:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2010/03/26 04:46:49 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Google
[2010/03/26 04:46:49 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Google
[2010/03/26 04:36:20 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Adobe
[2010/03/26 04:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/03/26 04:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/03/26 03:48:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/03/26 03:33:47 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\QuickPlay
[2010/03/26 03:33:42 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Symantec
[2010/03/26 03:33:13 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Searches
[2010/03/26 03:33:06 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Identities
[2010/03/26 03:33:04 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Contacts
[2010/03/26 03:29:53 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Macromedia
[2010/03/26 03:29:13 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Hewlett-Packard
[2010/03/26 03:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/03/26 03:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/03/26 03:27:43 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Downloaded Installations
[2010/03/26 03:24:31 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/03/26 03:22:51 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\VirtualStore
[2010/03/26 03:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/26 03:20:11 | 000,000,000 | --SD | C] -- C:\Users\Tiffany\AppData\Roaming\Microsoft
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Videos
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Saved Games
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Pictures
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Music
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Links
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Favorites
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Downloads
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Documents
[2010/03/26 03:20:11 | 000,000,000 | R--D | C] -- C:\Users\Tiffany\Desktop
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\AppData\Local\Temporary Internet Files
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Templates
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Start Menu
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\SendTo
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Recent
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\PrintHood
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\NetHood
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Documents\My Videos
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Documents\My Pictures
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Documents\My Music
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\My Documents
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Local Settings
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\AppData\Local\History
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Cookies
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\Application Data
[2010/03/26 03:20:11 | 000,000,000 | -HSD | C] -- C:\Users\Tiffany\AppData\Local\Application Data
[2010/03/26 03:20:11 | 000,000,000 | -H-D | C] -- C:\Users\Tiffany\AppData
[2010/03/26 03:20:11 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Temp
[2010/03/26 03:20:11 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Local\Microsoft
[2010/03/26 03:20:11 | 000,000,000 | ---D | C] -- C:\Users\Tiffany\AppData\Roaming\Media Center Programs
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010/03/26 03:16:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010/03/26 03:16:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Users\Tiffany\*.tmp files -> C:\Users\Tiffany\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/19 01:22:09 | 006,815,744 | -HS- | M] () -- C:\Users\Tiffany\ntuser.dat
[2010/06/19 01:22:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\OTL.exe
