Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Limited internet connectivity

Started by rebross , Sep 19 2010 05:38 PM

Page 3 of 5
1
2
3
4
5

Please log in to reply

#31
RKinner

Posted 21 September 2010 - 04:07 PM

Malware Expert

Expert
24,625 posts

This is from Symantec:

To fix the problem, edit the registry and restart the computer. Then update the Symevent files and restart the computer again.

Follow the directions for your version of Windows:

To edit the Windows XP registry

1. On the Windows taskbar, click Start > Run.
2. In the Run dialog box, type regedit
3. Click OK.
4. Go to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers
5. In the right pane, delete the VDD value.
6. In the left pane, right-click the VirtualDeviceDrivers key, and then click New > Multi-String Value.
7. Type VDD for the name of the new value.
8. Exit the Registry Editor.
9. Restart the computer.

Gives you and idea where to look for the fool thing.

#32
rebross

Posted 21 September 2010 - 07:13 PM

Member

Topic Starter
Member
193 posts

Once I was in safe mode, I had to go back into the registry and delete that entry and redo it because it was back to symantic. SDFix ran and presented a report but I can't get any internet connection at all on the computer to post it. I don't want to copy the file to my flash drive because I got a virus (Trojan.BHO) on the laptop I'm using to post this from transferring files back n forth to do postings.

#33
RKinner

Posted 21 September 2010 - 09:07 PM

Malware Expert

Expert
24,625 posts

USB transfers are a problem. I have two programs that will help:

Download Flash_Disinfector.exe by sUBs
http://download.blee...Disinfector.exe
and save it to your desktop.

* Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
* The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
* Wait until it has finished scanning and then exit the program.
* Reboot your computer when done.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

You might also want to install AutoRun Eater v2.5
http://oldmcdonald.w...orun-eater-v25/

It will stay resident and prevent USB drives from infecting your PC.

I run it on my own PCs and recommend it as part of my goodbye spiel.

Have you tried OTL or Combofix since you ran SDFix? How about trying DDS:

Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool.
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.

Ron

#34
rebross

Posted 22 September 2010 - 09:23 AM

Member

Topic Starter
Member
193 posts

I downloaded Flash Disinfector (I did have it on my computer but it was deleted cause one of the programs said it was infected. After running DDS, it said to post the extras as a zip file. Is that what you want or should I post it like all the other results? Also,I ran OTL. While it was running I kept getting 2 popups from Antivir:
access to the file c:\autorun.inf was blocked for your security
access to the file c:\windows\system32\getuname.dll was blocked for your security

OTL results:
OTL logfile created on: 9/22/2010 10:39:50 AM - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Documents and Settings\Sorber\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 383.00 Mb Available Physical Memory | 38.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.79 Gb Total Space | 64.19 Gb Free Space | 61.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STACEYLAPTOP
Current User Name: Sorber
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/20 09:05:46 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
PRC - [2010/06/17 07:54:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/06 19:09:06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2010/05/06 18:59:36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/11/03 15:45:48 | 001,372,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/11/03 15:35:14 | 001,202,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/10/10 17:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/25 13:16:08 | 000,042,032 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1154548953\ee\aolsoftware.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2006/06/27 21:24:18 | 000,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006/05/08 08:17:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2006/05/08 07:24:54 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
PRC - [2006/04/27 20:16:28 | 000,069,718 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
PRC - [2005/12/27 16:58:10 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2005/10/12 00:36:38 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
PRC - [2005/05/09 19:16:15 | 000,192,512 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
PRC - [2005/03/11 20:55:40 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PRC - [2004/11/17 23:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/08/19 12:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2003/05/21 18:37:08 | 000,229,437 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2002/03/14 19:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe

========== Modules (SafeList) ==========

MOD - [2010/09/20 09:05:46 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/03/26 14:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\tlntsvr.exe -- (TlntSvr)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/06/13 11:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/07 12:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 13:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 13:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/05/08 07:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 20:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 20:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 20:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/04/13 16:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/04/04 17:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/11/28 16:38:44 | 000,135,168 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 16:38:42 | 000,167,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 16:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 22:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/03/11 20:55:40 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\purendis.sys -- (purendis)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\pnarp.sys -- (pnarp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Fake\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/10/26 05:47:30 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/06/17 08:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/06/25 12:36:08 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2007/06/25 12:36:07 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2006/11/26 19:13:21 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/05/26 10:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/08 13:50:00 | 003,661,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/03/06 22:39:00 | 000,030,080 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2006/02/21 22:32:32 | 000,226,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/02/08 20:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006/02/03 02:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006/01/31 21:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005/12/29 22:42:00 | 000,234,496 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm321.sys -- (usbvm321)
DRV - [2005/12/14 20:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/12/05 03:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/24 16:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/11/11 18:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/10/18 20:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 20:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 20:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/09/21 13:04:56 | 000,067,456 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3132.sys -- (SI3132)
DRV - [2005/09/20 19:18:20 | 000,005,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys -- (SiRemFil)
DRV - [2005/08/01 19:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 21:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/07/06 17:33:26 | 000,176,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2005/06/24 19:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 12:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 12:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/01/06 16:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/22 16:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/01 16:21:32 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/02/09 12:06:22 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/06/28 21:21:40 | 000,017,251 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001/11/05 10:23:52 | 000,299,923 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonyhcs.sys -- (sonyhcs)
DRV - [2001/11/05 10:23:14 | 000,006,097 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sonyhcb.sys -- (sonyhcb)
DRV - [2001/07/24 13:34:34 | 000,007,520 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pelusblf.sys -- (pelusblf)
DRV - [2000/12/05 19:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 23:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2010/04/14 16:25:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2010/09/18 21:09:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/17 07:54:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/17 08:21:32 | 000,000,000 | ---D | M]

[2010/02/17 19:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Extensions
[2010/09/22 10:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions
[2010/06/17 07:53:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/22 10:11:56 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/21 09:26:59 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/09/21 09:26:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
[2010/02/23 13:21:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/02/23 13:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010/09/21 09:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\staged-xpis
[2010/02/17 20:02:36 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\searchplugins\askcom.xml
[2010/09/22 10:04:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/23 13:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fdneeds-upgrade
[2010/04/24 13:48:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/12/19 08:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

O1 HOSTS File: ([2010/09/21 19:51:23 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - Reg Error: Value error. File not found
O2 - BHO: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (WeatherBug Browser Bar - powered by MyWebSearch) - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154548953\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HPHUPD08] C:\Program Files\Hewlett-Packard\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\system32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Task Catcher] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe (BillP Studios)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe File not found
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - Startup: C:\Documents and Settings\Sorber\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1226337459254 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - Reg Error: Value error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Security Packages - (IO SHARED\9.0\DLLSHARED) - File not found
O30 - LSA: Security Packages - (ty Pack) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/24 13:45:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/12 21:54:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell - "" = AutoRun
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: vidc.XVID - xvidvfw.dll File not found

CREATERESTOREPOINT
Error starting restore point: 1016
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 90 Days ==========

[2010/09/22 10:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/09/22 10:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2010/09/22 10:33:20 | 001,396,513 | ---- | C] (Old McDonald's Farm) -- C:\Documents and Settings\Sorber\Desktop\aesetup2.5.exe
[2010/09/21 17:44:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2010/09/21 17:38:18 | 000,000,000 | ---D | C] -- C:\SDFix
[2010/09/21 14:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/09/20 23:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Desktop\RegSeeker
[2010/09/20 22:07:23 | 000,000,000 | --SD | C] -- C:\george21927g
[2010/09/20 15:31:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/20 14:55:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/09/20 14:55:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/20 14:55:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/20 14:55:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/20 14:54:53 | 000,000,000 | --SD | C] -- C:\george
[2010/09/20 14:54:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/09/20 13:03:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/09/20 10:25:50 | 001,293,400 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sorber\Desktop\TDSSKiller.exe
[2010/09/20 10:25:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Desktop\tdsskiller
[2010/09/20 09:40:58 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Sorber\Desktop\Norton_Removal_Tool.exe
[2010/09/20 09:05:40 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
[2010/09/19 22:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Application Data\Avira
[2010/09/19 00:07:13 | 000,000,000 | ---D | C] -- C:\645523a6356edebd98c8d4dd30
[2010/09/16 12:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/07/11 18:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/07/11 17:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Local Settings\Application Data\Nova Development
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/22 10:54:20 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\Sorber\ntuser.dat
[2010/09/22 10:36:38 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/22 10:33:26 | 001,396,513 | ---- | M] (Old McDonald's Farm) -- C:\Documents and Settings\Sorber\Desktop\aesetup2.5.exe
[2010/09/22 10:28:13 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\dds.com
[2010/09/22 10:28:01 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\Flash_Disinfector.exe
[2010/09/22 09:39:59 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/22 09:38:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/22 09:38:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/22 09:38:39 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/21 22:15:59 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Sorber\ntuser.ini
[2010/09/21 19:51:23 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/09/21 17:20:37 | 000,097,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/21 17:20:37 | 000,049,520 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/20 23:39:51 | 136,353,970 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\b4 regseeker.reg
[2010/09/20 15:31:30 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/20 14:48:50 | 003,847,603 | R--- | M] () -- C:\Documents and Settings\Sorber\Desktop\george.exe
[2010/09/20 14:03:10 | 000,000,000 | ---- | M] () -- C:\backup.reg
[2010/09/20 14:03:07 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2010/09/20 14:03:06 | 000,135,168 | ---- | M] () -- C:\zip.exe
[2010/09/20 14:03:06 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\ongeyaq.sys
[2010/09/20 14:03:06 | 000,000,574 | ---- | M] () -- C:\cleanup.bat
[2010/09/20 09:40:59 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Sorber\Desktop\Norton_Removal_Tool.exe
[2010/09/20 09:05:46 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
[2010/09/19 23:49:24 | 001,428,593 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\INDETH-01042400-US.EXE
[2010/09/19 23:48:02 | 021,569,024 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\INDWLL-A1035409-US.EXE
[2010/09/19 22:22:29 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\SpywareBlaster.lnk
[2010/09/19 16:44:56 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\qmkbdx.sys
[2010/09/19 00:46:40 | 000,124,952 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/19 00:06:16 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/18 22:14:19 | 000,000,762 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/18 22:14:19 | 000,000,279 | ---- | M] () -- C:\Boot.bak
[2010/09/18 22:14:19 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/18 15:56:43 | 000,368,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/18 15:54:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/18 12:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/17 20:24:46 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/07 14:44:52 | 001,293,400 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sorber\Desktop\TDSSKiller.exe
[2010/08/10 13:23:55 | 000,001,119 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/08/06 14:19:53 | 000,005,970 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\export.qif
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/22 10:36:38 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/22 10:28:13 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\dds.com
[2010/09/22 10:28:01 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\Flash_Disinfector.exe
[2010/09/21 20:01:29 | 1063,440,384 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/20 23:39:27 | 136,353,970 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\b4 regseeker.reg
[2010/09/20 14:55:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/20 14:55:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/20 14:55:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/09/20 14:48:37 | 003,847,603 | R--- | C] () -- C:\Documents and Settings\Sorber\Desktop\george.exe
[2010/09/20 14:03:10 | 000,000,000 | ---- | C] () -- C:\backup.reg
[2010/09/20 14:03:07 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2010/09/20 14:03:06 | 000,135,168 | ---- | C] () -- C:\zip.exe
[2010/09/20 14:03:06 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\ongeyaq.sys
[2010/09/20 14:03:06 | 000,000,574 | ---- | C] () -- C:\cleanup.bat
[2010/09/20 14:01:17 | 000,731,136 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\avenger.exe
[2010/09/20 09:13:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\gmer.exe
[2010/09/19 23:48:25 | 021,569,024 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\INDWLL-A1035409-US.EXE
[2010/09/19 23:48:19 | 001,428,593 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\INDETH-01042400-US.EXE
[2010/09/19 16:44:55 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qmkbdx.sys
[2010/09/17 20:24:46 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/30 21:33:45 | 000,009,125 | ---- | C] () -- C:\Documents and Settings\Sorber\reset.log
[2010/08/06 14:19:53 | 000,005,970 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\export.qif
[2010/04/24 16:37:21 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2010/04/24 16:37:19 | 000,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2010/02/24 09:17:52 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\housecall.guid.cache
[2010/01/31 15:27:18 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2010/01/31 15:26:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2010/01/31 15:26:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2009/12/12 11:16:19 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/09/22 09:34:16 | 000,002,549 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/04/14 20:42:48 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\WavCodec.wff
[2008/11/10 14:54:32 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\rx_image.Cache
[2008/11/10 14:54:31 | 000,107,508 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\rx_audio.Cache
[2008/11/03 22:39:10 | 000,002,654 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\wklnhst.dat
[2008/10/31 11:42:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/09/13 11:31:04 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2008/08/09 13:42:08 | 000,004,632 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
[2008/08/09 13:41:02 | 000,000,478 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/07/02 11:17:12 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2008/03/17 08:45:57 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/07/21 23:25:50 | 000,011,037 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/25 12:36:08 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2007/06/25 12:36:07 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2007/01/13 23:37:17 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/02 12:58:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/10/16 13:49:18 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/05 20:35:43 | 000,000,353 | ---- | C] () -- C:\WINDOWS\Tlc.ini
[2006/09/25 14:35:57 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\fusioncache.dat
[2006/08/02 16:16:22 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/08/02 16:16:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/08/02 16:16:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/08/02 16:16:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/08/02 16:16:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/08/02 16:16:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/08/02 16:15:47 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2006/08/02 16:07:03 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/08/02 16:04:39 | 000,001,119 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/02 15:59:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/02 15:50:28 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/07/24 16:24:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/24 15:40:49 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/07/24 15:38:31 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/07/24 15:30:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/07/24 13:52:40 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/24 13:28:35 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/24 13:28:25 | 000,000,758 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/01 21:53:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 17:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002/06/12 15:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

