I ran the fixme.reg file and rebooted. Then reinstalled the TCP/IP and rebooted again. Still recognizes the wireless networks but won't connect. Just tries to renew the IP address but never does.
I also feel like there may still be some kind of malware or virus on the machine. I installed Ad-Aware since getting the initial Antimalware Doctor virus becuase I was concerned that Symantec Endpoint Protection didn't pick it up. My machine has been very slow to boot now or at least to give me the wireless config icon in my system tray. I just received a popup from Ad-Aware saying that it blocked a process and detected a virus. See below for a log of the blocked processes as well as the OTS scan you requested.
I am using a different machine to post with since I have not internet access with my other machine.
MSG [5864] 2010/10/22 21:37:02: C:\docume~1\owner\locals~1\temp\cfz.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [1024] 2010/10/22 21:42:02: C:\docume~1\owner\locals~1\temp\cf4.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [0744] 2010/10/22 22:37:01: C:\docume~1\owner\locals~1\temp\cfz.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [5292] 2010/10/22 22:42:01: C:\docume~1\owner\locals~1\temp\cf4.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [5536] 2010/10/25 18:37:00: C:\docume~1\owner\locals~1\temp\cfz.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [5904] 2010/10/25 18:42:00: C:\docume~1\owner\locals~1\temp\cf4.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [3844] 2010/10/25 19:37:01: C:\docume~1\owner\locals~1\temp\cfz.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
MSG [1432] 2010/10/25 19:42:00: C:\docume~1\owner\locals~1\temp\cf4.exe (diagnosis: Malware family: VirTool.Win32.Obfuscator.hg!b (v)) => Block
OTS logfile created on: 10/25/2010 7:41:27 PM - Run 2
OTS by OldTimer - Version 3.1.40.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 112.37 Gb Free Space | 37.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OEM-3414B23E485
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/09/23 03:46:07 | 001,355,928 | ---- | M] (Lavasoft)
aawtray.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/09/23 03:46:07 | 000,864,624 | ---- | M] (Lavasoft)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
rtvscan.exe -> C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -> [2007/12/18 21:08:08 | 002,189,240 | ---- | M] (Symantec Corporation)
smcgui.exe -> C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe -> [2007/12/18 19:03:10 | 001,643,904 | ---- | M] (Symantec Corporation)
smc.exe -> C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -> [2007/12/18 19:03:08 | 002,569,600 | ---- | M] (Symantec Corporation)
quickset.exe -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
ccapp.exe -> C:\Program Files\Common Files\Symantec Shared\ccApp.exe -> [2007/11/09 15:15:34 | 000,115,560 | ---- | M] (Symantec Corporation)
ccsvchst.exe -> C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2007/11/09 15:15:18 | 000,108,392 | ---- | M] (Symantec Corporation)
dellwmgr.exe -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
hpztsb10.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
sysfer.dll -> C:\WINDOWS\system32\sysfer.dll -> [2007/12/18 19:04:08 | 000,329,088 | ---- | M] (Symantec Corporation)
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/09/23 03:46:07 | 001,355,928 | ---- | M] (Lavasoft)
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2009/07/21 16:58:55 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/04/08 08:12:50 | 001,112,560 | ---- | M] (Sonic Solutions)
(Symantec AntiVirus) Symantec Endpoint Protection [Auto | Running] -> C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -> [2007/12/18 21:08:08 | 002,189,240 | ---- | M] (Symantec Corporation)
(SNAC) Symantec Network Access Control [On_Demand | Stopped] -> C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -> [2007/12/18 19:04:36 | 000,234,888 | ---- | M] (Symantec Corporation)
(SmcService) Symantec Management Client [Auto | Running] -> C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -> [2007/12/18 19:03:08 | 002,569,600 | ---- | M] (Symantec Corporation)
(ccSetMgr) Symantec Settings Manager [Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2007/11/09 15:15:18 | 000,108,392 | ---- | M] (Symantec Corporation)
(ccEvtMgr) Symantec Event Manager [Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2007/11/09 15:15:18 | 000,108,392 | ---- | M] (Symantec Corporation)
(LiveUpdate) LiveUpdate [On_Demand | Stopped] -> C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -> [2007/08/11 20:05:27 | 003,093,872 | ---- | M] (Symantec Corporation)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo)
[Driver Services - Safe List]
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\zumbus.sys -> File not found
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101019.004\NAVEX15.SYS -> [2010/09/30 04:00:00 | 001,371,184 | ---- | M] (Symantec Corporation)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101019.004\NAVENG.SYS -> [2010/09/30 04:00:00 | 000,086,064 | ---- | M] (Symantec Corporation)
(Lbd) Lbd [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\Lbd.sys -> [2010/09/23 03:46:08 | 000,064,288 | ---- | M] (Lavasoft AB)
(Lavasoft Kernexplorer) Lavasoft helper driver [Kernel | On_Demand | Stopped] -> C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -> [2010/09/23 03:46:08 | 000,015,008 | ---- | M] ()