[2010/06/19 00:29:04 | 000,004,318 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/06/19 00:28:40 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/19 00:28:12 | 266,479,591 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/06/19 00:21:18 | 000,000,279 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/06/19 00:19:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/19 00:19:33 | 000,003,616 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/19 00:19:33 | 000,003,616 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/19 00:19:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/19 00:18:08 | 000,524,288 | -HS- | M] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/19 00:18:08 | 000,065,536 | -HS- | M] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/19 00:15:03 | 000,070,984 | ---- | M] () -- C:\Users\Tiffany\g2mdlhlpx.exe
[2010/06/18 22:56:47 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Tiffany\Desktop\TFC.exe
[2010/06/18 22:30:35 | 000,001,875 | ---- | M] () -- C:\Users\Tiffany\Desktop\RemoveIT Pro v4 - SE.lnk
[2010/06/18 22:13:49 | 1034,420,218 | ---- | M] () -- C:\3590F75ABA9E485486C100C1A9D4FF06KUXLSXPZXCMLSBOC
[2010/06/18 05:37:46 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010/06/18 05:36:18 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/06/18 05:36:17 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/06/18 04:43:59 | 000,408,454 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/06/18 04:00:12 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Tiffany\Desktop\moreyuck.exe
[2010/06/18 00:38:36 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tiffany\Desktop\yuckhelp.exe
[2010/06/18 00:28:52 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys.prepare
[2010/06/18 00:28:51 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys.prepare
[2010/06/07 16:31:00 | 000,000,162 | -H-- | M] () -- C:\Users\Tiffany\Documents\~$emodel.doc
[2010/06/02 07:13:07 | 000,029,696 | ---- | M] () -- C:\Users\Tiffany\Documents\remodel.doc
[2010/05/30 03:38:15 | 000,000,000 | ---- | M] () -- C:\Users\Tiffany\AppData\Roaming\wklnhst.dat
[2010/05/26 02:44:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/24 20:13:24 | 000,023,547 | ---- | M] () -- C:\Users\Tiffany\Desktop\meolivig.jpg
[2010/05/24 19:36:45 | 000,008,035 | ---- | M] () -- C:\Users\Tiffany\Documents\Contacts for tdimaio (transrs).ctt
[2010/05/24 04:38:56 | 000,694,964 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/24 04:38:56 | 000,598,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/24 04:38:56 | 000,102,194 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/21 06:40:06 | 000,000,036 | ---- | M] () -- C:\WINDOWS\System32\PCCleanerVersion.ini
[2010/05/21 06:39:48 | 000,627,094 | ---- | M] () -- C:\WINDOWS\System32\PCCleaner.zip
[2010/05/21 06:34:29 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/05/21 06:13:16 | 000,002,565 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2010/05/16 04:07:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2010/05/06 11:02:06 | 003,266,369 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/05/04 15:53:12 | 000,395,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/03 18:32:24 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{300D0657-37A0-475F-9784-10250BA85E8B}.job
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 10:50:06 | 000,011,342 | -HS- | M] () -- C:\ProgramData\8rMjiIiS5Lohx
[2010/04/28 16:53:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Xscan.INI
[2010/04/28 16:51:15 | 000,000,271 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/26 22:57:04 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/04/24 03:41:32 | 000,015,738 | ---- | M] () -- C:\Users\Tiffany\Desktop\Oliglasses.jpg
[2010/04/24 03:40:37 | 000,059,914 | ---- | M] () -- C:\Users\Tiffany\Desktop\photo.php
[2010/04/23 12:18:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1002UA.job
[2010/04/22 23:18:00 | 000,000,860 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1002Core.job
[2010/04/21 02:38:16 | 000,038,400 | ---- | M] () -- C:\Users\Tiffany\Documents\21066142.doc