========== LOP Check ==========

[2008/11/30 15:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2010/03/04 22:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/22 10:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2006/10/04 18:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2010/09/20 23:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/11/01 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/02/10 14:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2007/03/31 16:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2008/10/31 11:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/04/17 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/06/19 19:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2010/09/19 22:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/02 11:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/03/17 16:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/11/22 04:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/06 11:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/20 23:47:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[2010/04/06 21:12:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}(2)
[2010/04/06 12:39:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2010/03/16 09:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/17 16:39:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/09/20 23:50:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/09/20 23:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~1
[2006/09/30 19:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Aim
[2008/10/27 15:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Babylon
[2010/02/17 21:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\BitComet
[2010/04/06 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Comcast
[2010/03/15 16:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ComcastToolbar
[2010/02/17 21:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\CometNetwork
[2009/11/03 18:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\EmailNotifier
[2007/03/31 16:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GameHouse
[2009/05/23 12:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GetRightToGo
[2006/09/26 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\InterVideo
[2006/09/26 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Leadertech
[2009/04/14 18:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\NCH Swift Sound
[2008/11/09 20:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Nova Development
[2009/11/01 20:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ooVoo Details
[2010/01/31 19:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\oovootb
[2008/11/09 14:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Research In Motion
[2008/11/03 22:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Template
[2010/02/17 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Uniblue
[2010/02/16 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WeatherBug
[2010/03/17 12:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WinPatrol

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/07/24 13:45:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/20 14:03:10 | 000,000,000 | ---- | M] () -- C:\backup.reg
[2010/09/18 22:14:19 | 000,000,279 | ---- | M] () -- C:\Boot.bak
[2010/09/20 15:31:30 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/20 12:20:54 | 000,029,302 | ---- | M] () -- C:\bootex.log
[2010/09/20 14:03:06 | 000,000,574 | ---- | M] () -- C:\cleanup.bat
[2010/09/20 14:03:07 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2006/07/24 13:45:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/11/05 20:35:36 | 000,000,081 | ---- | M] () -- C:\DVDPATH.TXT
[2007/07/22 15:14:29 | 000,691,200 | -HS- | M] () -- C:\ehthumbs.db
[2010/09/22 09:38:39 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys
[2006/07/24 13:45:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/07/24 13:45:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/03/15 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/17 11:18:48 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/22 09:38:29 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2010/03/15 08:41:10 | 000,000,000 | ---- | M] () -- C:\settings.dat
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2006/10/07 00:46:52 | 000,004,903 | ---- | M] () -- C:\sz.xml
[2006/10/20 19:56:08 | 000,000,353 | -H-- | M] () -- C:\T4Metrics.log
[2009/03/22 11:39:53 | 000,046,304 | ---- | M] () -- C:\VETlog.txt
[2010/09/20 14:03:06 | 000,135,168 | ---- | M] () -- C:\zip.exe

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/07/24 06:34:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/07/24 06:34:09 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/07/24 06:34:08 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-17 11:28:52

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

DDS.TXT:
DDS (Ver_10-03-17.01) - NTFSx86
Run by Sorber at 11:08:48.65 on Wed 09/22/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.416 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\AOL\1154548953\ee\AOLSoftware.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Autorun Eater\oldmcdonald.exe
C:\Program Files\Autorun Eater\billy.exe
C:\Documents and Settings\Sorber\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com
uSearch Bar = hxxp://www.comcast.net/toolbar2.0/search/
uInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeople
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.comcast.net/toolbar2.0/search/
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} -
BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - Yahoo! Toolbar Helper
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
BHO: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - AOLSearchHook Class
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
TB: WeatherBug Browser Bar - powered by MyWebSearch: {8eab99c9-f9ec-4b64-a4ba-d9bcae8779c2} -
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: PandoraTV Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SsAAD.exe] "c:\progra~1\sony\sonics~1\SsAAD.exe"
uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\comcast\comcas~1\data\xtras\mssysmgr.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [ViewpointPhotosDeviceConnect] "c:\program files\common files\viewpoint\toolbar runtime\3.7.0\FotomatDeviceConnect.exe"
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [VAIO Recovery] "c:\windows\sonysys\vaio recovery\PartSeal.exe"
mRun: [Task Catcher] c:\program files\billp studios\task catcher\tasktrap.exe
mRun: [Switcher.exe] "c:\program files\sony\wireless switch setting utility\Switcher.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Mouse Suite 98 Daemon] "c:\windows\system32\ICO.EXE"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [igfxtray] "c:\windows\system32\igfxtray.exe"
mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"
mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"
mRun: [HPHUPD08] c:\program files\hewlett-packard\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [HostManager] "c:\program files\common files\aol\1154548953\ee\AOLSoftware.exe"
mRun: [ehTray] "c:\windows\ehome\ehtray.exe"
mRun: [DeviceDiscovery] "c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Apoint] "c:\program files\apoint\Apoint.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [Autorun Eater] c:\program files\autorun eater\oldmcdonald.exe
StartupFolder: c:\docume~1\sorber\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/OnlineScanner.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226337459254
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sorber\applic~1\mozilla\firefox\profiles\r1obdl24.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL -
FF - plugin: c:\documents and settings\sorber\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [2009-12-12 6097]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-3-4 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-3-4 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-3-4 267432]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-3-4 60936]
R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [2007-6-25 137344]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-3-14 304464]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]
R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [2007-6-25 12032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-3-14 20952]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2006-7-24 30080]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-7-24 226304]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [2009-12-12 299923]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]
S3 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\viewpointservice.exe" --> c:\program files\viewpoint\common\ViewpointService.exe [?]

=============== Created Last 30 ================

2010-09-22 14:36:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Autorun Eater
2010-09-22 14:36:37 0 d-----w- c:\program files\Autorun Eater
2010-09-21 21:44:34 0 d-----w- c:\windows\ERUNT
2010-09-21 21:38:18 0 d-----w- C:\SDFix
2010-09-21 19:49:50 5012 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2010-09-21 18:31:16 0 d-----w- c:\program files\common files\SupportSoft
2010-09-21 02:07:23 0 d-s---w- C:\george21927g
2010-09-20 19:31:23 0 d-sha-r- C:\cmdcons
2010-09-20 18:55:06 98816 ----a-w- c:\windows\sed.exe
2010-09-20 18:55:06 161792 ----a-w- c:\windows\SWREG.exe
2010-09-20 18:54:53 0 d-s---w- C:\george
2010-09-20 18:03:10 0 ----a-w- C:\backup.reg
2010-09-20 18:03:07 19286 ----a-w- C:\cleanup.exe
2010-09-20 18:03:06 61440 ----a-w- c:\windows\system32\drivers\ongeyaq.sys
2010-09-20 18:03:06 574 ----a-w- C:\cleanup.bat
2010-09-20 18:03:06 135168 ----a-w- C:\zip.exe
2010-09-20 17:03:30 0 d-----w- c:\windows\system32\NtmsData
2010-09-20 02:11:00 0 d-----w- c:\docume~1\sorber\applic~1\Avira
2010-09-19 20:44:55 54016 ----a-w- c:\windows\system32\drivers\qmkbdx.sys
2010-09-19 04:07:13 0 d-----w- C:\645523a6356edebd98c8d4dd30
2010-09-18 18:38:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

==================== Find3M ====================

2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-22 15:49:15 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57:20 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2009-10-15 00:03:59 245760 -csha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-09-17 16:55:52 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091720080918\index.dat

============= FINISH: 11:09:13.50 ============

Edited by rebross, 22 September 2010 - 09:26 AM.

#35
rebross

Posted 22 September 2010 - 09:43 AM

Member

Topic Starter
Member
193 posts

Ron,
I know this has nothing to do with the problem we are trying to fix on my Sony Vaio, but my Malwarbytes detected the Trojan.BHO on my Dell laptop that I'm using on and off to post my replies to you. This happened after I used a flash drive to transfer a file from my Sony to my Dell. It quarantined the virus. How do I know if it's completely removed from my computer? I'm afraid to type in user name and passwords, etc.

Edited by rebross, 22 September 2010 - 09:51 AM.

#36
rebross

Posted 22 September 2010 - 10:17 AM

Member

Topic Starter
Member
193 posts

Antivir is running and it detected APPL/NirCmd.2 on the Sony Vaio we're trying to clean.

#37
RKinner

Posted 22 September 2010 - 10:41 AM

Malware Expert

Expert
24,625 posts

Run OTL and Combofix on the good PC and post the logs you get and I'll check them.

It looks like we are making progress with the sick PC since you now have an OTL log. Nice not to be flying blind.

Not sure why Getuname.dll is being flagged. Should be a windows file but I suppose it could be infected or it might just be a false positive. If C:\Autorun.inf is a directory then it is a false positive for sure.

Are you using AOL for anything?

Copy the text between the lines of stars by highlighting and Ctrl + c
**********************************************************************
:Services
purendis
pnarp
Viewpoint Manager Service
TlntSvr
catchme
qmkbdx

:OTL
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\tlntsvr.exe -- (TlntSvr)
[2010/02/23 13:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fdneeds-upgrade
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - Reg Error: Value error. File not found
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (WeatherBug Browser Bar - powered by MyWebSearch) - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe File not found
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - Reg Error: Value error. File not found
O30 - LSA: Security Packages - (IO SHARED\9.0\DLLSHARED) - File not found
O30 - LSA: Security Packages - (ty Pack) - File not found
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell - "" = AutoRun
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
[2010/09/20 14:03:06 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\ongeyaq.sys

:Files
C:\WINDOWS\System32\drivers\ongeyaq.sys
C:\WINDOWS\System32\drivers\qmkbdx.sys
C:\StubInstaller.exe
C:\zip.exe

:Commands
[RESETHOSTS]
[purity]
[emptytemp]
[Reboot]

*******************************************************************

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

See if you can run Combofix now:

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on george to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your protection programs at this time :!:

Ron

#38
RKinner

Posted 22 September 2010 - 10:51 AM

Malware Expert

Expert
24,625 posts

I think it may have found combofix.

Ron

#39
rebross

Posted 22 September 2010 - 10:57 AM

Member

Topic Starter
Member
193 posts

Actually it had to do with flash disinfector. That's why it got deleted from my computer.

#40
rebross

Posted 22 September 2010 - 01:57 PM

Member

Topic Starter
Member
193 posts

I'm not using AOL for anything. I ran OTL and am posting the log. I tried running combo fix again and go the following message when it was trying to backup the registry.
Error saving file
C:\erndt\HIV-backup\software!
continue with the next file?
Should I say no and cancel out of combofix?

OTL:
My otl.txt file disappeared all I can find is the extras.txt file. It's like something is getting rid of stuff. It was on the desktop now before I tried running combofix now its gone.

Here's my extras which probably won't help without the otl:
OTL Extras logfile created on: 9/22/2010 12:58:49 PM - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Documents and Settings\Sorber\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 436.00 Mb Available Physical Memory | 43.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.79 Gb Total Space | 64.14 Gb Free Space | 61.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STACEYLAPTOP
Current User Name: Sorber
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = aol_htm] -- C:\Program Files\AOL\Explorer\AOLExplorer.exe (AOL LLC)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"443:TCP" = 443:TCP:*:Enabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Enabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Enabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Enabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Enabled:ooVoo UDP port 37675
"18465:TCP" = 18465:TCP:*:Enabled:BitComet 18465 TCP
"18465:UDP" = 18465:UDP:*:Enabled:BitComet 18465 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- ()
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1154548953\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1154548953\ee\aolsoftware.exe:*:Enabled:AOL Services -- (AOL LLC)
"C:\Program Files\Limewire Pro\LimeWire\LimeWire.exe" = C:\Program Files\Limewire Pro\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe" = C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe:*:Disabled:MediaManager9 Module -- (Sonic Solutions)
"C:\Program Files\Sony\Click to DVD 2\CtoDvd.exe" = C:\Program Files\Sony\Click to DVD 2\CtoDvd.exe:*:Enabled:Click to DVD -- (Sony Corporation)
"C:\Program Files\Sony\VAIO Event Service\VESMgr.exe" = C:\Program Files\Sony\VAIO Event Service\VESMgr.exe:*:Enabled:VESMgr -- (Sony Corporation)
"C:\WINDOWS\system32\dwwin.exe" = C:\WINDOWS\system32\dwwin.exe:*:Enabled:dwwin -- (Microsoft Corporation)
"C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" = C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe:*:Enabled:Switcher -- (Sony Corporation)
"C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe" = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe:*:Enabled:Reader_sl -- File not found
"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" = C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe:*:Enabled:VAIOUpdt -- (Sony Corporation)
"C:\Program Files\AIM Toolbar\aimtbServer.exe" = C:\Program Files\AIM Toolbar\aimtbServer.exe:*:Enabled:aimtbServer -- (AOL LLC.)
"C:\Program Files\Sony\SonicStage\SSAAD.exe" = C:\Program Files\Sony\SonicStage\SSAAD.exe:*:Enabled:SsAAD -- ()
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0DF00135-D5A7-476A-BFB3-EDFF2840076A}" = VAIO Wireless LAN Setup Utility
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13413C6C-C640-40B8-917E-CA3062826B18}" = PIXELA ImageMixer
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}" = HP Print Diagnostic Utility
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{226F9059-56F3-45E2-BF55-6C3896CB190A}" = Belkin SOHO Networking Utilities
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 20
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EA7CF7E-0C76-44A5-B0CF-A1D171476E42}" = VAIO Breeze Wallpaper
"{303379C9-8610-4CCF-AF37-C4BF8998C591}" = Roxio Media Manager
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5360DF11-A876-460B-9953-6817AA2BF9D5}" = Photo Explosion Deluxe
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{782A8AEE-0722-4E08-BB72-34C218CF166B}" = Uniblue PowerSuite 2009
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{82081533-F045-469E-BD53-F16839E445C3}" = VAIO Support Central
"{82CE6B7B-9665-4E29-8CE0-DD993484B38D}" = Intel® PROSet/Wireless WiFi Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B953606-000E-491C-B74D-78ECFDD520A0}" = OpenMG Metadata Extractor for Windows Media Player
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4646CC8-905B-4E6D-A094-4C9FB1621042}" = ArcSoft MediaImpression
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A87EBA79-93DB-4A87-B9BA-62F8FB12D993}" = ImageStation
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AB92D0DB-B827-4E35-8971-D0E2EE180F8E}" = Network Magic
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 2.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BF761-C499-488D-A964-A3718BC6EC3E}" = DSD Direct
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C89EB8CD-675F-44F4-9729-4C9A8FAC2D4F}" = DSD Playback Plug-in 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D793A12F-E362-48BB-B332-1DA5E936B52D}" = BlackBerry Desktop Software 4.3
"{D9952D4E-766C-4CD3-BF2E-A2C3D8B15EF3}" = VAIO Backup Utility
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E3D278BD-FC97-4F87-BB1F-689AE0CB9122}" = Macromedia Flash Player 8 Plugin
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F1670367-C07F-411f-A196-79D2C65CBEC0}" = PS8200
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE3BF611-9B8B-44DC-A424-F8C4BA122A1D}" = VAIO Security Center
"09EAC15A32CA1F167D5A32FC3244C55712902580" = Windows Driver Package - Pure Networks, Inc. Network Magic Device Discovery Driver (08/22/2007 4.2.7234.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM Toolbar" = AIM Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{D793A12F-E362-48BB-B332-1DA5E936B52D}" = BlackBerry Desktop Software 4.3
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Comcast PhotoShow Deluxe 4" = Comcast PhotoShow Deluxe 4
"ComcastToolbar" = Comcast Toolbar
"ESET Online Scanner" = ESET Online Scanner v3
"ExpressBurn" = Express Burn
"EZface ActiveX" = EZface ActiveX 203
"F9BF3DB1290C55237D8938663C16A25E4B6F3EBD" = Windows Driver Package - Pure Networks, Inc. Network Magic Wireless Driver (08/22/2007 4.2.7234.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"hp print screen utility" = hp print screen utility
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"InstallShield_{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"InterActual Player" = InterActual Player
"LG USB Drivers" = LG USB Drivers
"LimeWire" = LimeWire PRO 4.12.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Sony USB Mouse
"Mozilla (1.7.13)" = Mozilla (1.7.13)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Web Search WB Uninstall" = WeatherBug Browser Bar - powered by MyWebSearch
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"ProInst" = Intel PROSet Wireless
"PROR" = Microsoft Office Professional 2007
"PROSet" = Intel® PRO Network Connections Drivers
"Quicken 2002 Deluxe" = Quicken 2002 Deluxe
"Quicken Lawyer 2002 Personal Deluxe" = Quicken Lawyer 2002 Personal Deluxe
"Secunia PSI" = Secunia PSI
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpywareBlaster_is1" = SpywareBlaster 4.3
"Student Writing Center" = Student Writing Center
"Task Catcher" = Task Catcher
"Uniblue PowerSuite 2009" = Uniblue PowerSuite 2009
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
"WavePad" = WavePad Sound Editor
"WeatherBug" = WeatherBug
"WillPower" = Kiplinger's WillPower
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/20/2010 7:54:43 AM | Computer Name = STACEYLAPTOP | Source = Media Center Scheduler | ID = 0
Description =

Error - 9/20/2010 7:54:44 AM | Computer Name = STACEYLAPTOP | Source = Media Center Phone Service | ID = 8
Description = Initializing the telephony service failed with error 0x80040154.

Error - 9/20/2010 7:54:44 AM | Computer Name = STACEYLAPTOP | Source = Media Center Scheduler | ID = 0
Description =

Error - 9/20/2010 7:54:54 AM | Computer Name = STACEYLAPTOP | Source = Media Center Scheduler | ID = 0
Description =

Error - 9/20/2010 7:55:00 AM | Computer Name = STACEYLAPTOP | Source = Media Center Scheduler | ID = 0
Description =

Error - 9/20/2010 8:24:14 AM | Computer Name = STACEYLAPTOP | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
hr = 800705aa: InitEventCollector fail

Error - 9/20/2010 8:26:43 AM | Computer Name = STACEYLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application switcher.exe, version 3.3.0.2140, faulting module
wissuif.dll, version 1.0.2.1250, fault address 0x00001bd5.

Error - 9/20/2010 8:26:47 AM | Computer Name = STACEYLAPTOP | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\crm\recoveryclerk2.cpp(1154),
hr = 80040154: CoCreateInstance SimpleFileBasedL

Error - 9/20/2010 8:26:47 AM | Computer Name = STACEYLAPTOP | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
hr = 800706ba: InitEventCollector fail

Error - 9/20/2010 8:27:45 AM | Computer Name = STACEYLAPTOP | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 10440, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

[ System Events ]
Error - 9/19/2010 4:06:37 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Network Magic Device Discovery Driver service failed to start
due to the following error: %%2

Error - 9/19/2010 4:06:37 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Network Magic Wireless Driver service failed to start due to the
following error: %%2

Error - 9/19/2010 4:06:37 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the SSDP Discovery
Service service which failed to start because of the following error: %%1058

Error - 9/19/2010 4:06:37 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Norton Security Suite service failed to start due to the following
error: %%2

Error - 9/19/2010 4:06:38 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx86 ccHP eeCtrl SRTSP SRTSPX SymEFA SYMTDI

Error - 9/19/2010 4:06:40 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7001
Description = The Windows Media Player Network Sharing Service service depends on
the Universal Plug and Play Device Host service which failed to start because of
the following error: %%1058

Error - 9/19/2010 4:06:41 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7023
Description = The HTTP SSL service terminated with the following error: %%1450

Error - 9/19/2010 4:07:11 PM | Computer Name = STACEYLAPTOP | Source = Service Control Manager | ID = 7000
Description = The IP Traffic Filter Driver service failed to start due to the following
error: %%2001

Error - 9/19/2010 4:07:13 PM | Computer Name = STACEYLAPTOP | Source = DCOM | ID = 10010
Description = The server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} did not register
with DCOM within the required timeout.

Error - 9/19/2010 4:07:17 PM | Computer Name = STACEYLAPTOP | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

< End of report >

Oh and should I start a new topic for my Dell computer so you don't get confused when I post the otl and combofix results?

#41
rebross

Posted 22 September 2010 - 02:02 PM

Member

Topic Starter
Member
193 posts

I also uninstalled Network Magic and Uniblue awhile ago but can't seem to completely get rid of them. I'm sure there are other remnants from programs I uninstalled, how do I get rid of them completely? I'm sorry, I just saw uniblue and network magic references on my extras log.

#42
RKinner

Posted 22 September 2010 - 08:10 PM

Malware Expert

Expert
24,625 posts

Just label anything from the good pc as good pc.

We are seeing some infections replacing the tcp/ip stack with their own software. Right click on My Computer and select Manage then Device Manager. Find each item under Network Adapter, right click on it and uninstall.
Then close device manager and open a command window (Start, Run, cmd, OK) and type:

netsh  winsock  reset  catalog

netsh  int  ip  reset  reset.log

exit

now restart.

Let's run OTL again. Copy the following:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
tcpip.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

Then run OTL, paste the above into the custom scan box and hit Quick Scan.

Not sure what the error message means. Doesn't sound like Combofix at all. Make sure your antivirus is off (Don't assume because you are in safe mode that it is off. ) then try downloading it again and this time change the name to ringo.exe.

Ron

PS we can worry about network magic and friends after the malware is dead.

#43
rebross

Posted 22 September 2010 - 08:56 PM

Member

Topic Starter
Member
193 posts

Good PC logs (Malwarebytes found and quarantined Trojan.BHO):

OTL:
OTL logfile created on: 9/22/2010 1:21:51 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Kelly Sorber\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 48.28 Gb Free Space | 43.22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STACEY
Current User Name: Kelly Sorber
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/22 13:19:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelly Sorber\Desktop\OTL.exe
PRC - [2010/09/04 20:06:41 | 000,699,904 | ---- | M] (Filipe Lourenço) -- C:\Program Files\BatteryCare\BatteryCare.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/28 07:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010/05/06 19:09:06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2010/05/06 18:59:36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe
PRC - [2010/02/18 17:40:26 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/10/10 17:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/09/10 11:22:32 | 000,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/14 15:21:40 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/04/15 22:49:16 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2007/04/15 22:49:08 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/04/15 22:49:08 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/04/15 22:49:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2007/02/19 00:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007/02/19 00:26:32 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/02/04 13:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2007/02/01 10:21:22 | 001,466,368 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/01/30 16:32:42 | 000,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2007/01/22 12:53:02 | 000,212,992 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/11/02 15:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2006/10/20 18:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2006/09/25 20:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1188945143\ee\aolsoftware.exe
PRC - [2006/08/17 10:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006/02/17 07:19:55 | 000,139,264 | ---- | M] (OTi) -- C:\WINDOWS\system32\UStorSrv.exe

========== Modules (SafeList) ==========

MOD - [2010/09/22 13:19:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelly Sorber\Desktop\OTL.exe
MOD - [2010/05/14 01:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.2.0.12\asoehook.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/03/26 14:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2007/02/05 10:29:04 | 000,139,264 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - File not found [Auto | Stopped] -- C:\Program Files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe -- (OnlineBackupSchedulerService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe -- (FilesystemWatcher)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/09/10 11:22:32 | 000,229,648 | ---- | M] (Uniblue) [Auto | Running] -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue)
SRV - [2008/05/13 21:21:41 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/08/28 00:15:34 | 000,227,328 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007/05/14 15:21:40 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/02/19 00:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007/02/01 10:21:22 | 001,466,368 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/01/29 22:59:58 | 000,487,424 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2006/10/23 08:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/02/17 07:19:55 | 000,139,264 | ---- | M] (OTi) [Auto | Running] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - [2010/09/16 12:44:01 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/09/15 01:00:00 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100921.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/15 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/09/15 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/15 01:00:00 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100921.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/01 21:39:20 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100901.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/08/26 12:47:24 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100920.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/28 07:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/13 13:26:20 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/11/04 17:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 17:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 17:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 17:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 17:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/10/26 09:47:30 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/09/08 21:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/09/08 21:06:37 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/26 18:30:30 | 000,014,416 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Program Files\BatteryCare\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/08/12 19:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/05/31 16:50:20 | 006,727,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/04/15 22:49:08 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/18 16:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/19 00:27:34 | 001,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/31 19:19:04 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/01/31 19:19:02 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/01/31 19:19:02 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/01/30 18:37:18 | 000,056,320 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2006/12/12 12:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 13:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2006/08/28 16:00:44 | 000,019,968 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2006/08/18 14:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 14:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 14:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 14:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 14:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 14:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 14:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 14:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 12:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 11:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 12:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/04 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/11/05 10:23:52 | 000,299,923 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonyhcs.sys -- (sonyhcs)
DRV - [2001/11/05 10:23:14 | 000,006,097 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sonyhcb.sys -- (sonyhcb)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1070827
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1070827

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100823
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..keyword.URL: "http://slirsredirect...0fftrab&query="

FF - HKLM\software\mozilla\FireFox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/08/01 14:21:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\FireFox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/09/19 00:42:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\FireFox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/09/16 12:44:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/20 10:10:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/20 10:10:33 | 000,000,000 | ---D | M]

[2009/12/06 20:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Extensions
[2009/12/06 20:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Extensions\[email protected]
[2010/04/10 18:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Extensions\[email protected]
[2010/09/22 13:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions
[2010/05/19 05:47:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/19 05:47:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/02/10 21:45:28 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/08/30 15:06:22 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/09/27 15:12:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2008/03/06 20:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\extensions\[email protected]
[2009/09/27 15:12:20 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\searchplugins\aim-search.xml
[2010/09/15 21:50:45 | 000,005,327 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\searchplugins\snipfiles---free-books-for-everyone.xml
[2010/09/22 13:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/24 14:18:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 16:07:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/08/31 19:08:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\Access Privileges Test
[2008/10/17 18:59:24 | 000,024,672 | ---- | M] (Ask.com) -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/02/24 19:59:26 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll

O1 HOSTS File: ([2010/03/10 11:11:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (TBSB08970 Class) - {10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7} - C:\PROGRA~1\POWERS~1\POWERS~1.DLL File not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1188945143\ee\AOLSoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\System32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\system32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\system32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\system32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe (Filipe Lourenço)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
O4 - Startup: C:\Documents and Settings\Kelly Sorber\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemywi...i Installer.cab (Support.com Configuration Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1188950013093 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: ActiveGS.cab http://www.virtualap...rg/activegs.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/12 14:35:32 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 90 Days ==========

[2010/09/22 13:19:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kelly Sorber\Desktop\OTL.exe
[2010/09/22 10:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/09/22 10:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2010/09/20 10:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/20 09:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/20 09:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/17 08:10:35 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdiv.sys
[2010/09/17 08:10:34 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdi.sys
[2010/09/17 08:10:34 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.sys
[2010/09/17 08:10:34 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.sys
[2010/09/17 08:10:34 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.sys
[2010/09/17 08:10:33 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.sys
[2010/09/17 08:10:33 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.sys
[2010/09/17 08:10:33 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\ironx86.sys
[2010/09/17 08:09:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0402000.00C
[2010/09/16 12:44:01 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/16 12:44:01 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/16 12:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/09/16 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/09/16 12:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/09/16 12:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite
[2010/09/16 12:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\My Documents\Symantec
[2010/09/16 12:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/09/16 12:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/09/16 12:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/09/16 12:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/09/08 12:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Viewer
[2010/09/05 19:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\BatteryCare
[2010/09/05 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Application Data\BatteryCare
[2010/08/25 21:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/24 16:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/06 13:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\My Documents\Quicken
[2010/08/06 13:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Config
[2010/08/06 13:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Inet
[2010/08/06 12:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 5.0
[2010/08/06 12:56:31 | 004,199,784 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll
[2010/08/06 12:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2010/08/06 12:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2010/08/06 12:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Application Data\Intuit
[2010/08/06 12:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2010/08/06 11:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/08/06 11:39:50 | 000,327,472 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Kelly Sorber\Desktop\utorrent.exe
[2010/08/03 15:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Power Search Tool
[2010/08/03 15:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Application Data\HPAppData
[2010/08/01 14:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/08/01 14:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2010/08/01 14:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/07/22 10:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Application Data\vlc
[2010/07/22 10:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/07/22 10:10:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Desktop\Movies
[2010/07/11 15:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/06/25 13:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010/06/25 13:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/06/25 13:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/06/25 13:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Fellowes
[2010/06/25 12:49:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelly Sorber\Desktop\1 Million Serial Numbers of Different Software by chocolate boy
[2010/06/25 12:31:15 | 001,261,568 | ---- | C] (Mustafa Buğra AKTAŞ) -- C:\Documents and Settings\Kelly Sorber\Desktop\SoftKey Revealer.exe
[2010/05/24 13:47:20 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Kelly Sorber\Application Data\pcouffin.sys

========== Files - Modified Within 90 Days ==========

[2010/09/22 13:24:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/22 13:19:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelly Sorber\Desktop\OTL.exe
[2010/09/22 13:14:59 | 003,849,240 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\George.exe
[2010/09/22 13:08:14 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/22 13:07:30 | 000,030,522 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/09/22 12:52:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/22 12:49:25 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/22 12:49:25 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2010/09/22 12:49:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/22 12:49:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/22 12:49:13 | 2145,353,728 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/22 12:48:08 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\Kelly Sorber\NTUSER.DAT
[2010/09/22 12:48:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Kelly Sorber\ntuser.ini
[2010/09/22 10:28:00 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\dds.com
[2010/09/22 10:11:26 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/22 10:07:29 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\Flash_Disinfector.exe
[2010/09/21 20:31:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2010/09/20 10:04:26 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/09/20 10:04:26 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/20 10:00:27 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/20 09:54:38 | 000,712,486 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/20 09:42:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/19 09:07:55 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2010/09/17 22:40:10 | 000,002,066 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2010/09/16 12:44:01 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/16 12:44:01 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/16 12:44:01 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/16 12:44:01 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/16 12:30:05 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\Norton Installation Files.lnk
[2010/09/16 09:31:56 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\SpywareBlaster.lnk
[2010/09/15 11:47:29 | 000,403,266 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\sony headphones.pdf
[2010/09/15 10:11:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/08 12:38:57 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Photoviewer.lnk
[2010/09/02 14:25:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/25 23:23:11 | 019,563,096 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\My Documents\vlc-1.1.3-win32.exe
[2010/08/25 23:01:53 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\Apple Safari.lnk
[2010/08/25 21:25:12 | 001,746,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/24 16:24:52 | 000,508,318 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/24 16:24:52 | 000,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/24 16:24:52 | 000,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/24 16:17:35 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/09 15:41:58 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\export(5).qif
[2010/08/09 11:40:54 | 000,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2010/08/06 13:24:59 | 000,005,970 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\export1.qif
[2010/08/06 12:56:30 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2010.lnk
[2010/08/06 12:56:18 | 000,000,120 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/08/06 11:39:53 | 000,327,472 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Kelly Sorber\Desktop\utorrent.exe
[2010/08/03 16:07:05 | 000,229,154 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\PC_Safety_101.pdf
[2010/08/03 15:41:05 | 000,477,260 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\PowerSearchTool4.exe
[2010/08/01 14:23:12 | 000,148,159 | ---- | M] () -- C:\WINDOWS\hpoins37.dat
[2010/08/01 14:23:04 | 000,000,722 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/01 14:17:44 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/07/22 10:39:40 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/07/19 08:04:16 | 000,015,602 | ---- | M] () -- C:\Documents and Settings\Kelly Sorber\Desktop\Dale Mowing Invoice.xlsx
[2010/07/14 15:43:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\expressripShakeIcon.job
[2010/06/25 13:23:01 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Rip.lnk

========== Files Created - No Company Name ==========

[2010/09/22 13:14:49 | 003,849,240 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\George.exe
[2010/09/22 12:49:13 | 2145,353,728 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/22 10:28:01 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\dds.com
[2010/09/22 10:11:26 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/20 10:04:26 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/09/20 10:04:26 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/20 10:00:27 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/17 22:38:53 | 000,712,486 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/17 08:10:34 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.cat
[2010/09/17 08:10:34 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.cat
[2010/09/17 08:10:34 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.cat
[2010/09/17 08:10:34 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.cat
[2010/09/17 08:10:34 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.cat
[2010/09/17 08:10:34 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.inf
[2010/09/17 08:10:34 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.inf
[2010/09/17 08:10:34 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.inf
[2010/09/17 08:10:34 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.inf
[2010/09/17 08:10:34 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.inf
[2010/09/17 08:10:33 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.cat
[2010/09/17 08:10:33 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.cat
[2010/09/17 08:10:33 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.inf
[2010/09/17 08:10:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.inf
[2010/09/17 08:10:32 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.cat
[2010/09/17 08:10:32 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.inf
[2010/09/17 08:09:36 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\isolate.ini
[2010/09/16 12:44:01 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/16 12:44:01 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/16 12:43:51 | 000,002,066 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2010/09/16 12:30:05 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\Norton Installation Files.lnk
[2010/09/15 11:47:29 | 000,403,266 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\sony headphones.pdf
[2010/09/08 12:38:57 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Photoviewer.lnk
[2010/08/30 18:25:03 | 000,008,032 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\reset.log
[2010/08/25 23:20:40 | 019,563,096 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\My Documents\vlc-1.1.3-win32.exe
[2010/08/25 23:03:21 | 000,002,205 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2010/08/10 13:10:24 | 000,002,386 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\export(5).qif
[2010/08/06 13:25:02 | 000,005,970 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\export1.qif
[2010/08/06 12:56:30 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2010.lnk
[2010/08/06 12:55:16 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/08/03 16:07:05 | 000,229,154 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\PC_Safety_101.pdf
[2010/08/03 15:40:56 | 000,477,260 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Desktop\PowerSearchTool4.exe
[2010/08/01 14:17:44 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/08/01 13:58:38 | 000,148,159 | ---- | C] () -- C:\WINDOWS\hpoins37.dat
[2010/08/01 13:58:37 | 000,000,504 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat
[2010/07/22 10:39:40 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/06/25 13:23:04 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\expressripShakeIcon.job
[2010/06/25 13:23:01 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Rip.lnk
[2010/05/24 13:47:56 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\vso_ts_preview.xml
[2010/05/24 13:47:32 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\pcouffin.log
[2010/05/24 13:47:20 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\inst.exe
[2010/05/24 13:47:20 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\pcouffin.cat
[2010/05/24 13:47:20 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\pcouffin.inf
[2010/05/23 15:06:31 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010/05/19 13:50:58 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/05/19 13:50:58 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/27 19:40:02 | 000,000,086 | ---- | C] () -- C:\WINDOWS\winthsys0906.ini
[2009/12/29 17:53:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/12/27 18:10:00 | 000,002,976 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\PatchUpdate_InstantShareJPG.log
[2009/12/27 18:10:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2009/12/27 17:55:36 | 000,003,815 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\PatchUpdate_IZClosingDiscError.log
[2009/12/27 17:55:36 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2009/10/20 15:54:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\fusioncache.dat
[2009/09/21 17:29:54 | 002,756,608 | ---- | C] () -- C:\WINDOWS\System32\NETw5r32.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/18 08:16:52 | 000,002,108 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\rx_audio.Cache
[2008/12/29 04:33:41 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\mcs.rma
[2008/12/29 04:33:41 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Application Data\23F161
[2008/10/28 20:08:22 | 000,000,365 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/03/24 18:51:45 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\keyfile3.drm
[2008/01/06 23:59:40 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/10/24 23:17:16 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2007/10/01 20:12:19 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/09/20 14:03:38 | 000,006,166 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/09/10 17:13:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\VZWDLManager.dll
[2007/09/04 19:40:20 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/09/04 19:10:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/09/04 14:15:02 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Kelly Sorber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/28 00:18:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/08/28 00:15:10 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/08/28 00:15:10 | 000,000,938 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/08/28 00:09:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2007/08/28 00:05:51 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\Tsp1.dll
[2007/08/28 00:04:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2007/08/28 00:04:06 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2007/08/27 23:39:20 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/08/27 23:39:19 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/08/27 23:39:19 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/08/27 23:39:18 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/08/27 23:37:37 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/31 21:16:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/01/31 21:11:14 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\OEM_Resources.dll
[2007/01/31 21:08:44 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/01/31 21:08:36 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/01/31 21:08:26 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/01/31 21:08:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/01/31 21:08:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/01/31 21:08:00 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/01/31 21:07:50 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/01/31 21:07:42 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/01/31 21:07:34 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/01/31 21:07:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/01/31 14:09:46 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/01/31 14:09:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/01/31 14:09:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/01/31 14:08:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/01/31 14:08:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/01/31 14:08:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/01/31 14:07:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/01/31 14:07:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/01/31 14:07:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/01/31 14:06:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/01/30 16:31:50 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/01/30 16:30:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2007/01/02 10:14:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2006/11/07 05:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/14 12:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2004/09/10 13:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

========== LOP Check ==========

[2010/09/22 10:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2009/09/20 12:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigiData
[2010/02/19 22:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/03/04 14:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/07/11 15:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007/08/28 00:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/12/29 17:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/05/04 07:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2008/01/06 23:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/09/16 09:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/06 20:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/03/15 00:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/25 01:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007/08/28 00:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2009/09/20 12:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEngineLite
[2009/09/20 12:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wi-Fi Connect
[2009/09/20 12:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WiFiTemp
[2009/03/13 14:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/02/17 19:21:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
[2010/04/08 09:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/17 16:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[2010/02/17 19:20:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2010/01/04 16:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/17 17:55:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706}
[2010/02/17 19:21:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{FCCD3ACF-B2F9-4087-B2A4-0DB5FADB9C32}
[2010/09/05 19:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\BatteryCare
[2009/08/10 18:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Comcast
[2009/09/20 12:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\DigiData
[2010/06/18 07:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\gtk-2.0
[2008/02/26 18:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Image Zone Express
[2010/06/18 07:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Inkscape
[2010/09/15 09:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\LimeWire
[2010/05/20 21:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Megaupload
[2010/03/13 15:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Opera
[2007/10/01 22:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Printer Info Cache
[2008/12/10 22:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Research In Motion
[2008/01/06 23:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\ScanSoft
[2010/01/03 23:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Smartsims
[2007/09/10 17:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Smith Micro
[2009/12/06 20:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\TomTom
[2010/02/17 17:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Uniblue
[2010/08/10 13:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\uTorrent
[2010/06/18 07:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Vso
[2010/09/05 19:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\Wave Systems Corp
[2010/03/11 15:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly Sorber\Application Data\WinPatrol
[2010/09/22 12:49:25 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\Tasks\ConfigExec.job
[2010/09/21 20:31:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\Tasks\DataUpload.job
[2010/07/14 15:43:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
[2010/02/17 17:55:11 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue DiskRescue 2009.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/09/29 19:21:38 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/10 11:02:38 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2004/08/11 18:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/03 22:33:46 | 000,220,380 | ---- | M] () -- C:\coreuninstall.log
[2007/08/27 23:40:00 | 000,006,080 | RH-- | M] () -- C:\dell.sdr
[2007/10/08 20:23:01 | 000,000,081 | ---- | M] () -- C:\DVDPATH.TXT
[2010/09/22 12:49:13 | 2145,353,728 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/08 23:22:11 | 000,003,511 | ---- | M] () -- C:\hpfr5600.log
[2007/09/04 19:36:47 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2008/11/22 03:38:30 | 000,000,164 | ---- | M] () -- C:\install.dat
[2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2010/03/11 11:01:25 | 000,007,131 | ---- | M] () -- C:\JavaRa.log
[2004/08/11 18:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2009/09/20 11:40:10 | 000,000,549 | ---- | M] () -- C:\NTDClient.log
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/08 13:48:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/22 12:49:11 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/02/11 00:00:49 | 000,000,383 | ---- | M] () -- C:\rkill.log
[2010/03/09 17:43:13 | 000,006,722 | ---- | M] () -- C:\RootRepeal report 03-09-10 (16-43-13).txt
[2010/03/09 17:45:28 | 000,006,722 | ---- | M] () -- C:\RootRepeal report 03-09-10 (16-45-28).txt
[2009/04/03 15:41:46 | 000,000,203 | ---- | M] () -- C:\Shortcut to CD Drive.lnk
[2009/09/27 15:12:31 | 000,000,909 | ---- | M] () -- C:\updatedatfix.log
[2010/06/17 12:26:34 | 000,000,268 | ---- | M] () -- C:\WirelessDiagLog.csv

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/11 18:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/11 18:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/11 18:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-16 13:19:00

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\What Makes Sociology Different - Emile Durkheim.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\Technology powerpoint.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\Technology powerpoint.pps:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\stock market project.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\resume.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\MikesBikes2008.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\Doc1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\coastal carolina.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kelly Sorber\My Documents\Cadbury Schweppes.doc:Roxio EMC Stream
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEFF768F
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >

OTL Extras:
OTL Extras logfile created on: 9/22/2010 1:21:51 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Kelly Sorber\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 48.28 Gb Free Space | 43.22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STACEY
Current User Name: Kelly Sorber
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Safari\Safari.exe" -url "%1" (Apple Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1188945143\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1188945143\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (America Online, Inc.)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"C:\Documents and Settings\Kelly Sorber\Local Settings\temp\7zSA4.tmp\SymNRT.exe" = C:\Documents and Settings\Kelly Sorber\Local Settings\temp\7zSA4.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0167F157-DAB9-46b0-86C4-7C66DDA85B48}" = HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0409c45d-df44-4b98-93b0-572697aa054a}" = F4400
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0C35EAE4-A535-46B7-B4BF-68952BD94E68}" = Uniblue DiskRescue 2009
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}" = HP Driver Diagnostics
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{258749E2-3A46-42B1-9A01-BF977AA06FAC}" = RPS CRT
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 21
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2A8E4833-F483-4074-B4DB-F295F7901A8D}" = MobileMe Control Panel
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3249FD43-B24B-413F-B786-F8FEA32FA747}" = V CAST Music
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36580FBA-B993-4F46-9B78-0F1DC5DC35CA}" = Verizon Online Backup
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{41BB38A4-ED84-4682-8329-042FEBD8C30B}" = Mega Manager
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel® PROSet/Wireless WiFi Software
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{782A8AEE-0722-4E08-BB72-34C218CF166B}" = Uniblue PowerSuite 2009
"{7DDEABFB-0621-4321-B385-CB86D3A6F90F}" = F4100
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6D15B89B-EFAD-40D8-A9BB-205094F21698}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9556CFD4-3F7E-4D1C-958B-759703E9CC21}" = O2Micro USB Smart Card Reader
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{9F1C67D6-D0B8-4BA6-B953-238BA95A58B7}" = BatteryCare
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2713384-7398-43E9-9D43-565B3A7FEFEE}" = Security Advisor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A618BB0D-8B88-45FF-83CD-783B4AE59AA0}" = NTRU TCG Software Stack
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4C95F28-A6B0-4F27-8B65-D159225B87F6}" = Wi-Fi Connect
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{d281ba0e-1617-4a62-bb37-b73671035e36}" = DJ_AIO_05_F4400_Software_Min
"{D31F958E-7353-4DEB-83E8-35B02F2EE20A}" = Wave Infrastructure Installer
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D9FCA292-1186-421F-8D93-9A5D272AD5D0}" = IntelliSonic Speech Enhancement
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E6095BEA-8C97-4342-B771-13BB72AC1D88}" = biolsp patch
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"5FD5E95A18EBF60A056BA7A51A2E794E4216D3DD" = Windows Driver Package - O2Micro (guardian2) SmartCardReader (02/05/2007 1.1.3.7)
"7-Zip" = 7-Zip 4.65
"840EF3FB8C7BFBB007E46E18F107E8CC6DD522EA" = Windows Driver Package - Dell Inc. PBADRV System (09/25/2006 6.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Autorun Eater_is1" = Autorun Eater v2.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Comcast PhotoShow Deluxe 4" = Comcast PhotoShow Deluxe 4
"DVDFab 7_is1" = DVDFab 7.0.6.2 (20/05/2010)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"ExpressRip" = Express Rip
"Google Desktop" = Google Desktop
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Imation Disk Manager V a Service" = Imation Disk Manager V a Service
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{72FECEA1-E87F-4192-89FA-D0FBF92885BB}" = ETS Upgrade
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"LG USB Drivers" = LG USB Drivers
"LimeWire" = LimeWire 5.5.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton Security Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC Wizard 2008_is1" = PC Wizard 2008.1.84
"Photo Viewer_is1" = Photo Viewer 2.4
"SearchAssist" = SearchAssist
"Secunia PSI" = Secunia PSI
"Shop for HP Supplies" = Shop for HP Supplies
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpywareBlaster_is1" = SpywareBlaster 4.4
"TBSB08970.TBSB08970Toolbar" = Power Search Tool
"Uniblue DiskRescue 2009" = Uniblue DiskRescue 2009
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uniblue PowerSuite 2009" = Uniblue PowerSuite 2009
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
"uTorrent" = µTorrent
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"VCast Music Essentials Manager" = V CAST Music Essentials Manager
"VLC media player" = VLC media player 1.1.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/21/2010 12:19:16 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1953

Error - 9/21/2010 12:50:41 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/21/2010 12:50:41 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2203

Error - 9/21/2010 12:50:41 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2203

Error - 9/21/2010 12:50:43 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/21/2010 12:50:43 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4500

Error - 9/21/2010 12:50:43 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4500

Error - 9/21/2010 12:50:45 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/21/2010 12:50:45 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6546

Error - 9/21/2010 12:50:45 PM | Computer Name = STACEY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6546

[ OSession Events ]
Error - 4/21/2008 2:08:31 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 66013
seconds with 18660 seconds of active time. This session ended with a crash.

Error - 5/5/2008 8:05:26 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 33 seconds with 0 seconds of active time. This session ended with a crash.

Error - 5/6/2008 11:34:58 AM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 46993 seconds with 540 seconds of active time. This session ended with a
crash.

Error - 5/9/2008 4:14:05 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7624
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 5/14/2008 10:09:34 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 24040
seconds with 660 seconds of active time. This session ended with a crash.

Error - 5/15/2008 9:29:58 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 39889
seconds with 1500 seconds of active time. This session ended with a crash.

Error - 5/15/2008 10:27:59 PM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 2327 seconds with 180 seconds of active time. This session ended with a
crash.

Error - 5/19/2008 7:50:38 AM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 32953 seconds with 1560 seconds of active time. This session ended with
a crash.

Error - 6/9/2008 9:24:14 AM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 6220
seconds with 300 seconds of active time. This session ended with a crash.

Error - 6/9/2008 9:25:05 AM | Computer Name = KELLYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 6386 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 9/22/2010 11:50:17 AM | Computer Name = STACEY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9/22/2010 12:34:59 PM | Computer Name = STACEY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9/22/2010 12:48:04 PM | Computer Name = STACEY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7000
Description = The Filesystem Watcher service failed to start due to the following
error: %%3

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7000
Description = The Online Backup Scheduler service failed to start due to the following
error: %%3

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7000
Description = The Intel® PROSet/Wireless Registry Service service failed to start
due to the following error: %%2

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 9/22/2010 12:50:41 PM | Computer Name = STACEY | Source = Service Control Manager | ID = 7000
Description = The Security Services Driver (x86) service failed to start due to
the following error: %%2

Error - 9/22/2010 12:54:09 PM | Computer Name = STACEY | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service upnphost with
arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

< End of report >

Combofix:
ComboFix 10-09-21.03 - Kelly Sorber 09/22/2010 13:53:45.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1211 [GMT -4:00]
Running from: c:\documents and settings\Kelly Sorber\Desktop\George.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Security Suite *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Kelly Sorber\Application Data\inst.exe
c:\program files\Power Search Tool
c:\program files\Power Search Tool\alert_plugin.dll
c:\program files\Power Search Tool\basis.xml
c:\program files\Power Search Tool\ebay.bmp
c:\program files\Power Search Tool\icons.bmp
c:\program files\Power Search Tool\logo-4.bmp
c:\program files\Power Search Tool\mbback.bmp
c:\program files\Power Search Tool\mbbigopen.bmp
c:\program files\Power Search Tool\mbclose.bmp
c:\program files\Power Search Tool\mbfwd.bmp
c:\program files\Power Search Tool\mbsep.bmp
c:\program files\Power Search Tool\nav1c.bmp
c:\program files\Power Search Tool\options.html
c:\program files\Power Search Tool\PowerSearchTool4_0.crc
c:\program files\Power Search Tool\version.txt
c:\windows\system32\spool\prtprocs\w32x86\CNMPD8U.DLL
c:\windows\system32\spool\prtprocs\w32x86\CNMPP8U.DLL

----- File Replicators -----

c:\program files\Google\Google Desktop Search\_NEW_GoogleDesktop.exe
c:\program files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp10\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp100\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp101\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp102\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp103\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp104\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp105\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp106\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp107\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp108\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp109\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp11\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp110\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp111\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp112\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp113\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp114\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp115\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp116\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp117\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp118\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp119\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp12\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp120\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp121\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp122\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp123\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp124\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp125\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp126\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp127\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp128\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp129\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp13\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp130\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp131\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp132\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp133\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp134\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp135\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp136\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp137\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp138\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp139\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp14\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp140\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp141\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp142\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp143\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp144\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp145\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp146\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp147\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp148\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp149\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp15\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp150\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp151\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp152\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp153\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp154\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp155\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp156\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp157\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp158\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp159\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp16\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp160\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp161\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp162\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp163\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp164\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp165\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp166\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp167\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp168\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp169\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp17\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp170\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp171\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp172\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp173\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp174\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp175\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp176\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp177\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp178\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp179\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp18\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp180\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp181\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp182\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp183\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp184\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp185\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp186\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp187\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp188\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp189\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp19\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp190\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp191\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp192\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp193\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp194\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp195\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp196\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp197\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp198\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp199\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp20\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp200\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp201\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp202\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp203\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp204\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp205\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp206\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp207\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp208\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp209\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp21\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp210\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp211\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp212\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp213\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp214\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp215\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp216\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp217\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp218\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp219\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp22\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp220\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp221\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp222\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp223\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp224\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp225\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp226\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp227\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp228\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp229\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp23\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp230\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp231\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp232\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp233\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp234\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp235\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp236\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp237\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp238\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp239\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp24\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp240\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp241\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp242\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp243\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp244\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp245\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp246\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp247\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp248\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp249\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp25\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp250\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp251\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp252\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp253\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp254\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp255\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp256\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp257\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp258\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp259\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp26\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp260\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp261\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp262\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp263\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp264\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp265\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp266\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp267\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp268\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp269\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp27\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp270\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp271\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp272\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp273\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp274\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp275\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp276\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp277\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp278\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp279\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp28\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp280\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp281\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp282\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp283\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp284\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp285\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp286\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp287\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp288\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp289\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp29\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp290\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp291\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp292\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp293\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp294\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp295\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp296\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp297\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp298\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp299\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp3\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp30\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp300\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp301\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp302\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp303\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp304\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp305\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp306\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp307\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp308\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp309\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp31\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp310\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp311\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp312\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp313\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp314\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp315\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp316\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp317\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp318\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp319\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp32\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp320\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp321\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp322\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp323\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp324\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp325\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp326\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp327\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp328\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp329\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp33\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp330\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp331\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp332\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp333\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp334\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp335\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp336\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp337\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp338\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp339\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp34\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp340\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp341\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp342\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp343\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp344\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp345\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp346\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp347\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp348\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp349\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp35\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp350\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp351\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp352\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp353\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp354\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp355\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp356\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp357\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp358\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp359\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp36\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp360\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp361\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp362\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp363\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp364\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp365\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp366\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp367\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp368\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp369\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp37\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp370\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp371\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp372\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp373\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp374\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp375\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp376\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp377\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp378\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp379\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp38\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp380\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp381\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp382\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp383\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp384\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp385\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp386\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp387\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp388\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp389\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp39\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp390\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp391\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp392\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp393\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp394\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp395\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp396\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp397\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp398\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp399\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp4\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp40\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp400\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp401\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp402\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp403\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp404\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp405\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp406\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp407\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp408\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp409\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp41\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp410\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp411\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp412\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp413\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp414\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp415\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp416\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp417\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp418\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp419\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp42\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp420\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp421\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp422\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp423\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp424\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp425\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp426\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp427\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp428\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp429\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp43\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp430\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp431\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp432\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp433\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp434\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp435\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp436\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp437\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp438\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp439\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp44\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp440\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp441\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp442\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp443\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp444\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp445\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp446\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp447\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp448\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp449\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp45\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp450\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp451\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp452\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp453\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp454\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp455\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp456\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp457\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp458\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp459\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp46\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp460\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp461\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp462\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp463\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp464\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp465\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp466\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp467\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp468\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp469\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp47\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp470\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp471\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp472\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp473\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp474\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp475\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp476\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp477\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp478\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp479\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp48\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp480\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp481\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp482\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp483\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp484\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp485\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp486\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp487\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp488\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp489\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp49\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp490\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp491\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp492\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp493\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp494\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp495\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp496\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp497\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp498\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp499\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp5\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp50\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp500\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp501\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp502\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp503\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp504\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp505\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp506\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp507\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp508\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp509\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp51\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp510\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp511\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp512\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp513\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp514\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp515\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp516\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp517\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp518\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp519\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp52\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp520\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp521\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp522\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp523\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp524\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp525\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp526\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp527\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp528\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp529\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp53\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp530\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp531\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp532\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp533\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp534\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp535\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp536\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp537\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp538\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp539\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp54\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp540\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp541\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp542\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp543\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp544\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp545\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp546\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp547\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp548\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp549\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp55\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp550\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp551\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp552\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp553\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp554\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp555\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp556\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp557\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp558\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp559\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp56\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp560\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp561\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp562\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp563\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp564\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp565\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp566\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp567\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp568\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp569\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp57\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp570\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp571\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp572\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp573\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp574\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp575\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp576\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp577\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp578\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp579\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp58\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp580\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp581\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp582\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp583\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp584\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp585\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp586\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp587\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp588\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp589\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp59\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp590\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp591\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp592\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp593\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp594\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp595\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp596\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp597\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp598\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp599\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp6\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp60\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp600\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp601\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp602\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp603\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp604\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp605\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp606\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp607\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp608\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp609\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp61\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp610\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp611\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp612\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp613\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp614\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp615\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp616\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp617\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp618\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp619\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp62\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp620\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp621\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp622\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp623\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp624\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp625\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp626\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp627\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp628\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp629\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp63\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp630\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp631\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp632\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp633\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp634\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp635\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp636\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp637\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp638\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp639\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp64\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp640\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp641\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp642\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp643\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp644\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp645\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp646\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp647\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp648\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp649\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp65\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp650\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp651\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp652\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp653\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp654\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp655\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp656\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp657\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp658\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp659\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp66\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp660\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp661\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp662\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp663\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp664\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp665\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp666\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp667\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp668\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp669\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp67\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp670\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp671\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp672\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp673\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp674\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp675\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp676\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp677\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp678\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp679\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp68\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp680\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp681\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp682\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp683\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp684\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp685\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp686\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp687\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp688\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp689\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp69\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp690\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp691\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp692\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp693\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp694\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp695\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp696\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp697\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp698\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp699\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp7\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp70\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp700\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp701\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp702\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp703\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp704\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp705\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp706\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp707\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp708\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp709\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp71\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp710\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp711\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp712\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp713\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp714\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp715\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp716\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp717\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp718\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp719\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp72\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp720\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp721\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp722\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp723\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp724\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp725\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp726\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp727\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp728\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp729\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp73\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp730\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp731\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp732\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp733\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp734\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp735\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp736\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp737\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp738\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp739\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp74\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp740\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp741\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp742\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp743\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp744\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp745\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp746\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp747\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp748\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp749\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp75\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp750\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp751\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp752\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp753\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp754\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp755\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp756\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp757\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp758\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp759\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp76\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp760\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp761\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp762\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp763\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp764\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp765\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp766\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp767\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp768\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp769\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp77\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp770\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp771\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp772\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp773\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp774\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp775\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp776\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp777\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp778\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp779\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp78\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp780\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp781\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp782\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp783\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp784\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp785\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp786\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp787\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp788\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp789\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp79\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp790\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp791\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp792\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp793\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp794\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp795\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp796\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp797\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp798\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp799\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp8\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp80\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp800\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp801\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp802\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp803\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp804\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp805\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp806\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp807\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp808\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp809\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp81\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp810\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp811\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp812\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp813\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp814\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp815\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp816\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp817\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp818\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp819\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp82\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp820\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp821\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp822\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp823\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp824\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp825\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp826\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp827\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp828\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp829\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp83\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp830\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp831\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp832\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp833\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp834\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp835\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp836\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp837\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp838\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp839\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp84\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp840\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp841\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp842\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp843\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp844\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp845\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp846\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp847\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp848\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp849\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp85\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp850\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp851\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp852\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp853\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp854\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp855\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp856\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp857\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp858\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp859\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp86\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp860\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp861\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp862\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp863\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp864\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp865\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp866\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp867\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp868\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp869\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp87\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp870\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp871\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp872\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp873\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp874\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp875\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp876\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp877\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp878\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp879\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp88\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp880\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp881\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp882\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp883\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp884\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp885\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp886\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp887\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp888\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp889\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp89\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp890\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp891\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp892\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp893\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp894\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp895\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp896\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp897\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp898\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp899\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp9\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp90\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp900\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp901\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp902\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp903\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp904\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp905\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp906\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp907\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp908\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp909\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp91\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp910\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp911\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp912\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp913\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp914\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp915\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp916\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp917\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp918\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp919\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp92\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp920\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp921\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp922\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp923\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp924\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp925\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp926\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp927\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp928\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp929\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp93\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp930\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp931\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp932\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp933\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp934\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp935\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp936\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp937\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp938\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp939\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp94\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp940\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp941\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp942\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp943\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp944\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp945\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp95\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp96\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp97\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp98\GoogleDesktopSetupHelper.exe
c:\program files\Google\Google Desktop Search\gcdtmp99\GoogleDesktopSetupHelper.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\330_print_panel_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\380_clearjam_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\380_loadpaper_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\380_print_panel_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\380_replacecart_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\380_transfer_photos_16.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_clearjam_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_load_4x6_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_load_5x7_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_load_8x11_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_load_envelopes_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_print_panel_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_replacecart_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\7850_transfer_photos_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\8050_clearjam_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\8050_load_4x6_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\8050_print_panel_18.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_add_to_catalog.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_backup.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_edit_basic.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_edit_recover.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_instant_share.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_org_album.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_panorama.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_print_4x6.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_print_mult.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_save_cd.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_transfer_camera.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_transfer_cd.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_transfer_scan.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_trim_video.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\cue_win_projects.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_load_env.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_load_letter.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_load_original.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_load_small.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_paperjam.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_printcart.exe
c:\program files\HP\Digital Imaging\Help\player\fscommand\F4100_transfer_scan.exe
.
.
((((((((((((((((((((((((( Files Created from 2010-08-22 to 2010-09-22 )))))))))))))))))))))))))))))))
.

2010-09-22 14:11 . 2010-09-22 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Autorun Eater
2010-09-22 14:11 . 2010-09-22 14:11 -------- d-----w- c:\program files\Autorun Eater
2010-09-20 14:08 . 2010-09-20 14:10 -------- d-----w- c:\program files\QuickTime
2010-09-20 13:59 . 2010-09-20 13:59 -------- d-----w- c:\program files\iPod
2010-09-20 13:59 . 2010-09-20 14:00 -------- d-----w- c:\program files\iTunes
2010-09-16 16:44 . 2010-09-16 16:59 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-09-16 16:44 . 2010-09-16 16:44 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-09-16 16:44 . 2010-09-16 16:44 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-16 16:43 . 2010-09-18 02:44 -------- d-----w- c:\windows\system32\drivers\N360
2010-09-16 16:43 . 2010-09-16 16:43 -------- d-----w- c:\program files\Norton Security Suite
2010-09-16 16:43 . 2010-09-16 16:43 -------- d-----w- c:\program files\Windows Sidebar
2010-09-16 16:43 . 2010-09-16 16:43 -------- d-----w- c:\program files\NortonInstaller
2010-09-16 16:43 . 2010-09-16 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-09-16 16:30 . 2010-09-16 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-09-08 16:38 . 2010-09-08 16:38 -------- d-----w- c:\program files\Photo Viewer
2010-09-05 23:48 . 2010-09-05 23:48 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\BatteryCare
2010-09-05 23:48 . 2010-09-05 23:48 -------- d-----w- c:\program files\BatteryCare
2010-08-26 01:55 . 2010-08-26 01:55 -------- d-----w- c:\program files\Apple Software Update
2010-08-24 20:07 . 2010-08-24 20:07 -------- d-----w- c:\program files\Common Files\Java

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-20 14:04 . 2008-04-16 00:40 -------- d-----w- c:\program files\Safari
2010-09-20 14:02 . 2010-09-20 14:02 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
2010-09-20 13:59 . 2007-09-26 19:24 -------- d-----w- c:\program files\Common Files\Apple
2010-09-20 13:51 . 2010-09-20 13:51 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
2010-09-16 16:44 . 2007-09-04 23:06 -------- d-----w- c:\program files\Symantec
2010-09-16 16:44 . 2010-09-16 16:44 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-09-16 16:44 . 2010-09-16 16:44 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-16 15:54 . 2008-05-09 01:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-16 13:37 . 2010-08-03 19:40 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\HPAppData
2010-09-16 13:33 . 2008-10-08 16:47 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-16 13:33 . 2008-11-30 18:49 -------- d-----w- c:\program files\SpywareBlaster
2010-09-16 13:19 . 2010-03-02 00:32 117760 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-15 14:11 . 2007-09-04 23:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-09-15 13:48 . 2007-09-10 05:37 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\LimeWire
2010-09-05 23:42 . 2007-09-04 14:54 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\Wave Systems Corp
2010-09-02 18:25 . 2010-03-25 22:32 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-26 01:52 . 2008-05-14 01:30 -------- d-----w- c:\program files\Bonjour
2010-08-24 20:17 . 2010-03-13 19:26 -------- d-----w- c:\program files\Opera
2010-08-24 20:07 . 2007-08-28 03:56 -------- d-----w- c:\program files\Java
2010-08-17 13:17 . 2004-08-11 22:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-10 17:07 . 2010-06-24 13:49 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\uTorrent
2010-08-06 17:05 . 2010-08-06 16:55 -------- d-----w- c:\program files\Quicken
2010-08-06 17:04 . 2010-08-06 17:03 -------- d-----w- c:\program files\Common Files\Config
2010-08-06 17:03 . 2010-08-06 17:03 -------- d-----w- c:\program files\Common Files\Inet
2010-08-06 17:02 . 2010-08-06 17:02 7032320 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191222-191319.dll
2010-08-06 17:01 . 2010-08-06 17:01 6301696 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191127-191222.dll
2010-08-06 17:01 . 2010-08-06 17:01 5686272 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\19153-191714.dll
2010-08-06 17:01 . 2010-08-06 17:01 7410688 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191319-191429.dll
2010-08-06 17:01 . 2010-08-06 17:01 5487616 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\19188-191916.dll
2010-08-06 16:59 . 2010-08-06 16:59 2812928 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191916-191106.dll
2010-08-06 16:59 . 2010-08-06 16:59 2844160 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191714-19188.dll
2010-08-06 16:59 . 2010-08-06 16:59 2776576 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\191429-19153.dll
2010-08-06 16:57 . 2010-08-06 16:57 243032 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE
2010-08-06 16:57 . 2010-08-06 16:57 230752 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\patchw32.dll
2010-08-06 16:57 . 2010-08-06 16:57 956 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\rebase.cmd
2010-08-06 16:56 . 2010-08-06 16:56 -------- d-----w- c:\program files\Common Files\AnswerWorks 5.0
2010-08-06 16:56 . 2007-08-28 03:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-06 16:55 . 2010-08-06 16:55 -------- d-----w- c:\program files\Common Files\Intuit
2010-08-06 16:55 . 2010-08-06 16:55 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\Intuit
2010-08-06 16:54 . 2010-08-06 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Intuit
2010-08-06 15:41 . 2010-08-06 15:41 -------- d-----w- c:\program files\uTorrent
2010-08-05 15:53 . 2010-08-05 15:53 503808 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3d180bf0-n\msvcp71.dll
2010-08-05 15:53 . 2010-08-05 15:53 499712 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3d180bf0-n\jmc.dll
2010-08-05 15:53 . 2010-08-05 15:53 348160 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3d180bf0-n\msvcr71.dll
2010-08-05 15:53 . 2010-08-05 15:53 61440 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-152bd56c-n\decora-sse.dll
2010-08-05 15:53 . 2010-08-05 15:53 12800 ----a-w- c:\documents and settings\Kelly Sorber\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-152bd56c-n\decora-d3d.dll
2010-08-02 16:58 . 2010-07-22 14:40 -------- d-----w- c:\documents and settings\Kelly Sorber\Application Data\vlc
2010-08-01 18:23 . 2010-08-01 17:58 148159 ----a-w- c:\windows\hpoins37.dat
2010-08-01 18:22 . 2010-08-01 18:22 -------- d-----w- c:\program files\Yahoo!
2010-08-01 18:20 . 2007-09-20 18:08 -------- d-----w- c:\program files\HP
2010-08-01 18:20 . 2007-09-20 18:29 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-08-01 18:19 . 2010-08-01 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-08-01 18:04 . 2010-08-01 18:04 -------- d-----w- c:\program files\Hewlett-Packard
2010-07-23 10:13 . 2010-07-23 10:13 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-22 15:49 . 2004-08-11 22:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-04-15 02:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-17 09:00 . 2010-04-24 18:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:31 . 2004-08-11 22:00 149504 ----a-w- c:\windows\system32\schannel.dll
2009-09-20 16:01 . 2009-09-20 16:01 288 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-02-18 2012912]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"BatteryCare"="c:\program files\BatteryCare\BatteryCare.exe" [2010-09-05 699904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-04-16 159744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-31 8429568]
"nwiz"="c:\windows\system32\nwiz.exe" [2007-05-31 1626112]
"NVHotkey"="nvHotkey.dll" [2007-05-31 67584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-31 81920]
"SigmatelSysTrayApp"="c:\windows\stsystra.exe" [2007-02-19 303104]
"Document Manager"="c:\program files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe" [2007-01-30 102400]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-01-22 212992]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 227328]
"HostManager"="c:\program files\Common Files\AOL\1188945143\ee\AOLSoftware.exe" [2006-09-26 50736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 49152]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Autorun Eater"="c:\program files\Autorun Eater\oldmcdonald.exe" [2010-05-06 516216]

c:\documents and settings\Kelly Sorber\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2010-5-28 911920]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-5-19 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-8-27 50688]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1188945143\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service

R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [10/1/2007 8:12 PM 6097]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\symds.sys [9/17/2010 8:10 AM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\symefa.sys [9/17/2010 8:10 AM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [9/1/2010 9:39 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\cchpx86.sys [9/17/2010 8:10 AM 501888]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2010 11:15 AM 66632]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\ironx86.sys [9/17/2010 8:10 AM 116784]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [3/12/2010 10:39 PM 108289]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/11/2010 12:46 AM 304464]
R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe [9/17/2010 8:09 AM 126392]
R2 Uniblue DiskRescue;Uniblue DiskRescue;c:\program files\Uniblue\DiskRescue\UBDiskRescueSrv.exe [9/10/2008 11:22 AM 229648]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [8/11/2004 6:00 PM 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [11/2/2006 1:32 PM 97536]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/16/2010 12:57 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100920.001\IDSXpx86.sys [9/21/2010 11:26 AM 331640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/11/2010 12:46 AM 20952]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [5/28/2010 7:04 AM 14896]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 11:15 AM 12872]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BatteryCare\WinRing0.sys [7/26/2008 6:30 PM 14416]
S2 FilesystemWatcher;Filesystem Watcher;"c:\program files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe" --> c:\program files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/10/2010 7:09 PM 135664]
S2 OnlineBackupSchedulerService;Online Backup Scheduler;"c:\program files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe" --> c:\program files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05 PM 266544]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [10/1/2007 8:12 PM 299923]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]

2010-09-22 c:\windows\Tasks\ConfigExec.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2010-04-10 21:05]

2010-09-22 c:\windows\Tasks\DataUpload.job
- c:\program files\Microsoft Fix it Center\MatsApi.dll [2010-04-10 21:05]

2010-07-14 c:\windows\Tasks\expressripShakeIcon.job
- c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-06-25 17:23]

2010-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 23:08]

2010-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 23:08]

2010-02-17 c:\windows\Tasks\Uniblue DiskRescue 2009.job
- c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 15:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: ActiveGS.cab - hxxp://www.virtualapple.org/activegs.cab
FF - ProfilePath - c:\documents and settings\Kelly Sorber\Application Data\Mozilla\Firefox\Profiles\3q413xbt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\Kelly Sorber\Application Data\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

Notify-NavLogon - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-22 14:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(572)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'lsass.exe'(628)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll

- - - - - - - > 'explorer.exe'(5920)
c:\windows\system32\WININET.dll
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\windows\system32\nvsvc32.exe
c:\program files\SigmaTel\C-Major Audio\WDM\StacSV.exe
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\UStorSrv.exe
c:\program files\Apoint\ApMsgFwd.exe
c:\program files\Apoint\HidFind.exe
c:\program files\Apoint\Apntex.exe
c:\program files\Autorun Eater\billy.exe
c:\windows\system32\wscntfy.exe
c:\program files\Google\Google Desktop Search\gcdtmp946\GoogleDesktopSetupHelper.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\msdtc.exe
.
**************************************************************************
.
Completion time: 2010-09-22 14:19:06 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-22 18:18

Pre-Run: 51,684,769,792 bytes free
Post-Run: 51,604,107,264 bytes free

- - End Of File - - B1F914B55AB866F49E726AB121D022BA

#44
rebross

Posted 22 September 2010 - 09:12 PM

Member

Topic Starter
Member
193 posts

Bad PC OTL log:
OTL logfile created on: 9/22/2010 10:46:08 PM - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Sorber\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 462.00 Mb Available Physical Memory | 46.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.79 Gb Total Space | 64.39 Gb Free Space | 61.45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STACEYLAPTOP
Current User Name: Sorber
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/22 13:29:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/11/03 15:45:48 | 001,372,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/11/03 15:35:14 | 001,202,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/08/21 04:15:32 | 000,900,816 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/25 13:16:08 | 000,042,032 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1154548953\ee\aolsoftware.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2006/06/27 21:24:18 | 000,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006/05/08 08:17:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2006/05/08 07:24:54 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
PRC - [2006/04/27 20:16:28 | 000,069,718 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
PRC - [2005/12/27 16:58:10 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2005/10/12 00:36:38 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
PRC - [2005/05/09 19:16:15 | 000,192,512 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
PRC - [2005/03/11 20:55:40 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PRC - [2004/11/17 23:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/08/19 12:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2003/05/21 18:37:08 | 000,229,437 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2002/03/14 19:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe

========== Modules (SafeList) ==========

MOD - [2010/09/22 13:29:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\tlntsvr.exe -- (TlntSvr)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/11/03 15:48:54 | 000,874,768 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/11/03 15:42:00 | 000,909,312 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/11/03 15:33:48 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/06/13 11:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/07 12:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 13:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 13:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/05/08 07:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 20:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 20:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 20:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/04/13 16:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/04/04 17:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/11/28 16:38:44 | 000,135,168 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 16:38:42 | 000,167,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 16:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 22:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/03/11 20:55:40 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\purendis.sys -- (purendis)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\pnarp.sys -- (pnarp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Fake\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/10/26 05:47:30 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/06/17 08:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/06/25 12:36:08 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2007/06/25 12:36:07 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2006/11/26 19:13:21 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/05/26 10:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/08 13:50:00 | 003,661,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/03/06 22:39:00 | 000,030,080 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2006/02/21 22:32:32 | 000,226,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/02/08 20:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006/02/03 02:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006/01/31 21:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005/12/29 22:42:00 | 000,234,496 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm321.sys -- (usbvm321)
DRV - [2005/12/14 20:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/12/05 03:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/24 16:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/11/11 18:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/10/18 20:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 20:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 20:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/09/21 13:04:56 | 000,067,456 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3132.sys -- (SI3132)
DRV - [2005/09/20 19:18:20 | 000,005,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys -- (SiRemFil)
DRV - [2005/08/01 19:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 21:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/07/06 17:33:26 | 000,176,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2005/06/24 19:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 12:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 12:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/01/06 16:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/22 16:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/01 16:21:32 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/02/09 12:06:22 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/06/28 21:21:40 | 000,017,251 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001/11/05 10:23:52 | 000,299,923 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonyhcs.sys -- (sonyhcs)
DRV - [2001/11/05 10:23:14 | 000,006,097 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sonyhcb.sys -- (sonyhcb)
DRV - [2001/07/24 13:34:34 | 000,007,520 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pelusblf.sys -- (pelusblf)
DRV - [2000/12/05 19:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 23:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2010/04/14 16:25:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2010/09/18 21:09:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/17 07:54:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/17 08:21:32 | 000,000,000 | ---D | M]

[2010/02/17 19:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Extensions
[2010/09/22 10:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions
[2010/06/17 07:53:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/22 10:11:56 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/21 09:26:59 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/09/21 09:26:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
[2010/02/23 13:21:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/02/23 13:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010/09/21 09:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\extensions\staged-xpis
[2010/02/17 20:02:36 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Mozilla\Firefox\Profiles\r1obdl24.default\searchplugins\askcom.xml
[2010/09/22 10:04:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/24 13:48:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/12/19 08:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

O1 HOSTS File: ([2010/02/28 16:21:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - Reg Error: Value error. File not found
O2 - BHO: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (WeatherBug Browser Bar - powered by MyWebSearch) - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154548953\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HPHUPD08] C:\Program Files\Hewlett-Packard\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\system32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Task Catcher] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe (BillP Studios)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe File not found
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - Startup: C:\Documents and Settings\Sorber\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1226337459254 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - Reg Error: Value error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sorber\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Security Packages - (IO SHARED\9.0\DLLSHARED) - File not found
O30 - LSA: Security Packages - (ty Pack) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/24 13:45:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/12 21:54:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell - "" = AutoRun
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95734ff8-54c2-11db-aa33-0018de087897}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MCODS -
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MCODS -
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: vidc.XVID - xvidvfw.dll File not found

CREATERESTOREPOINT
Error starting restore point: 1016
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 90 Days ==========

[2010/09/22 15:40:14 | 000,000,000 | --SD | C] -- C:\George.exe
[2010/09/22 14:08:03 | 000,000,000 | ---D | C] -- C:\George29556G
[2010/09/22 13:39:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/22 13:29:52 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
[2010/09/22 12:52:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/22 10:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/09/22 10:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2010/09/21 17:44:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2010/09/21 17:38:18 | 000,000,000 | ---D | C] -- C:\SDFix
[2010/09/21 14:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/09/20 23:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Desktop\RegSeeker
[2010/09/20 22:07:23 | 000,000,000 | --SD | C] -- C:\george21927g
[2010/09/20 15:31:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/20 14:55:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/09/20 14:55:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/20 14:55:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/20 14:55:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/20 14:54:53 | 000,000,000 | --SD | C] -- C:\george
[2010/09/20 14:54:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/09/20 13:03:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/09/20 10:25:50 | 001,293,400 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sorber\Desktop\TDSSKiller.exe
[2010/09/20 10:25:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Desktop\tdsskiller
[2010/09/20 09:40:58 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Sorber\Desktop\Norton_Removal_Tool.exe
[2010/09/19 22:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Application Data\Avira
[2010/09/19 00:07:13 | 000,000,000 | ---D | C] -- C:\645523a6356edebd98c8d4dd30
[2010/09/16 12:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/07/11 18:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/07/11 17:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sorber\Local Settings\Application Data\Nova Development

========== Files - Modified Within 90 Days ==========

[2010/09/22 22:32:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/22 22:31:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/22 22:31:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/22 22:31:28 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/22 22:30:08 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\Sorber\ntuser.dat
[2010/09/22 22:30:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Sorber\ntuser.ini
[2010/09/22 14:09:43 | 003,849,594 | R--- | M] () -- C:\Documents and Settings\Sorber\Desktop\George.exe.exe
[2010/09/22 13:29:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sorber\Desktop\OTL.exe
[2010/09/22 10:36:38 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/22 10:28:13 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\dds.com
[2010/09/22 10:28:01 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\Flash_Disinfector.exe
[2010/09/21 17:20:37 | 000,097,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/21 17:20:37 | 000,049,520 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/20 23:39:51 | 136,353,970 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\b4 regseeker.reg
[2010/09/20 15:31:30 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/20 14:03:10 | 000,000,000 | ---- | M] () -- C:\backup.reg
[2010/09/20 14:03:07 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2010/09/20 14:03:06 | 000,000,574 | ---- | M] () -- C:\cleanup.bat
[2010/09/20 09:40:59 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Sorber\Desktop\Norton_Removal_Tool.exe
[2010/09/19 22:22:29 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\SpywareBlaster.lnk
[2010/09/19 00:46:40 | 000,124,952 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/19 00:06:16 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/09/18 22:14:19 | 000,000,762 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/18 22:14:19 | 000,000,279 | ---- | M] () -- C:\Boot.bak
[2010/09/18 22:14:19 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/18 15:56:43 | 000,368,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/18 15:54:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/18 12:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/17 20:24:46 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/07 14:44:52 | 001,293,400 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sorber\Desktop\TDSSKiller.exe
[2010/08/10 13:23:55 | 000,001,119 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/08/06 14:19:53 | 000,005,970 | ---- | M] () -- C:\Documents and Settings\Sorber\Desktop\export.qif

========== Files Created - No Company Name ==========

[2010/09/22 14:09:29 | 003,849,594 | R--- | C] () -- C:\Documents and Settings\Sorber\Desktop\George.exe.exe
[2010/09/22 10:36:38 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/09/22 10:28:13 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\dds.com
[2010/09/22 10:28:01 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\Flash_Disinfector.exe
[2010/09/21 20:01:29 | 1063,440,384 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/20 23:39:27 | 136,353,970 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\b4 regseeker.reg
[2010/09/20 14:55:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/20 14:55:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/20 14:55:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/09/20 14:03:10 | 000,000,000 | ---- | C] () -- C:\backup.reg
[2010/09/20 14:03:07 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2010/09/20 14:03:06 | 000,000,574 | ---- | C] () -- C:\cleanup.bat
[2010/09/20 14:01:17 | 000,731,136 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\avenger.exe
[2010/09/20 09:13:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\gmer.exe
[2010/09/17 20:24:46 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/30 21:33:45 | 000,014,972 | ---- | C] () -- C:\Documents and Settings\Sorber\reset.log
[2010/08/06 14:19:53 | 000,005,970 | ---- | C] () -- C:\Documents and Settings\Sorber\Desktop\export.qif
[2010/04/24 16:37:21 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2010/04/24 16:37:19 | 000,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2010/02/24 09:17:52 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\housecall.guid.cache
[2010/01/31 15:27:18 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2010/01/31 15:26:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2010/01/31 15:26:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2009/12/12 11:16:19 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/09/22 09:34:16 | 000,002,549 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/04/14 20:42:48 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\WavCodec.wff
[2008/11/10 14:54:32 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\rx_image.Cache
[2008/11/10 14:54:31 | 000,107,508 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\rx_audio.Cache
[2008/11/03 22:39:10 | 000,002,654 | ---- | C] () -- C:\Documents and Settings\Sorber\Application Data\wklnhst.dat
[2008/10/31 11:42:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/09/13 11:31:04 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2008/08/09 13:42:08 | 000,004,632 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
[2008/08/09 13:41:02 | 000,000,478 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/07/02 11:17:12 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2008/03/17 08:45:57 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/07/21 23:25:50 | 000,011,037 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/25 12:36:08 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2007/06/25 12:36:07 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2007/01/13 23:37:17 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/02 12:58:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/10/16 13:49:18 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/05 20:35:43 | 000,000,353 | ---- | C] () -- C:\WINDOWS\Tlc.ini
[2006/09/25 14:35:57 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Sorber\Local Settings\Application Data\fusioncache.dat
[2006/08/02 16:16:22 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/08/02 16:16:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/08/02 16:16:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/08/02 16:16:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/08/02 16:16:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/08/02 16:16:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/08/02 16:15:47 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2006/08/02 16:07:03 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/08/02 16:04:39 | 000,001,119 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/02 15:59:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/02 15:50:28 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/07/24 16:24:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/24 15:40:49 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/07/24 15:38:31 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/07/24 15:30:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/07/24 13:52:40 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/24 13:28:35 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/24 13:28:25 | 000,000,758 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/01 21:53:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 17:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002/06/12 15:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

========== LOP Check ==========

[2008/11/30 15:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2010/03/04 22:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/22 10:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2006/10/04 18:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2010/09/20 23:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/11/01 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/02/10 14:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2007/03/31 16:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2008/10/31 11:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/04/17 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/06/19 19:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2010/09/19 22:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/02 11:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/03/17 16:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/11/22 04:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/06 11:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/20 23:47:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[2010/04/06 21:12:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}(2)
[2010/04/06 12:39:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2010/03/16 09:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/17 16:39:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/09/20 23:50:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/09/20 23:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~1
[2006/09/30 19:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Aim
[2008/10/27 15:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Babylon
[2010/02/17 21:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\BitComet
[2010/04/06 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Comcast
[2010/03/15 16:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ComcastToolbar
[2010/02/17 21:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\CometNetwork
[2009/11/03 18:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\EmailNotifier
[2007/03/31 16:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GameHouse
[2009/05/23 12:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GetRightToGo
[2006/09/26 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\InterVideo
[2006/09/26 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Leadertech
[2009/04/14 18:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\NCH Swift Sound
[2008/11/09 20:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Nova Development
[2009/11/01 20:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ooVoo Details
[2010/01/31 19:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\oovootb
[2008/11/09 14:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Research In Motion
[2008/11/03 22:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Template
[2010/02/17 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Uniblue
[2010/02/16 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WeatherBug
[2010/03/17 12:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WinPatrol

========== Purity Check ==========

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >
[2010/03/26 15:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/30 15:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2010/03/04 22:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/08/05 06:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/09/21 17:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/01/13 23:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2007/07/13 16:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/01/10 22:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/12/27 18:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2010/09/22 10:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/03/04 18:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2006/10/04 18:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2010/09/20 23:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/11/01 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2009/09/22 12:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/05/10 15:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/07/24 14:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2006/08/02 16:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2008/05/28 21:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2008/11/04 02:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2007/01/15 19:26:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/21 18:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/02/10 14:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2007/03/31 16:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2008/10/31 11:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/04/17 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/09/20 10:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/09/20 09:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/17 08:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/06/19 19:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nova Development
[2006/07/25 19:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2006/12/27 00:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/02/11 15:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2006/07/24 13:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/10/02 13:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/09/22 11:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2006/11/12 19:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SonicStage
[2006/09/26 19:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
[2010/03/07 13:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/15 15:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/01 14:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/03/11 13:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/09/19 22:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/09/26 19:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/07/02 11:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2006/08/02 16:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VAIO Media Platform
[2010/03/17 16:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/09/25 19:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/11/22 04:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/06 11:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/20 23:47:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[2010/04/06 21:12:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}(2)
[2010/04/06 12:39:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2010/03/16 09:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/17 16:39:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/09/20 23:50:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/09/20 23:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~1

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2008/07/04 13:35:40 | 000,054,632 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2008/08/29 09:57:39 | 002,834,697 | ---- | M] (Uniblue Systems Ltd. ) -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe
[2008/10/29 05:43:07 | 001,194,784 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\744435A3\CACB8439\SUMP.exe
[2008/10/29 05:43:07 | 000,614,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\EA1A1734\CACB8439\Launcher.exe
[2008/08/27 03:15:27 | 002,567,145 | ---- | M] (Uniblue Systems ) -- C:\Documents and Settings\All Users\Application Data\~0\Uniblue RegistryBooster.exe
[2008/09/05 10:46:07 | 002,826,922 | ---- | M] (Uniblue Systems Ltd. ) -- C:\Documents and Settings\All Users\Application Data\~1\PowerSuite2009.exe
[2008/11/30 15:59:55 | 001,144,808 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\aimtunes\AIMTunes.exe
[2008/08/05 06:25:22 | 000,081,176 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\alsetup.exe
[2008/08/05 06:25:13 | 000,164,080 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\iphinst.exe
[2008/08/05 06:25:27 | 000,547,984 | ---- | M] (America Online) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\muinst.exe
[2008/08/05 06:25:36 | 003,059,720 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ocpinst.exe
[2008/08/05 06:25:20 | 000,034,896 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\postproc.exe
[2008/08/05 06:25:28 | 000,159,312 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\setup.exe
[2008/08/05 06:25:20 | 000,594,240 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLinst.exe
[2008/08/05 06:25:14 | 000,352,112 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLLang.exe
[2008/08/05 06:25:23 | 000,138,296 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\WDInst.exe
[2007/05/10 13:41:38 | 001,272,304 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\AIMinst.exe
[2007/05/10 13:41:26 | 000,481,432 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\AIMLang.exe
[2007/05/10 13:42:02 | 000,141,944 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\alsetup.exe
[2007/05/10 13:42:02 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\aoldlmgr.exe
[2007/05/10 13:42:02 | 000,228,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\migrator.exe
[2007/05/10 13:42:02 | 005,312,840 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\ocpinst.exe
[2007/05/10 13:42:26 | 000,035,888 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\postproc.exe
[2007/05/10 13:42:26 | 000,169,520 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\setup.exe
[2007/05/10 13:42:26 | 000,357,776 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\tbsetup.exe
[2007/05/10 13:42:26 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\unagi3.exe
[2007/05/10 13:42:00 | 003,858,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\Vwpt.exe
[2008/01/03 12:11:34 | 001,534,136 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\AIMinst.exe
[2008/01/03 12:11:36 | 000,561,928 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\AIMLang.exe
[2008/01/03 12:11:46 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\alsetup.exe
[2008/01/03 12:11:42 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\aoldlmgr.exe
[2008/01/03 12:11:46 | 000,096,608 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\bsetutil.exe
[2008/01/03 12:11:38 | 000,228,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\migrator.exe
[2008/01/03 12:11:38 | 005,572,272 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\ocpinst.exe
[2008/01/03 12:11:32 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\postproc.exe
[2008/01/03 12:11:30 | 000,170,848 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\setup.exe
[2008/01/03 12:11:40 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\tbsetup.exe
[2008/01/03 12:11:46 | 001,628,864 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\toolbar.exe
[2008/01/03 12:11:40 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\unagi3.exe
[2008/01/03 12:11:44 | 000,030,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\Uninstaller.exe
[2008/01/03 12:11:46 | 002,882,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4268\vwpt.exe
[2008/10/31 15:15:58 | 001,708,432 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\AIMinst.exe
[2008/10/31 15:15:58 | 000,566,248 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\AIMLang.exe
[2008/10/31 15:32:10 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\alsetup.exe
[2008/10/31 15:32:02 | 000,068,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\amos.exe
[2008/10/31 15:32:10 | 000,096,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\bsetutil.exe
[2008/10/31 15:32:00 | 000,228,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\migrator.exe
[2008/10/31 15:32:02 | 005,005,648 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\ocpinst.exe
[2008/10/31 15:15:54 | 000,036,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\postproc.exe
[2008/10/31 15:15:52 | 000,170,848 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\setup.exe
[2008/10/31 15:32:04 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\tbsetup.exe
[2008/10/31 15:32:10 | 001,484,064 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\toolbar.exe
[2008/10/31 15:32:02 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\unagi3.exe
[2008/10/31 15:32:08 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\Uninstaller.exe
[2008/10/31 15:32:10 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4391\vwpt.exe
[2009/05/19 01:35:46 | 002,402,104 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\AIMinst.exe
[2009/05/19 01:35:48 | 000,550,024 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\AIMLang.exe
[2009/05/19 01:36:04 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\alsetup.exe
[2009/05/19 01:35:52 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\amoinst.exe
[2009/05/19 01:35:52 | 000,069,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\amos.exe
[2009/05/19 01:35:58 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\aoldlmgr.exe
[2009/05/19 01:36:04 | 000,097,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\bsetutil.exe
[2009/05/19 01:35:52 | 000,231,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\migrator.exe
[2009/05/19 01:35:52 | 001,225,352 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\msvc9rt.exe
[2009/05/19 01:35:54 | 004,480,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\ocpinst.exe
[2009/05/19 01:35:44 | 000,036,704 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\postproc.exe
[2009/05/19 01:35:42 | 000,172,840 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\setup.exe
[2009/05/19 01:35:56 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\tbsetup.exe
[2009/05/19 01:36:04 | 001,484,856 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\toolbar.exe
[2009/05/19 01:35:56 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\unagi3.exe
[2009/05/19 01:36:02 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\Uninstaller.exe
[2009/05/19 01:36:04 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4426\vwpt.exe
[2007/03/07 20:06:56 | 001,178,096 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMinst.exe
[2007/03/07 20:07:46 | 000,560,784 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMLang.exe
[2007/03/07 20:07:08 | 000,141,944 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\alsetup.exe
[2007/03/07 20:08:00 | 000,631,624 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\ampx.exe
[2007/03/07 20:07:06 | 000,164,912 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\inst.exe
[2007/03/07 20:07:53 | 000,055,200 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\instopts.exe
[2007/03/07 20:06:41 | 000,228,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\migrator.exe
[2007/03/07 20:07:10 | 000,579,248 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\muinst.exe
[2007/03/07 20:07:58 | 000,035,888 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\postproc.exe
[2007/03/07 20:07:44 | 000,312,880 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\setup.exe
[2007/03/07 20:07:30 | 000,357,776 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\tbsetup.exe
[2007/03/07 20:07:03 | 001,082,064 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\toolbar.exe
[2007/03/07 20:07:53 | 000,409,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\vwpt.exe
[2008/05/28 21:26:13 | 001,893,728 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\waol-0.4334.34.3.exe
[2008/05/28 21:23:09 | 008,139,800 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\acs\acssetup.exe
[2008/05/28 21:22:32 | 000,260,040 | ---- | M] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\acs\ecuinst.exe
[2008/05/28 21:23:16 | 000,355,592 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\afix\afixinst.exe
[2008/05/28 21:24:56 | 000,127,224 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\afix\afixlang.exe
[2008/05/28 21:26:08 | 000,390,704 | ---- | M] (AOL, LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\afix\WinsockFix.exe
[2008/05/28 21:22:44 | 000,223,152 | ---- | M] (AOL, LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\afix\wsfinst.exe
[2008/05/28 21:25:05 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\aolload\alsetup.exe
[2008/05/28 21:24:54 | 002,439,824 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\ccu\ocpinsti.exe
[2008/05/28 21:26:18 | 001,134,216 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\flash\flash9ex.exe
[2008/05/28 21:24:56 | 000,586,815 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\muinst\muinst.exe
[2008/05/28 21:24:59 | 000,062,816 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\ocp\ocpgc.exe
[2008/05/28 21:25:12 | 001,475,416 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\ocp\ocpinst.exe
[2008/05/28 21:26:15 | 000,054,832 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\parcon\AOLParconLink.exe
[2008/05/28 21:25:04 | 000,099,256 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\sm\sminstlp.exe
[2008/05/28 21:23:12 | 000,175,280 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\sm\stmninst.exe
[2008/05/28 21:26:28 | 000,711,392 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\sysinfo\SinfInst.exe
[2008/05/28 21:24:44 | 000,359,184 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\tb\tbsetup.exe
[2008/05/28 21:25:09 | 001,104,960 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\toolbar\toolbar.exe
[2008/05/28 21:26:23 | 000,607,392 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\tpspd\wbsetup.exe
[2008/05/28 21:25:02 | 000,601,728 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\unagi\ampx.english.exe
[2008/05/28 21:26:13 | 000,061,440 | ---- | M] (Viewpoint Corporation) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\vwpt\VPPrePop.exe
[2008/05/28 21:22:41 | 003,858,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\waol\0.4334.34.3\comps\vwpt\Vwpt.exe
[2008/09/10 18:09:10 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.0.35\SetupAdmin.exe
[2010/03/26 01:48:24 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe
[2010/03/04 04:00:34 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
[2009/01/15 14:53:20 | 000,849,920 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
[2008/03/17 08:06:59 | 000,204,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE
[2005/06/16 01:08:46 | 002,393,338 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_deluxe.exe
[2005/06/16 03:07:48 | 003,514,373 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_premier.exe
[2005/06/16 01:10:04 | 002,402,304 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_qnue.exe
[2005/06/16 01:10:28 | 003,410,304 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\quicken_start.exe
[2010/05/31 19:48:01 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2006/04/26 14:47:04 | 000,117,200 | ---- | M] (InstallShield Software Corporation) -- C:\Documents and Settings\All Users\Application Data\Sony Corporation\Click to DVD\2.0\HDDisc\SonyMpeg2tsSplitterInst\setup.exe

< %APPDATA%\*. >
[2008/04/03 12:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Adobe
[2007/02/16 20:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\AdobeUM
[2006/09/30 19:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Aim
[2010/03/16 09:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\AOL
[2010/03/22 10:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Apple Computer
[2010/01/06 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ArcSoft
[2010/09/19 22:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Avira
[2008/10/27 15:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Babylon
[2010/02/17 21:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\BitComet
[2010/04/06 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Comcast
[2010/03/15 16:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ComcastToolbar
[2010/02/17 21:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\CometNetwork
[2009/11/03 18:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\EmailNotifier
[2007/03/31 16:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GameHouse
[2009/05/23 12:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\GetRightToGo
[2006/10/07 00:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Help
[2009/09/23 09:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\HP
[2006/07/24 13:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Identities
[2010/06/17 09:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Intel
[2006/09/26 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\InterVideo
[2006/08/02 16:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Intuit
[2006/09/26 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Leadertech
[2006/09/25 19:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Macromedia
[2008/11/04 02:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Malwarebytes
[2009/05/23 11:26:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sorber\Application Data\Microsoft
[2010/02/17 16:52:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Sorber\Application Data\Move Networks
[2010/02/17 19:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Mozilla
[2009/04/14 18:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\NCH Swift Sound
[2008/11/09 20:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Nova Development
[2009/11/01 20:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\ooVoo Details
[2010/01/31 19:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\oovootb
[2006/11/26 19:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Real
[2008/11/09 14:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Research In Motion
[2009/02/11 15:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Roxio
[2010/03/17 15:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Skype
[2009/11/20 09:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\skypePM
[2006/09/26 19:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Sonic
[2009/01/20 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Sony Corporation
[2007/01/11 22:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Sun
[2010/03/01 14:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\SUPERAntiSpyware.com
[2007/01/05 15:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Talkback
[2008/11/03 22:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Template
[2008/03/17 08:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\U3
[2010/02/17 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\Uniblue
[2010/02/16 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WeatherBug
[2010/03/17 12:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WinPatrol
[2008/11/03 09:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sorber\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2007/02/16 20:57:35 | 021,277,080 | ---- | M] ( ) -- C:\Documents and Settings\Sorber\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2010/03/17 12:48:27 | 000,003,584 | R--- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2010/01/06 21:53:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{4CCC7F68-A437-4559-A840-F5E010934951}\ARPPRODUCTICON.exe
[2008/11/09 20:17:25 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\ARPPRODUCTICON.exe
[2008/11/09 20:17:26 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut10_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,022,486 | R--- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut1_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:26 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut2_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,022,486 | R--- | M] () -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut3_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut4_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut5_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut6_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut7_5360DF11A876460B99536817AA2BF9D5.exe
[2008/11/09 20:17:27 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5360DF11-A876-460B-9953-6817AA2BF9D5}\NewShortcut8_5360DF11A876460B99536817AA2BF9D5.exe
[2006/07/24 15:27:18 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe
[2006/07/24 15:26:41 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Sorber\Application Data\Microsoft\Installer\{E3D278BD-FC97-4F87-BB1F-689AE0CB9122}\ARPPRODUCTICON.exe
[2009/10/05 17:44:05 | 001,686,272 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\MoveMediaPlayerWin_071503000010.exe
[2009/10/12 22:17:29 | 001,407,680 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\MoveMediaPlayerWin_071505000010.exe
[2009/12/13 11:07:37 | 001,794,456 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\MoveMediaPlayerWin_071701000002.exe
[2009/05/01 07:43:01 | 001,047,072 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\MoveMediaPlayer_071303000006.exe
[2010/01/25 23:38:07 | 000,143,976 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\uninstall.exe
[2009/10/14 20:50:30 | 000,097,216 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2006/05/23 18:04:56 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\U3\0C51A8601301095B\cleanup.exe
[2006/06/06 14:03:16 | 002,592,768 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\U3\0C51A8601301095B\Launchpad.exe
[2006/05/23 18:04:56 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Sorber\Application Data\U3\temp\cleanup.exe
[2010/02/17 15:57:47 | 002,837,016 | ---- | M] (Intel Corporation) -- C:\Documents and Settings\Sorber\Application Data\Uniblue\DriverScanner\Download\pci_ven_8086_dev_27a08_3_1_1005.exe

< %SYSTEMDRIVE%\*.exe >
[2010/09/20 14:03:07 | 000,019,286 | ---- | M] () -- C:\cleanup.exe

< MD5 for: AGP440.SYS >
[2006/03/15 08:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/17 11:12:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2006/03/15 08:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/17 11:12:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006/03/15 08:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/17 11:12:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006/03/15 08:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/17 11:12:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 01:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006/03/15 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004/08/04 01:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006/03/15 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006/03/15 08:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006/03/15 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006/03/15 08:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: TCPIP.SYS >
[2006/04/20 07:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2005/05/25 15:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007/10/30 12:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 06:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005/05/25 15:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2007/10/30 13:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006/03/15 08:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 08:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: WINLOGON.EXE >
[2006/03/15 08:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtUninstallKB307154$\winlogon.exe
[2004/08/13 19:01:19 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=EA16F83B5E4964C100F6098CE9874927 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/07/24 06:34:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/07/24 06:34:09 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/07/24 06:34:08 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< CREATERESTOREPOIN >

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

#45
rebross

Posted 22 September 2010 - 09:39 PM

Member

Topic Starter
Member
193 posts

I'm running combofix on the bad computer (sony) and got the following error message again:
Error saving file
C:\erndt\HIV-backup\software!
continue with the next file?
I said yes and got it again so I said yes again and now it has said "attempting to create a new system restore point" for the past 30 minutes. I'm afraid to close the dialog box.