(WpsHelper) WpsHelper [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\WpsHelper.sys -> [2010/09/10 22:32:20 | 000,167,936 | ---- | M] (Symantec Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2010/05/27 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/05/27 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS -> [2009/10/06 16:29:02 | 000,136,496 | ---- | M] (Symantec Corporation)
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\iaStor.sys -> [2009/07/21 17:01:56 | 000,328,728 | ---- | M] (Intel Corporation)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2009/07/21 17:01:10 | 001,287,552 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2009/07/21 17:00:39 | 006,047,904 | ---- | M] (Intel Corporation)
(IntcHdmiAddService) Intel(R) High Definition Audio HDMI Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\IntcHdmi.sys -> [2009/07/21 16:59:59 | 000,110,080 | ---- | M] (Intel(R) Corporation)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2009/07/21 16:58:55 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yk51x86.sys -> [2009/07/21 16:58:14 | 000,265,856 | ---- | M] (Marvell)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2009/07/21 16:56:45 | 000,989,696 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2009/07/21 16:56:45 | 000,730,112 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2009/07/21 16:56:45 | 000,209,152 | ---- | M] (Conexant Systems, Inc.)
(atiide) ATI SATA Controller IDE mode [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\atiide.sys -> [2009/07/21 16:55:41 | 000,003,456 | ---- | M] (ATI Technologies Inc.)
(COH_Mon) COH_Mon [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\COH_Mon.sys -> [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2008/04/13 18:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(SysPlant) SysPlant for NT [Kernel | Boot | Running] -> C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -> [2007/12/18 19:06:14 | 000,091,008 | ---- | M] (Symantec Corporation)
(WPS) WPS [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\WPSDRVnt.sys -> [2007/12/18 19:04:16 | 000,040,832 | ---- | M] (Symantec Corporation)
(SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\srtspl.sys -> [2007/11/30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation)
(SRTSP) SRTSP [File_System | System | Running] -> C:\WINDOWS\system32\drivers\srtsp.sys -> [2007/11/30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation)
(SRTSPX) SRTSPX [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\srtspx.sys -> [2007/11/30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation)
(Teefer2) Teefer2 Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\teefer2.sys -> [2007/08/06 15:29:28 | 000,049,024 | ---- | M] (Symantec Corporation)
(SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2007/07/31 02:17:26 | 000,418,864 | ---- | M] (Symantec Corporation)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/07/18 02:02:00 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\CVPNDRVA.sys -> [2007/07/16 11:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.)
(OEM02Afx) Provides a software interface to control audio effects of OEM002 camera. [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Afx.sys -> [2007/06/08 02:00:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/03/05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dne2000.sys -> [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CVirtA.sys -> [2007/01/18 15:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(SYMTDI) SYMTDI [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\SYMTDI.SYS -> [2007/01/09 16:46:26 | 000,191,544 | ---- | M] (Symantec Corporation)
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -> [2007/01/09 16:46:26 | 000,027,576 | ---- | M] (Symantec Corporation)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: Main\\"Start Page" -> http://www.espn.com/ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyOverride" -> *.local;<local> ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\: "ProxyServer" -> proxy:80 ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\za1kw2ny.default\prefs.js ->
browser.startup.homepage -> "http://www.espn.com/" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 ->
network.proxy.ftp -> "proxy" ->
network.proxy.ftp_port -> 80 ->
network.proxy.gopher -> "proxy" ->
network.proxy.gopher_port -> 80 ->
network.proxy.http -> "proxy" ->
network.proxy.http_port -> 80 ->
network.proxy.no_proxies_on -> "localhost,127.0.0.1" ->
network.proxy.share_proxy_settings -> true ->
network.proxy.socks -> "proxy" ->
network.proxy.socks_port -> 80 ->
network.proxy.ssl -> "proxy" ->
network.proxy.ssl_port -> 80 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.14\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/10/20 00:31:10 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions -> [2009/10/06 18:00:51 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions -> [2010/10/18 10:00:48 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\za1kw2ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/07 18:29:51 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files\Mozilla Firefox\extensions -> [2010/10/19 18:24:01 | 000,000,000 | ---D | M]
Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010/03/11 21:03:21 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 08:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ccApp" -> C:\Program Files\Common Files\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2007/11/09 15:15:34 | 000,115,560 | ---- | M] (Symantec Corporation)
"Dell QuickSet" -> C:\Program Files\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2007/12/10 18:06:18 | 001,228,800 | ---- | M] (Dell Inc.)