[2010/04/21 02:38:16 | 000,000,162 | -H-- | M] () -- C:\Users\Tiffany\Documents\~$066142.doc
[2010/04/19 16:07:49 | 000,692,829 | ---- | M] () -- C:\Users\Tiffany\Documents\Breadmachine.pdf
[2010/04/14 12:50:14 | 000,385,536 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2010/04/14 10:31:56 | 000,000,480 | ---- | M] () -- C:\Users\Tiffany\Desktop.lnk
[2010/04/10 14:11:01 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7C37F917-E76F-4FE7-BACB-1275E47BD9BA}.job
[2010/04/10 13:57:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1000UA.job
[2010/04/09 14:57:00 | 000,000,864 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1000Core.job
[2010/04/02 19:58:02 | 000,001,594 | ---- | M] () -- C:\WINDOWS\VPNInstall.MIF
[2010/04/02 19:44:25 | 000,001,594 | ---- | M] () -- C:\WINDOWS\VPNUnInstall.MIF
[2010/04/02 05:37:13 | 000,032,768 | ---- | M] () -- C:\Users\Tiffany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/02 05:06:26 | 000,002,043 | ---- | M] () -- C:\Users\Tiffany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
[2010/04/02 04:40:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/04/02 01:55:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/04/01 22:10:17 | 000,103,784 | ---- | M] () -- C:\Users\Tiffany\GoToAssistDownloadHelper.exe
[2010/03/31 04:57:21 | 556,072,960 | ---- | M] () -- C:\WinLite.iso
[2010/03/30 17:55:50 | 000,108,816 | ---- | M] () -- C:\Users\Tiffany\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/30 16:50:55 | 001,273,166 | ---- | M] () -- C:\WINDOWS\System32\sted2008.clx
[2010/03/30 16:50:51 | 000,551,836 | ---- | M] () -- C:\WINDOWS\System32\sscema2.clx
[2010/03/30 16:50:49 | 000,000,015 | ---- | M] () -- C:\WINDOWS\System32\sscema.tlx
[2010/03/30 16:50:48 | 000,327,608 | ---- | M] () -- C:\WINDOWS\System32\ssceam2.clx
[2010/03/30 16:50:47 | 000,007,796 | ---- | M] () -- C:\WINDOWS\System32\ssceam.tlx
[2010/03/30 16:50:37 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\SWTracker.ini
[2010/03/30 16:36:28 | 000,011,300 | -HS- | M] () -- C:\WINDOWS\System32\.admconf
[2010/03/28 11:51:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/03/28 11:33:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\DbgOut.INI
[2010/03/28 11:30:55 | 000,024,576 | ---- | M] (HTC1124 Inc) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys
[2010/03/28 01:25:21 | 000,248,718 | ---- | M] () -- C:\Users\Tiffany\Documents\expanders.tmc
[2010/03/28 01:23:52 | 000,248,718 | ---- | M] () -- C:\Users\Tiffany\Documents\expanders.xml
[2010/03/27 06:54:35 | 000,003,099 | ---- | M] () -- C:\WINDOWS\InstText.ini
[2010/03/27 06:52:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/27 06:52:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/27 02:14:51 | 000,001,282 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2010/03/27 02:14:50 | 000,001,221 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2010/03/26 14:01:53 | 231,001,741 | ---- | M] () -- C:\Users\Tiffany\Documents\Infopath.zip
[2010/03/26 11:19:14 | 003,356,989 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/03/26 11:19:14 | 003,347,890 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/03/26 11:19:14 | 002,598,373 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/03/26 11:19:13 | 002,430,849 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/03/26 07:14:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/03/26 05:52:04 | 000,001,876 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/03/26 05:17:04 | 197,672,732 | ---- | M] () -- C:\Users\Tiffany\Documents\Word.zip
[2010/03/26 04:00:51 | 000,016,054 | ---- | M] () -- C:\WINDOWS\System32\results.xml
[2010/03/26 03:49:35 | 000,524,288 | -HS- | M] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 03:32:59 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\LOG
[2010/03/26 03:32:58 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/03/26 03:20:41 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_cNB_Pavilion dv2700 Notebook PC_Y5335KV_0U_Q2CE8200XQ7_E482549-002_4A_I30CD_SWistron_V80.52_F.2E_T081201_WV3-1_L409_M3062_J250_7Intel_86FD_91.83_#100326_N11AB4353;80864229_(FE989UA#ABA)_XMO