"DELL Webcam Manager" -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe ["C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s] -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 10:46:24 | 000,172,032 | ---- | M] (HP)
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/05/10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"ramcewnoxs.tmp" -> C:\Documents and Settings\Owner\Local Settings\Temp\ramcewnoxs.tmp ["C:\DOCUME~1\Owner\LOCALS~1\Temp\ramcewnoxs.tmp"] -> [2010/10/19 22:09:28 | 000,039,936 | ---- | M] ()
"SigmatelSysTrayApp" -> C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe] -> File not found
"UpdateLBPShortCut" -> C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdateP2GoShortCut" -> C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePDIRShortCut" -> C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 21:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
"UpdatePSTShortCut" -> C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/10/06 23:42:38 | 000,210,216 | ---- | M] (CyberLink Corp.)
"WatchDog" -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [C:\Program Files\InterVideo\DVD Check\DVDCheck.exe] -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
< Run [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Advanced SystemCare 3" -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe ["C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/06/30 09:55:40 | 002,329,224 | ---- | M] (IObit)
"IJKUK66HMN" -> C:\Documents and Settings\Owner\Local Settings\Temp\Cfz.exe [C:\DOCUME~1\Owner\LOCALS~1\Temp\Cfz.exe] -> [2010/10/19 22:13:35 | 000,221,184 | ---- | M] (Trend Micro Inc.)
"NtWqIVLZEWZU" -> C:\Documents and Settings\Owner\Local Settings\Temp\Cf3.exe [C:\DOCUME~1\Owner\LOCALS~1\Temp\Cf3.exe] -> [2010/10/19 22:13:43 | 000,200,704 | ---- | M] (Trend Micro Inc.)
"SMH2B46TDP" -> C:\Documents and Settings\Owner\Local Settings\Temp\Cfy.exe [C:\DOCUME~1\Owner\LOCALS~1\Temp\Cfy.exe] -> [2010/10/19 22:13:31 | 000,221,184 | ---- | M] (Trend Micro Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2008/05/23 20:23:22 | 000,197,904 | ---- | M] (InterVideo Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico -> [2009/10/06 11:38:02 | 000,006,144 | R--- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoResolveSearch" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 16 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1584 domain(s) found. ->
www_joinmvp.com [http] -> Trusted sites ->
www_joinmvpgold.com [http] -> Trusted sites ->
www_joinmvpnh.com [http] -> Trusted sites ->
www_joinpreferredcare.org [http] -> Trusted sites ->
lawprod.hq_mvphealthcare.com [https] -> Trusted sites ->
md_mvphealthcare.com [https] -> Trusted sites ->
swp_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthcare.com [http] -> Trusted sites ->
www_mvphealthcare.com [https] -> Trusted sites ->
www_mvphealthplan.com [http] -> Trusted sites ->
www_mvpkidpower.com [http] -> Trusted sites ->
www_mvppc.com [http] -> Trusted sites ->
www_mvpquote.com [http] -> Trusted sites ->
www_mvpselectcare.com [http] -> Trusted sites ->
www_mvpvermont.com [http] -> Trusted sites ->
www_nhmvp.com [http] -> Trusted sites ->
www_pckidpower.com [http] -> Trusted sites ->
citrix_preferredcare.org [https] -> Trusted sites ->
www_preferredcare.org [http] -> Trusted sites ->
www_preferredcare.org [https] -> Trusted sites ->
sympoweb .[http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\] > -> HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1819960671-3660475524-142641703-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2009/07/21 17:00:43 | 000,217,088 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/07/21 15:01:31 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Registry - Additional Scans - Safe List]
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 -> -> File not found
HidServ -> C:\WINDOWS\System32\hidserv.dll -> File not found
Ias -> -> File not found
Iprip -> -> File not found
Irmon -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
WmdmPmSp -> -> File not found
*MultiFile Done* -> ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
batfile [open] -> "%1" %* ->
cmdfile [open] -> "%1" %* ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
piffile [open] -> "%1" %* ->
scrfile [config] -> "%1" ->
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/14 08:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation)
scrfile [open] -> "%1" /S ->
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
Directory [Generate MD5 Signatures] -> "C:\Program Files\Michael K. Weise\mkw Audio Compression Toolkit\mkwACT.exe" -> [2000/09/29 20:23:22 | 000,083,968 | ---- | M] (Michael K. Weise)
Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 7/29/2010 7:55:49 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 7/30/2010 8:19:01 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/1/2010 8:01:56 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/8/2010 9:04:22 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/13/2010 5:35:52 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/18/2010 5:49:40 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/21/2010 1:35:54 AM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 8/27/2010 5:00:19 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 9/4/2010 2:44:59 PM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
Application [ Error ] 9/16/2010 9:12:40 AM Computer Name = OEM-3414B23E485 | Source = SescLU | ID = 13 -> Description = LiveUpdate returned a non-critical error. Available content updates may have failed to install.
System [ Error ] 10/25/2010 7:03:52 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7024 -> Description = The Bonjour Service service terminated with service-specific error 4294967295 (0xFFFFFFFF).
System [ Error ] 10/25/2010 7:03:52 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7023 -> Description = The IPSEC Services service terminated with the following error: %%10044
System [ Error ] 10/25/2010 7:03:52 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7023 -> Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: %%10047
System [ Error ] 10/25/2010 7:11:00 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7003 -> Description = The DHCP Client service depends on the following nonexistent service: NetBT
System [ Error ] 10/25/2010 7:11:00 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7003 -> Description = The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT
System [ Error ] 10/25/2010 7:11:00 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7000 -> Description = The Zune Bus Enumerator Driver service failed to start due to the following error: %%2
System [ Error ] 10/25/2010 7:12:49 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7022 -> Description = The Automatic Updates service hung on starting.
System [ Error ] 10/25/2010 7:35:57 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7003 -> Description = The DHCP Client service depends on the following nonexistent service: NetBT
System [ Error ] 10/25/2010 7:35:57 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7003 -> Description = The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT
System [ Error ] 10/25/2010 7:35:57 PM Computer Name = OEM-3414B23E485 | Source = Service Control Manager | ID = 7000 -> Description = The Zune Bus Enumerator Driver service failed to start due to the following error: %%2
[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:30:53 | 000,641,536 | ---- | C] (OldTimer Tools)
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2010/10/22 20:03:44 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/10/22 20:02:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/10/22 20:02:06 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/10/22 20:02:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/10/22 20:02:05 | 000,000,000 | ---D | C]
Lbd.sys -> C:\WINDOWS\System32\drivers\Lbd.sys -> [2010/10/22 19:55:34 | 000,064,288 | ---- | C] (Lavasoft AB)
{E961CE1B-C3EA-4882-9F67-F859B555D097} -> C:\Documents and Settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097} -> [2010/10/22 19:54:55 | 000,000,000 | -H-D | C]
Lavasoft -> C:\Program Files\Lavasoft -> [2010/10/22 19:54:36 | 000,000,000 | ---D | C]
Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2010/10/22 19:54:36 | 000,000,000 | ---D | C]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | C]
CSC -> C:\WINDOWS\CSC -> [2010/10/19 22:55:05 | 000,000,000 | ---D | C]
Cwufea.exe -> C:\WINDOWS\Cwufea.exe -> [2010/10/19 22:13:35 | 000,221,184 | ---- | C] (Trend Micro Inc.)
Server -> C:\Documents and Settings\All Users\Documents\Server -> [2010/10/19 22:10:07 | 000,000,000 | -H-D | C]
Temp -> C:\Documents and Settings\Owner\Local Settings\Application Data\Temp -> [2010/10/09 10:40:13 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google -> [2010/10/09 10:40:10 | 000,000,000 | ---D | C]
cache -> C:\Documents and Settings\Owner\Local Settings\Application Data\cache -> [2010/10/03 04:31:20 | 000,000,000 | ---D | C]
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
[Files/Folders - Modified Within 30 Days]
{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> [2010/10/25 19:42:00 | 000,000,282 | -H-- | M] ()
{22116563-108C-42c0-A7CE-60161B75E508}.job -> C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job -> [2010/10/25 19:37:01 | 000,000,282 | -H-- | M] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/25 19:36:58 | 000,000,472 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\tasks\WGASetup.job -> [2010/10/25 19:34:03 | 000,000,260 | ---- | M] ()
VPN Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk -> [2010/10/25 19:33:44 | 000,002,447 | ---- | M] ()
YUZTJV.job -> C:\WINDOWS\tasks\YUZTJV.job -> [2010/10/25 19:33:34 | 000,000,302 | -HS- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/10/25 19:33:14 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/25 19:33:07 | 3210,780,672 | -HS- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/10/25 19:01:12 | 000,002,206 | ---- | M] ()
fixme.reg -> C:\Documents and Settings\Owner\Desktop\fixme.reg -> [2010/10/25 18:58:20 | 000,000,141 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/10/25 18:45:05 | 000,000,978 | ---- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/10/25 18:29:30 | 000,641,536 | ---- | M] (OldTimer Tools)
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | M] ()
Ad-Aware.lnk -> C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk -> [2010/10/22 19:54:54 | 000,000,885 | ---- | M] ()
Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2010/10/22 19:54:54 | 000,000,867 | ---- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/10/19 22:45:09 | 000,444,596 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/10/19 22:45:09 | 000,072,306 | ---- | M] ()
Cwufea.exe -> C:\WINDOWS\Cwufea.exe -> [2010/10/19 22:13:29 | 000,221,184 | ---- | M] (Trend Micro Inc.)
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/18 10:45:01 | 000,000,926 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/10/17 23:29:28 | 000,002,137 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/10/13 03:19:56 | 000,300,440 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/10/13 03:03:28 | 000,001,393 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/10/05 21:44:02 | 000,032,256 | ---- | M] ()
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
2 C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp ->
2 C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp ->
[Files - No Company Name]
fixme.reg -> C:\Documents and Settings\Owner\Desktop\fixme.reg -> [2010/10/25 18:58:20 | 000,000,141 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/10/22 20:02:32 | 000,000,696 | ---- | C] ()
Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/10/22 19:56:18 | 000,000,472 | ---- | C] ()
Ad-Aware.lnk -> C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk -> [2010/10/22 19:54:54 | 000,000,885 | ---- | C] ()
Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2010/10/22 19:54:54 | 000,000,867 | ---- | C] ()
log.txt -> C:\Documents and Settings\Owner\log.txt -> [2010/10/22 19:18:26 | 000,000,543 | ---- | C] ()
resetlog.txt -> C:\Documents and Settings\Owner\resetlog.txt -> [2010/10/20 01:08:19 | 000,010,683 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/10/20 00:18:36 | 3210,780,672 | -HS- | C] ()
{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> [2010/10/19 22:13:46 | 000,000,282 | -H-- | C] ()
{22116563-108C-42c0-A7CE-60161B75E508}.job -> C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job -> [2010/10/19 22:13:39 | 000,000,282 | -H-- | C] ()
mssha6.dll -> C:\WINDOWS\System32\mssha6.dll -> [2010/10/19 22:13:28 | 000,069,632 | RHS- | C] ()
YUZTJV.job -> C:\WINDOWS\tasks\YUZTJV.job -> [2010/10/19 22:13:28 | 000,000,302 | -HS- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003UA.job -> [2010/10/09 10:40:12 | 000,000,978 | ---- | C] ()
GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1819960671-3660475524-142641703-1003Core.job -> [2010/10/09 10:40:12 | 000,000,926 | ---- | C] ()
pdf995.ini -> C:\WINDOWS\pdf995.ini -> [2010/03/16 21:01:57 | 000,000,028 | ---- | C] ()
pdf995mon.dll -> C:\WINDOWS\System32\pdf995mon.dll -> [2010/03/16 20:59:58 | 000,051,716 | ---- | C] ()
wpd99.drv -> C:\WINDOWS\wpd99.drv -> [2010/03/16 20:59:58 | 000,000,060 | ---- | C] ()
BladeEnc.dll -> C:\WINDOWS\System32\BladeEnc.dll -> [2010/02/10 22:53:41 | 000,528,384 | ---- | C] ()
ShnDll32.dll -> C:\WINDOWS\System32\ShnDll32.dll -> [2010/02/10 22:53:41 | 000,120,832 | ---- | C] ()
hpdj5700.ini -> C:\WINDOWS\hpdj5700.ini -> [2009/10/12 16:05:55 | 000,002,298 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2009/10/12 16:05:23 | 000,000,414 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/06 10:30:46 | 000,032,256 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2009/07/21 17:03:32 | 000,000,061 | ---- | C] ()
igfxCoIn_v4990.dll -> C:\WINDOWS\System32\igfxCoIn_v4990.dll -> [2009/07/21 17:00:39 | 000,147,456 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2009/07/21 16:53:16 | 000,016,480 | ---- | C] ()
IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2009/07/21 15:49:04 | 000,204,800 | ---- | C] ()
IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2009/07/21 15:49:04 | 000,192,512 | ---- | C] ()
IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2009/07/21 15:49:04 | 000,188,416 | ---- | C] ()
IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2009/07/21 15:49:03 | 000,200,704 | ---- | C] ()
IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2009/07/21 15:49:03 | 000,020,480 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/07/21 15:25:04 | 000,000,376 | ---- | C] ()
ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/07/21 07:48:15 | 000,004,161 | ---- | C] ()
vpnapi.dll -> C:\WINDOWS\System32\vpnapi.dll -> [2007/07/16 11:58:10 | 000,197,408 | ---- | C] ()
CSGina.dll -> C:\WINDOWS\System32\CSGina.dll -> [2007/07/16 11:58:00 | 000,193,312 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 18:05:08 | 000,002,695 | ---- | C] ()
[File - Lop Check]
pdf995 -> C:\Documents and Settings\All Users\Application Data\pdf995 -> [2010/07/13 20:35:54 | 000,000,000 | ---D | M]
TDK -> C:\Documents and Settings\All Users\Application Data\TDK -> [2010/10/20 15:54:07 | 000,000,000 | ---D | M]
Temp -> C:\Documents and Settings\All Users\Application Data\Temp -> [2009/07/21 16:26:43 | 000,000,000 | ---D | M]
Uninstall -> C:\Documents and Settings\All Users\Application Data\Uninstall -> [2009/07/21 15:55:23 | 000,000,000 | ---D | M]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/10/07 18:56:12 | 000,000,000 | ---D | M]
{E961CE1B-C3EA-4882-9F67-F859B555D097} -> C:\Documents and Settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097} -> [2010/10/22 19:54:56 | 000,000,000 | -H-D | M]
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2009/10/06 09:37:45 | 000,000,000 | ---D | M]
com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1 -> [2009/12/06 14:48:32 | 000,000,000 | ---D | M]
dBpoweramp -> C:\Documents and Settings\Owner\Application Data\dBpoweramp -> [2010/03/03 20:13:37 | 000,000,000 | ---D | M]
ICAClient -> C:\Documents and Settings\Owner\Application Data\ICAClient -> [2010/07/13 18:02:28 | 000,000,000 | ---D | M]
IObit -> C:\Documents and Settings\Owner\Application Data\IObit -> [2009/10/30 14:07:29 | 000,000,000 | ---D | M]
pdf995 -> C:\Documents and Settings\Owner\Application Data\pdf995 -> [2010/03/16 21:01:57 | 000,000,000 | ---D | M]
tmp -> C:\Documents and Settings\Owner\Application Data\tmp -> [2010/03/11 21:07:58 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2010/10/25 19:36:58 | 000,000,472 | ---- | M] ()
WGASetup.job -> C:\WINDOWS\Tasks\WGASetup.job -> [2010/10/25 19:34:03 | 000,000,260 | ---- | M] ()
YUZTJV.job -> C:\WINDOWS\Tasks\YUZTJV.job -> [2010/10/25 19:33:34 | 000,000,302 | -HS- | M] ()
{22116563-108C-42c0-A7CE-60161B75E508}.job -> C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job -> [2010/10/25 19:37:01 | 000,000,282 | -H-- | M] ()
{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job -> [2010/10/25 19:42:00 | 000,000,282 | -H-- | M] ()
[File - Purity Scan]
< End of report >