BILE_CN10_Z.MRK
[2010/03/26 03:20:11 | 000,000,020 | -HS- | M] () -- C:\Users\Tiffany\ntuser.ini
[2010/03/26 03:13:29 | 000,047,092 | ---- | M] () -- C:\WINDOWS\System32\license.rtf
[1 C:\Users\Tiffany\*.tmp files -> C:\Users\Tiffany\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/19 00:15:03 | 000,070,984 | ---- | C] () -- C:\Users\Tiffany\g2mdlhlpx.exe
[2010/06/18 23:59:55 | 000,002,565 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2010/06/18 23:59:55 | 000,002,043 | ---- | C] () -- C:\Users\Tiffany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
[2010/06/18 23:59:55 | 000,001,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/06/18 23:59:55 | 000,001,282 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2010/06/18 23:59:55 | 000,001,221 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2010/06/18 23:47:39 | 266,479,591 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2010/06/18 22:30:35 | 000,001,875 | ---- | C] () -- C:\Users\Tiffany\Desktop\RemoveIT Pro v4 - SE.lnk
[2010/06/18 22:13:49 | 1034,420,218 | ---- | C] () -- C:\3590F75ABA9E485486C100C1A9D4FF06KUXLSXPZXCMLSBOC
[2010/06/18 09:54:36 | 000,004,318 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2010/06/18 05:37:46 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010/06/18 05:36:18 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/06/18 05:36:17 | 000,000,322 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/06/07 16:31:00 | 000,000,162 | -H-- | C] () -- C:\Users\Tiffany\Documents\~$emodel.doc
[2010/06/02 07:13:07 | 000,029,696 | ---- | C] () -- C:\Users\Tiffany\Documents\remodel.doc
[2010/05/30 03:38:15 | 000,000,000 | ---- | C] () -- C:\Users\Tiffany\AppData\Roaming\wklnhst.dat
[2010/05/24 20:13:23 | 000,023,547 | ---- | C] () -- C:\Users\Tiffany\Desktop\meolivig.jpg
[2010/05/24 19:36:45 | 000,008,035 | ---- | C] () -- C:\Users\Tiffany\Documents\Contacts for tdimaio (transrs).ctt
[2010/05/21 06:39:48 | 000,627,094 | ---- | C] () -- C:\WINDOWS\System32\PCCleaner.zip
[2010/05/21 06:39:28 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\PCCleanerVersion.ini
[2010/05/01 15:48:15 | 000,000,420 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{300D0657-37A0-475F-9784-10250BA85E8B}.job
[2010/04/28 16:53:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Xscan.INI
[2010/04/28 11:37:24 | 000,011,342 | -HS- | C] () -- C:\ProgramData\8rMjiIiS5Lohx
[2010/04/24 03:41:32 | 000,015,738 | ---- | C] () -- C:\Users\Tiffany\Desktop\Oliglasses.jpg
[2010/04/24 03:40:37 | 000,059,914 | ---- | C] () -- C:\Users\Tiffany\Desktop\photo.php
[2010/04/22 23:13:21 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1002UA.job
[2010/04/22 23:13:21 | 000,000,860 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1002Core.job
[2010/04/21 02:38:16 | 000,038,400 | ---- | C] () -- C:\Users\Tiffany\Documents\21066142.doc
[2010/04/21 02:38:16 | 000,000,162 | -H-- | C] () -- C:\Users\Tiffany\Documents\~$066142.doc
[2010/04/19 16:07:49 | 000,692,829 | ---- | C] () -- C:\Users\Tiffany\Documents\Breadmachine.pdf
[2010/04/14 10:31:56 | 000,000,480 | ---- | C] () -- C:\Users\Tiffany\Desktop
[2010/04/02 14:15:21 | 000,001,594 | ---- | C] () -- C:\WINDOWS\VPNUnInstall.MIF
[2010/04/02 04:40:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/04/02 00:55:55 | 000,250,032 | ---- | C] () -- C:\ntldr
[2010/04/01 22:10:17 | 000,103,784 | ---- | C] () -- C:\Users\Tiffany\GoToAssistDownloadHelper.exe
[2010/03/31 16:40:16 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/03/31 07:24:56 | 000,000,450 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7C37F917-E76F-4FE7-BACB-1275E47BD9BA}.job
[2010/03/31 04:54:38 | 556,072,960 | ---- | C] () -- C:\WinLite.iso
[2010/03/31 04:38:55 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2010/03/31 01:27:23 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/03/30 16:50:55 | 001,273,166 | ---- | C] () -- C:\WINDOWS\System32\sted2008.clx
[2010/03/30 16:50:51 | 000,551,836 | ---- | C] () -- C:\WINDOWS\System32\sscema2.clx
[2010/03/30 16:50:49 | 000,000,015 | ---- | C] () -- C:\WINDOWS\System32\sscema.tlx
[2010/03/30 16:50:48 | 000,327,608 | ---- | C] () -- C:\WINDOWS\System32\ssceam2.clx
[2010/03/30 16:50:47 | 000,007,796 | ---- | C] () -- C:\WINDOWS\System32\ssceam.tlx
[2010/03/30 16:50:37 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SWTracker.ini
[2010/03/30 16:36:28 | 000,011,300 | -HS- | C] () -- C:\WINDOWS\System32\.admconf
[2010/03/28 18:46:34 | 000,032,768 | ---- | C] () -- C:\Users\Tiffany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/28 11:51:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/03/28 11:33:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DbgOut.INI
[2010/03/28 10:52:21 | 231,001,741 | ---- | C] () -- C:\Users\Tiffany\Documents\Infopath.zip
[2010/03/28 10:52:13 | 197,672,732 | ---- | C] () -- C:\Users\Tiffany\Documents\Word.zip
[2010/03/28 08:20:29 | 000,130,008 | ---- | C] () -- C:\WINDOWS\System32\systemsf.ebd
[2010/03/28 08:20:27 | 000,009,239 | ---- | C] () -- C:\WINDOWS\System32\spcinstrumentation.man
[2010/03/28 08:20:22 | 000,442,788 | ---- | C] () -- C:\WINDOWS\System32\dot3.tmf
[2010/03/28 08:20:21 | 000,107,612 | ---- | C] () -- C:\WINDOWS\System32\StructuredQuerySchema.bin
[2010/03/28 08:20:20 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\EhStorAuthn.dll
[2010/03/28 08:20:19 | 003,662,128 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010/03/28 08:20:18 | 000,392,170 | ---- | C] () -- C:\WINDOWS\System32\onex.tmf
[2010/03/28 08:20:16 | 000,344,698 | ---- | C] () -- C:\WINDOWS\System32\eaphost.tmf
[2010/03/28 08:20:08 | 000,208,966 | ---- | C] () -- C:\WINDOWS\System32\WFP.TMF
[2010/03/28 08:20:07 | 000,092,918 | ---- | C] () -- C:\WINDOWS\System32\slmgr.vbs
[2010/03/28 08:19:47 | 000,009,212 | ---- | C] () -- C:\WINDOWS\System32\RacUR.xml
[2010/03/28 08:19:45 | 000,000,153 | ---- | C] () -- C:\WINDOWS\System32\RacUREx.xml
[2010/03/28 01:25:21 | 000,248,718 | ---- | C] () -- C:\Users\Tiffany\Documents\expanders.tmc
[2010/03/28 01:23:52 | 000,248,718 | ---- | C] () -- C:\Users\Tiffany\Documents\expanders.xml
[2010/03/27 17:52:12 | 000,000,916 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1000UA.job
[2010/03/27 17:52:08 | 000,000,864 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3924774026-2398392438-1638701245-1000Core.job
[2010/03/27 06:54:23 | 000,003,099 | ---- | C] () -- C:\WINDOWS\InstText.ini
[2010/03/27 06:52:12 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/27 06:52:12 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/27 06:42:41 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\StructuredQuerySchemaTrivial.bin
[2010/03/27 06:42:38 | 011,967,524 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2010/03/27 06:32:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HostStarter.exe
[2010/03/27 06:32:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\omnithread_rt.dll
[2010/03/26 07:14:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/03/26 06:17:10 | 002,501,921 | ---- | C] () -- C:\WINDOWS\System32\wlan.tmf
[2010/03/26 05:53:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/26 05:29:28 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/26 05:29:27 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/26 05:19:50 | 000,001,594 | ---- | C] () -- C:\WINDOWS\VPNInstall.MIF
[2010/03/26 03:33:41 | 000,000,000 | ---- | C] () -- C:\Users\Tiffany\AppData\Local\QSwitch.txt
[2010/03/26 03:33:41 | 000,000,000 | ---- | C] () -- C:\Users\Tiffany\AppData\Local\DSwitch.txt
[2010/03/26 03:33:41 | 000,000,000 | ---- | C] () -- C:\Users\Tiffany\AppData\Local\AtStart.txt
[2010/03/26 03:32:59 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\LOG
[2010/03/26 03:32:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/03/26 03:20:41 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_cNB_Pavilion dv2700 Notebook PC_Y5335KV_0U_Q2CE8200XQ7_E482549-002_4A_I30CD_SWistron_V80.52_F.2E_T081201_WV3-1_L409_M3062_J250_7Intel_86FD_91.83_#100326_N11AB4353;80864229_(FE989UA#ABA)_XMO
BILE_CN10_Z.MRK
[2010/03/26 03:20:11 | 006,815,744 | -HS- | C] () -- C:\Users\Tiffany\ntuser.dat
[2010/03/26 03:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 03:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 03:20:11 | 000,262,144 | -H-- | C] () -- C:\Users\Tiffany\ntuser.dat.LOG2
[2010/03/26 03:20:11 | 000,262,144 | -H-- | C] () -- C:\Users\Tiffany\ntuser.dat.LOG1
[2010/03/26 03:20:11 | 000,065,536 | -HS- | C] () -- C:\Users\Tiffany\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/03/26 03:20:11 | 000,000,020 | -HS- | C] () -- C:\Users\Tiffany\ntuser.ini
[2009/10/20 22:07:48 | 001,238,832 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/10/20 22:07:48 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v1329.dll
[2009/10/20 22:07:48 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2009/09/14 09:50:08 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v1437.dll
[2007/04/03 16:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\WINDOWS\System32\pacerprf.ini
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/03/26 14:17:17 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\3M
[2010/03/31 02:00:06 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\acccore
[2010/04/14 20:30:18 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\ICAClient
[2010/03/27 16:32:51 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\NCH Swift Sound
[2010/04/15 20:26:07 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\SoftMed
[2010/03/28 12:14:55 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\Teleca
[2010/05/30 03:38:17 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\Template
[2010/03/30 16:52:17 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\Transcend
[2010/03/30 16:52:39 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\TRCR
[2010/04/02 02:56:08 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\uTorrent
[2010/03/27 02:15:57 | 000,000,000 | ---D | M] -- C:\Users\Tiffany\AppData\Roaming\Western Digital
[2010/05/16 04:07:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2010/06/18 05:36:18 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/06/18 05:36:17 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2010/06/18 23:11:42 | 000,032,608 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/05/03 18:32:24 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{300D0657-37A0-475F-9784-10250BA85E8B}.job
[2010/04/10 14:11:01 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7C37F917-E76F-4FE7-BACB-1275E47BD9BA}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/06/18 22:13:49 | 1034,420,218 | ---- | M] () -- C:\3590F75ABA9E485486C100C1A9D4FF06KUXLSXPZXCMLSBOC
[2009/10/20 20:32:55 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2010/03/31 08:19:45 | 000,000,166 | ---- | M] () -- C:\bcmwl5.log
[2010/04/02 00:34:36 | 000,000,087 | ---- | M] () -- C:\bcmwl6.log
[2010/04/02 01:55:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/03/27 06:52:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/20 19:57:58 | 000,000,385 | -H-- | M] () -- C:\IPH.PH
[2010/03/27 06:52:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 07:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/03 07:59:34 | 000,250,032 | ---- | M] () -- C:\ntldr
[2010/06/19 00:28:12 | 3524,907,008 | -HS- | M] () -- C:\pagefile.sys
[2010/03/31 04:57:21 | 556,072,960 | ---- | M] () -- C:\WinLite.iso

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010/03/26 05:37:01 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/11 02:28:17 | 001,730,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\apds.dll
[2008/01/20 22:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2008/01/20 22:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 23:14:18 | 016,846,848 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2008/01/20 23:14:08 | 000,106,496 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2008/01/20 23:14:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\WINDOWS\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\WINDOWS\System32\ws2_32.dll

< >

< >
< End of report >

Your help is greatly appreciated!
Tiffany

Edited by tifleah, 18 June 2010 - 11:54 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP