Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect

Started by TeganHadley , Nov 01 2010 09:24 PM

  • Please log in to reply

#1
TeganHadley
Posted 01 November 2010 - 09:24 PM

TeganHadley

    New Member

  • Member
  • Pip
  • 2 posts
hi guys

Yesterday I started having a problem with google where when i click on a link it opens up a new tab and opens a completely unrelated link, and disregards the link i wanted. I am on a network and all my computers are infected now. I have tried nearly all solutions posted on the internet i can find. I even paid for fixredirectvirus.org and none of these options worked. I am on vista 32-bit. The only thing i found was one of my host files was tampered with which i fixed, but this did not help. All malware and trojan programs DO NOT work or cant find anything.

I have followed the directions i found to post on here and get an OTL read out. I have very very limited computer knowledge so please try and make the help as basic to follow as possible. Here is the otl read out, any help would be truly appreciated. Ive read about deleting specific files, but would not know which ones to pick. Please help!!! Thank you

OTL logfile created on: 2/11/2010 1:45:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Tegan\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.02 Gb Total Space | 64.07 Gb Free Space | 46.08% Space Free | Partition Type: NTFS

Computer Name: MSA2 | User Name: Tegan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/02 13:43:37 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Tegan\Desktop\OTL.exe
PRC - [2010/11/01 14:21:11 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/01 14:21:10 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/28 18:07:30 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/09/16 11:26:00 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010/04/16 09:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/09 14:35:54 | 000,061,440 | ---- | M] () -- C:\Program Files\Crazy John's\Crazy John's Broadband\DetectWireless.exe
PRC - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/10/29 16:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/24 14:57:34 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/09/24 14:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 06:33:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/04/17 17:49:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/04/08 17:44:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/25 21:58:02 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
PRC - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 10:53:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/05/08 11:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
PRC - [2002/03/08 16:30:50 | 001,748,992 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\bin\ibserver.exe
PRC - [2002/03/07 12:18:50 | 000,032,768 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\bin\ibguard.exe


========== Modules (SafeList) ==========

MOD - [2010/11/02 13:43:37 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Tegan\Desktop\OTL.exe
MOD - [2010/09/01 02:09:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/28 18:07:30 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/04/16 09:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/29 09:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2010/03/18 14:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/03 09:44:13 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/09/24 14:57:34 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/09/24 14:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/17 17:49:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/21 12:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 10:53:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/03/26 14:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2002/03/08 16:30:50 | 001,748,992 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files\Firebird\bin\ibserver.exe -- (InterBaseServer)
SRV - [2002/03/07 12:18:50 | 000,032,768 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\Firebird\bin\ibguard.exe -- (InterBaseGuardian)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Tegan\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/05/12 18:01:06 | 000,059,280 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\szkgfs.sys -- (szkgfs)
DRV - [2009/12/23 16:54:00 | 000,037,488 | ---- | M] (www.winchiphead.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CH341SER.SYS -- (CH341SER)
DRV - [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\szkg.sys -- (szkg5)
DRV - [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2009/06/29 17:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/06/29 17:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/04/09 13:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 21:13:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/05/19 19:42:56 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/16 12:23:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/15 12:35:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/09 20:30:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/03 10:56:08 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/01/23 17:08:58 | 000,099,456 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bsusbser.sys -- (bsusbser)
DRV - [2008/01/21 12:53:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 12:53:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 12:53:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 12:53:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 12:53:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 12:53:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 12:53:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 12:53:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 12:53:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 12:53:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 12:53:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 12:53:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 12:53:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 12:53:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 12:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 12:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 12:53:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 12:53:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 12:53:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 12:53:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 12:53:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 12:53:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 12:53:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 12:53:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 12:53:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 12:53:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/12/15 05:23:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/12/06 20:42:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/11/01 03:21:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 03:17:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 03:17:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 01:06:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/21 07:41:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/02 20:20:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 20:20:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 20:20:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 20:20:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 20:20:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 20:20:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 20:20:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 20:20:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 20:20:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 20:19:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 20:19:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 18:55:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 18:54:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 18:54:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 18:54:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 18:54:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 18:54:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 18:11:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 18:06:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://ninemsn.com.au/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36949
FF - prefs.js..extensions.enabledItems: [email protected]:1.9.9.5
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.8
FF - prefs.js..extensions.enabledItems: {671c8440-f787-11dc-95ff-0800200c9a66}:2.0.2
FF - prefs.js..keyword.URL: "http://search.avg.co...u&lng=en-US&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://www.adelaide....gest-proxy.pac"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/01 14:21:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/01 14:21:14 | 000,000,000 | ---D | M]

[2010/04/06 12:01:18 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Extensions
[2009/05/03 17:33:40 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/11/02 10:10:10 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions
[2010/10/22 07:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/04/27 15:07:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/06 13:43:21 | 000,000,000 | ---D | M] (Digg Toolbar for Firefox) -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\{671c8440-f787-11dc-95ff-0800200c9a66}
[2010/04/19 21:35:53 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/06/06 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]
[2010/06/19 16:06:31 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]
[2010/06/19 16:06:32 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]
[2010/09/23 10:39:08 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]
[2010/06/06 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]\chrome
[2010/06/06 13:43:22 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Mozilla\Firefox\Profiles\s8bjszsz.default\extensions\[email protected]\defaults
[2010/04/06 11:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/11/02 13:24:06 | 000,000,749 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [MyDetectWireless] C:\Program Files\Crazy John's\Crazy John's Broadband\DetectWireless.exe ()
O4 - HKCU..\Run: [MyWirelessCard] C:\Program Files\Crazy John's\Crazy John's Broadband\WirelessCard.exe ()
O4 - HKCU..\Run: [Sidebar] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook....b?1265787893586 (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-au.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Tegan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tegan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 08:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{12603803-d1d3-11df-ab16-001e337e9bb4}\Shell - "" = AutoRun
O33 - MountPoints2\{12603803-d1d3-11df-ab16-001e337e9bb4}\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{21aa3386-dd6d-11df-8506-001e337e9bb4}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{4e4b45ab-2db7-11df-9246-001e337e9bb4}\Shell - "" = AutoRun
O33 - MountPoints2\{4e4b45ab-2db7-11df-9246-001e337e9bb4}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{4e4b461a-2db7-11df-9246-001e101f00de}\Shell - "" = AutoRun
O33 - MountPoints2\{4e4b461a-2db7-11df-9246-001e101f00de}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{ad064f61-c219-11de-a04b-001e337e9bb4}\Shell\AutoRun\command - "" = C:\Windows\System32\wiaacmgr.exe -- [2008/01/21 12:53:37 | 000,088,064 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{c2a55d25-119d-11de-91ed-001e337e9bb4}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{c325400e-0575-11de-b02c-001e337e9bb4}\Shell\AutoRun\command - "" = E:\AutoTransfer.exe -- File not found
O33 - MountPoints2\{f6ee412c-8044-11df-bbd6-001e337e9bb4}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/11/02 13:43:37 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Tegan\Desktop\OTL.exe
[2010/11/02 13:37:51 | 036,317,368 | ---- | C] (PC Tools ) -- C:\Users\Tegan\Desktop\spdoc.exe
[2010/11/02 13:35:28 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Desktop\lspfix
[2010/11/02 12:45:55 | 000,000,000 | ---D | C] -- C:\Users\Tegan\AppData\Roaming\Registry Mechanic
[2010/11/02 12:38:29 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox210.ocx
[2010/11/02 12:38:29 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox10.ocx
[2010/11/02 12:38:29 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBoxVB12.ocx
[2010/11/02 12:38:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/11/02 12:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2010/11/02 12:34:50 | 015,633,288 | ---- | C] (PC Tools ) -- C:\Users\Tegan\Desktop\rminstall.exe
[2010/11/02 12:19:16 | 108,202,756 | ---- | C] (AVG Technologies) -- C:\Users\Tegan\Desktop\avg_ipw_x86_all_2011_1153a3218.exe.part
[2010/11/02 12:10:13 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/11/02 11:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/11/02 11:52:49 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/11/02 11:50:38 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Tegan\Desktop\spybotsd162.exe
[2010/11/02 11:06:35 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Desktop\tdsskiller
[2010/11/02 10:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\FixRedirectVirus
[2010/11/02 10:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/11/02 10:40:07 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Desktop\Downloads
[2010/11/02 10:40:00 | 000,000,000 | ---D | C] -- C:\Users\Tegan\AppData\Roaming\GetRightToGo
[2010/11/02 10:39:42 | 000,367,232 | ---- | C] (RegNow.com) -- C:\Users\Tegan\Documents\Download_7.0.0.538f-sdasetup-regnow201-AVP.exe
[2010/11/02 09:50:44 | 000,000,000 | ---D | C] -- C:\Users\Tegan\AppData\Roaming\Malwarebytes
[2010/11/02 09:50:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/02 09:50:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/02 09:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/02 09:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/02 09:48:52 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tegan\Documents\malwaree.exe
[2010/11/02 09:45:59 | 010,609,336 | ---- | C] (Simply Super Software ) -- C:\Users\Tegan\Documents\trj682.exe
[2010/11/01 23:55:08 | 000,000,000 | ---D | C] -- C:\rei
[2010/11/01 23:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/11/01 23:54:01 | 000,248,968 | ---- | C] (Reimage®) -- C:\Users\Tegan\Documents\ReimageRepair.exe
[2010/11/01 23:08:02 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Documents\Simply Super Software
[2010/11/01 23:07:58 | 000,000,000 | ---D | C] -- C:\Users\Tegan\AppData\Roaming\Simply Super Software
[2010/11/01 23:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/11/01 22:24:39 | 000,509,440 | ---- | C] (iS3, Inc.) -- C:\Users\Tegan\Desktop\stop
[2010/11/01 22:12:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/01 22:07:21 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Documents\tdsskiller
[2010/11/01 18:14:45 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Documents\backups
[2010/11/01 17:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
[2010/11/01 17:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/11/01 17:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/11/01 17:21:10 | 000,509,440 | ---- | C] (iS3, Inc.) -- C:\Users\Tegan\Documents\STOPzilla_Setup.exe
[2010/11/01 17:21:10 | 000,509,440 | ---- | C] (iS3, Inc.) -- C:\Users\Tegan\Documents\stop
[2010/10/28 18:07:24 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3HTUI5.dll
[2010/10/28 18:07:24 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZIO5.dll
[2010/10/28 18:07:22 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZComp5.dll
[2010/10/28 18:07:22 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZBase5.dll
[2010/10/28 18:07:22 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3DBA5.dll
[2010/10/28 18:07:22 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Hks5.dll
[2010/10/28 18:07:22 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3XDat5.dll
[2010/10/28 18:07:20 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Base5.dll
[2010/10/28 18:07:20 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3UI5.dll
[2010/10/28 18:07:20 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Win325.dll
[2010/10/28 18:07:20 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Svc5.dll
[2010/10/28 18:07:20 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Inet5.dll
[2010/10/26 11:30:08 | 001,317,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tegan\Desktop\TDSSKiller.exe
[2010/10/19 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2010/10/19 14:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPSS
[2010/10/19 14:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPSSInc
[2010/10/19 14:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\SPSSInc
[2010/10/19 14:18:31 | 323,859,992 | ---- | C] (SPSS Inc ) -- C:\Users\Tegan\Documents\PASW_Statistics_18_win32_en.exe
[2010/10/19 14:11:23 | 000,000,000 | ---D | C] -- C:\Users\Tegan\Documents\SPSSInc
[2010/10/19 14:10:42 | 000,000,000 | ---D | C] -- C:\Users\Tegan\.spss
[2010/10/13 15:49:28 | 501,868,232 | ---- | C] (SPSS Inc., an IBM Company ) -- C:\Users\Tegan\Documents\SPSS_Statistics_19_win32_en.exe
[2010/10/07 22:29:57 | 000,099,456 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\System32\drivers\bsusbser.sys
[2010/10/07 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Crazy John's
[4 C:\Users\Tegan\Documents\*.tmp files -> C:\Users\Tegan\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/02 13:45:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/02 13:43:37 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Tegan\Desktop\OTL.exe
[2010/11/02 13:43:14 | 036,317,368 | ---- | M] (PC Tools ) -- C:\Users\Tegan\Desktop\spdoc.exe
[2010/11/02 13:36:11 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/11/02 13:36:04 | 000,000,464 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010/11/02 13:35:16 | 000,201,030 | ---- | M] () -- C:\Users\Tegan\Desktop\lspfix.zip
[2010/11/02 13:29:59 | 000,707,288 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/02 13:29:59 | 000,146,452 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/02 13:24:06 | 000,000,749 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/02 13:23:50 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/02 13:23:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 13:23:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 13:23:22 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2010/11/02 13:23:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/02 13:23:08 | 3080,732,672 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/02 12:43:47 | 108,202,756 | ---- | M] (AVG Technologies) -- C:\Users\Tegan\Desktop\avg_ipw_x86_all_2011_1153a3218.exe.part
[2010/11/02 12:38:30 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2010/11/02 12:35:54 | 015,633,288 | ---- | M] (PC Tools ) -- C:\Users\Tegan\Desktop\rminstall.exe
[2010/11/02 12:35:30 | 000,251,392 | ---- | M] () -- C:\Users\Tegan\Desktop\hijackthis_sfx.exe
[2010/11/02 12:19:22 | 000,000,000 | ---- | M] () -- C:\Users\Tegan\Desktop\avg_ipw_x86_all_2011_1153a3218.exe
[2010/11/02 12:08:51 | 000,024,064 | ---- | M] () -- C:\Users\Tegan\Documents\avg license number.doc
[2010/11/02 11:52:58 | 000,001,090 | ---- | M] () -- C:\Users\Tegan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/11/02 11:52:58 | 000,001,066 | ---- | M] () -- C:\Users\Tegan\Desktop\Spybot - Search & Destroy.lnk
[2010/11/02 11:50:59 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Tegan\Desktop\spybotsd162.exe
[2010/11/02 11:06:40 | 001,317,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tegan\Desktop\TDSSKiller.exe
[2010/11/02 11:05:43 | 001,207,026 | ---- | M] () -- C:\Users\Tegan\Desktop\tdsskiller.zip
[2010/11/02 11:00:38 | 003,898,593 | R--- | M] () -- C:\Users\Tegan\Desktop\ComboFix.exe
[2010/11/02 10:57:34 | 000,001,744 | ---- | M] () -- C:\Users\Tegan\Desktop\Redirect Virus Remover.lnk
[2010/11/02 10:39:49 | 000,367,232 | ---- | M] (RegNow.com) -- C:\Users\Tegan\Documents\Download_7.0.0.538f-sdasetup-regnow201-AVP.exe
[2010/11/02 09:50:36 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/02 09:49:17 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tegan\Documents\malwaree.exe
[2010/11/02 09:46:37 | 010,609,336 | ---- | M] (Simply Super Software ) -- C:\Users\Tegan\Documents\trj682.exe
[2010/11/01 23:56:19 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2010/11/01 23:55:11 | 000,001,906 | ---- | M] () -- C:\Users\Tegan\Desktop\PC Scan & Repair by Reimage.lnk
[2010/11/01 23:54:05 | 000,248,968 | ---- | M] (Reimage®) -- C:\Users\Tegan\Documents\ReimageRepair.exe
[2010/11/01 23:27:12 | 000,000,943 | ---- | M] () -- C:\Windows\WirelessCard.INI
[2010/11/01 23:24:33 | 000,001,356 | ---- | M] () -- C:\Users\Tegan\AppData\Local\d3d9caps.dat
[2010/11/01 22:24:45 | 000,509,440 | ---- | M] (iS3, Inc.) -- C:\Users\Tegan\Desktop\stop
[2010/11/01 17:21:11 | 000,509,440 | ---- | M] (iS3, Inc.) -- C:\Users\Tegan\Documents\STOPzilla_Setup.exe
[2010/11/01 17:21:11 | 000,509,440 | ---- | M] (iS3, Inc.) -- C:\Users\Tegan\Documents\stop
[2010/10/29 14:26:55 | 000,026,624 | ---- | M] () -- C:\Users\Tegan\Documents\phD reasoning.doc
[2010/10/28 18:07:24 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3HTUI5.dll
[2010/10/28 18:07:24 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZIO5.dll
[2010/10/28 18:07:22 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZComp5.dll
[2010/10/28 18:07:22 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZBase5.dll
[2010/10/28 18:07:22 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3DBA5.dll
[2010/10/28 18:07:22 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Hks5.dll
[2010/10/28 18:07:22 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3XDat5.dll
[2010/10/28 18:07:20 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Base5.dll
[2010/10/28 18:07:20 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3UI5.dll
[2010/10/28 18:07:20 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Win325.dll
[2010/10/28 18:07:20 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Svc5.dll
[2010/10/28 18:07:20 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Inet5.dll
[2010/10/28 14:05:22 | 000,035,270 | ---- | M] () -- C:\Users\Tegan\Documents\lit review summary.enl
[2010/10/27 11:54:36 | 000,002,607 | ---- | M] () -- C:\Users\Tegan\Desktop\Microsoft Office Excel 2003.lnk
[2010/10/22 11:41:44 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010/10/22 11:41:44 | 000,000,034 | ---- | M] () -- C:\Windows\System32\FD203A.DAT
[2010/10/22 11:40:03 | 000,002,609 | ---- | M] () -- C:\Users\Tegan\Desktop\Microsoft Office Word 2003.lnk
[2010/10/22 06:19:57 | 000,410,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/21 09:09:42 | 000,024,064 | ---- | M] () -- C:\Users\Tegan\Documents\stats on thesis.doc
[2010/10/19 21:15:53 | 000,026,112 | ---- | M] () -- C:\Users\Tegan\Documents\Copy of Tegan's gold coast money.xls
[2010/10/19 14:27:41 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz
[2010/10/19 14:27:41 | 000,000,205 | ---- | M] () -- C:\Windows\System32\lsprst7.dll
[2010/10/19 14:27:41 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm
[2010/10/19 14:23:32 | 323,859,992 | ---- | M] (SPSS Inc ) -- C:\Users\Tegan\Documents\PASW_Statistics_18_win32_en.exe
[2010/10/18 13:55:28 | 000,149,281 | ---- | M] () -- C:\Users\Tegan\Documents\important intro facts.pdf
[2010/10/16 18:54:29 | 000,119,808 | ---- | M] () -- C:\Users\Tegan\Documents\The How greedy is your dog survey.doc
[2010/10/13 15:57:29 | 501,868,232 | ---- | M] (SPSS Inc., an IBM Company ) -- C:\Users\Tegan\Documents\SPSS_Statistics_19_win32_en.exe
[2010/10/13 15:08:09 | 000,000,114 | ---- | M] () -- C:\Windows\System32\prsgrc.tgz
[2010/10/13 15:08:08 | 000,000,100 | ---- | M] () -- C:\Windows\System32\prsgrc.dll
[2010/10/11 23:04:57 | 000,032,256 | ---- | M] () -- C:\Users\Tegan\Documents\notes for seminar.doc
[2010/10/11 21:16:25 | 000,002,711 | ---- | M] () -- C:\Users\Tegan\Application Data\Microsoft\Internet Explorer\Quick Launch\Vodafone Mobile Connect.lnk
[2010/10/11 20:21:23 | 000,149,287 | ---- | M] () -- C:\Users\Tegan\Documents\obesity in aussie dogs.pdf
[2010/10/09 18:34:44 | 000,076,800 | ---- | M] () -- C:\Users\Tegan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/08 21:31:11 | 000,000,028 | ---- | M] () -- C:\Windows\flowstatics.db
[2010/10/08 13:07:04 | 000,048,715 | ---- | M] () -- C:\Users\Tegan\Documents\family.jpg
[2010/10/08 13:06:07 | 000,092,214 | ---- | M] () -- C:\Users\Tegan\Documents\family.php
[2010/10/08 11:46:33 | 000,023,552 | ---- | M] () -- C:\Users\Tegan\Documents\seminar final stuff.xls
[2010/10/07 22:40:40 | 000,000,396 | ---- | M] () -- C:\Users\Tegan\Desktop\export.csv
[2010/10/07 22:29:59 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\Crazy John's Broadband.lnk
[4 C:\Users\Tegan\Documents\*.tmp files -> C:\Users\Tegan\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/02 13:35:15 | 000,201,030 | ---- | C] () -- C:\Users\Tegan\Desktop\lspfix.zip
[2010/11/02 13:24:20 | 000,000,464 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010/11/02 13:23:08 | 3080,732,672 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/02 12:39:21 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2010/11/02 12:38:30 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010/11/02 12:38:30 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2010/11/02 12:35:30 | 000,251,392 | ---- | C] () -- C:\Users\Tegan\Desktop\hijackthis_sfx.exe
[2010/11/02 12:19:22 | 000,000,000 | ---- | C] () -- C:\Users\Tegan\Desktop\avg_ipw_x86_all_2011_1153a3218.exe
[2010/11/02 12:08:51 | 000,024,064 | ---- | C] () -- C:\Users\Tegan\Documents\avg license number.doc
[2010/11/02 11:52:58 | 000,001,090 | ---- | C] () -- C:\Users\Tegan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/11/02 11:52:58 | 000,001,066 | ---- | C] () -- C:\Users\Tegan\Desktop\Spybot - Search & Destroy.lnk
[2010/11/02 11:05:35 | 001,207,026 | ---- | C] () -- C:\Users\Tegan\Desktop\tdsskiller.zip
[2010/11/02 11:00:33 | 003,898,593 | R--- | C] () -- C:\Users\Tegan\Desktop\ComboFix.exe
[2010/11/02 10:57:34 | 000,001,744 | ---- | C] () -- C:\Users\Tegan\Desktop\Redirect Virus Remover.lnk
[2010/11/02 09:50:36 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/02 09:47:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/11/02 09:47:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/11/02 09:47:15 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll
[2010/11/02 09:47:15 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/11/01 23:55:57 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2010/11/01 23:55:11 | 000,001,906 | ---- | C] () -- C:\Users\Tegan\Desktop\PC Scan & Repair by Reimage.lnk
[2010/10/29 14:26:55 | 000,026,624 | ---- | C] () -- C:\Users\Tegan\Documents\phD reasoning.doc
[2010/10/21 09:09:42 | 000,024,064 | ---- | C] () -- C:\Users\Tegan\Documents\stats on thesis.doc
[2010/10/19 21:15:53 | 000,026,112 | ---- | C] () -- C:\Users\Tegan\Documents\Copy of Tegan's gold coast money.xls
[2010/10/18 13:55:28 | 000,149,281 | ---- | C] () -- C:\Users\Tegan\Documents\important intro facts.pdf
[2010/10/11 20:21:23 | 000,149,287 | ---- | C] () -- C:\Users\Tegan\Documents\obesity in aussie dogs.pdf
[2010/10/09 09:59:27 | 000,032,256 | ---- | C] () -- C:\Users\Tegan\Documents\notes for seminar.doc
[2010/10/08 13:07:03 | 000,048,715 | ---- | C] () -- C:\Users\Tegan\Documents\family.jpg
[2010/10/08 13:06:00 | 000,092,214 | ---- | C] () -- C:\Users\Tegan\Documents\family.php
[2010/10/07 22:40:40 | 000,000,396 | ---- | C] () -- C:\Users\Tegan\Desktop\export.csv
[2010/10/07 22:30:23 | 000,000,028 | ---- | C] () -- C:\Windows\flowstatics.db
[2010/10/07 22:30:22 | 000,000,943 | ---- | C] () -- C:\Windows\WirelessCard.INI
[2010/10/07 22:29:59 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\Crazy John's Broadband.lnk
[2010/10/03 20:51:09 | 000,023,552 | ---- | C] () -- C:\Users\Tegan\Documents\seminar final stuff.xls
[2010/08/30 18:46:44 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010/08/30 18:46:44 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010/08/30 18:46:44 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2010/08/30 13:31:33 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010/08/30 13:31:33 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010/07/30 10:18:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/28 00:36:26 | 000,000,284 | ---- | C] () -- C:\Users\Tegan\AppData\Roaming\NMM-MetaData.db
[2009/11/03 10:29:06 | 000,000,024 | ---- | C] () -- C:\Windows\MSBSETUP.INI
[2009/06/30 09:41:16 | 000,000,553 | ---- | C] () -- C:\Users\Tegan\AppData\Roaming\momento.log
[2009/06/16 13:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/05/02 21:26:39 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/02/24 22:41:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/18 15:32:21 | 000,000,532 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/01/13 20:57:50 | 000,076,800 | ---- | C] () -- C:\Users\Tegan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/11 06:39:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/01/11 06:39:56 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/01/11 06:39:56 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/01/11 06:39:56 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/01/11 06:39:56 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/01/11 06:39:56 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/01/11 06:17:03 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/01/11 06:17:03 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/01/11 06:17:03 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/01/11 06:17:03 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/01/11 06:14:05 | 000,001,356 | ---- | C] () -- C:\Users\Tegan\AppData\Local\d3d9caps.dat
[2008/12/31 18:04:42 | 000,691,560 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/07/12 06:02:33 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/07/12 05:55:51 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/07/12 05:21:37 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2008/02/11 11:01:36 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll
[2008/02/11 11:01:36 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl35cl3.dll
[2006/11/02 23:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/12/07 13:31:00 | 000,202,752 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2005/08/28 10:30:00 | 000,000,296 | ---- | C] () -- C:\Windows\rspacfg.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/02/18 14:47:55 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Bytemobile
[2009/02/18 15:56:08 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Canon
[2010/09/28 09:15:40 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Eclipse
[2010/03/16 14:41:42 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\EndNote
[2010/06/28 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Facebook
[2009/05/09 18:40:33 | 000,000,000 | R--D | M] -- C:\Users\Tegan\AppData\Roaming\FX
[2010/11/02 10:52:14 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\GetRightToGo
[2009/02/18 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\InterTrust
[2010/09/18 14:08:31 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\LimeWire
[2010/06/13 15:18:20 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009/02/05 17:44:58 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Memeo
[2009/06/30 09:55:58 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Momento
[2010/04/28 00:36:26 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Nokia
[2009/05/11 21:06:27 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\PC Suite
[2010/11/02 12:45:55 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Registry Mechanic
[2009/02/18 15:32:42 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\ScanSoft
[2010/11/02 09:47:28 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Simply Super Software
[2009/02/06 09:21:56 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\toshiba
[2009/02/14 13:00:43 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Ulead Systems
[2009/02/18 14:47:54 | 000,000,000 | ---D | M] -- C:\Users\Tegan\AppData\Roaming\Vodafone
[2010/11/02 13:23:22 | 000,000,254 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2010/11/02 13:17:40 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements

#2
TeganHadley
Posted 01 November 2010 - 09:30 PM

TeganHadley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
a file also came up with the otl.txt called extras.txt and had this in it if its useful?

OTL Extras logfile created on: 2/11/2010 1:45:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Tegan\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.02 Gb Total Space | 64.07 Gb Free Space | 46.08% Space Free | Partition Type: NTFS

Computer Name: MSA2 | User Name: Tegan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A0D510A-8A4F-4CB3-9F41-E8544B898F31}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2BCE8EDA-ED61-4D38-BA54-8F955599809F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{471F7A23-5D4D-4351-ABA6-5AFA3A459155}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{487E4881-B63D-42DA-A7A4-69F6CC83241D}" = lport=138 | protocol=17 | dir=in | app=system |
"{5C8D75D6-9E64-40CF-86BC-4844A68A89CE}" = rport=445 | protocol=6 | dir=out | app=system |
"{7285DE7B-03CC-4D8A-984A-5199547A1FBB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A902B20A-AA34-4A77-B4EF-DD8F0B4F2624}" = rport=137 | protocol=17 | dir=out | app=system |
"{B0C15C21-D95A-46B5-AEA9-78BBB93B05B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0E0C848-6C6B-4FDF-98C4-3F89F0F96D5D}" = lport=139 | protocol=6 | dir=in | app=system |
"{D4254791-DCA8-4176-916C-0499A16FE1C6}" = lport=445 | protocol=6 | dir=in | app=system |
"{E5F4840C-BEDA-4EDB-8F4C-E22795D5A633}" = rport=138 | protocol=17 | dir=out | app=system |
"{E723AA49-5294-4267-B3FA-F8E9A075EB62}" = lport=137 | protocol=17 | dir=in | app=system |
"{F014F942-C199-48D9-AC1D-1300C9FF5B42}" = lport=13 | protocol=6 | dir=in | name=cortrakkiii |
"{FD51BD6A-02B6-4708-BF95-29B8DC48C72A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04F880AC-B975-4A25-90DA-E10C5E5D7E9B}" = protocol=1 | dir=in | [email protected],-28543 |
"{0824F4C8-CE88-4DE8-B3AF-1FF9EF5DC9B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D070CED-0295-4E51-9F61-4F637D6A2FA9}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{1561ED1F-AC9C-47D9-93A0-14B47F6751BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1A54B9F2-E08C-43BA-B902-0EF5F467334F}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{2053715C-8DED-4D54-BE36-D0A9E8AE2AEB}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{279A3F58-7388-4C8F-B5AC-1AC1B1451424}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{34D12EA8-B4C6-466C-A2AC-EEB5BCCA3A59}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{34E0DF81-F808-46F5-8BA1-0CD8BBE36B78}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{4403BDA5-A8B6-4849-8082-50D056BEF190}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{440FEADC-890A-4236-94ED-2DDB2AE958A9}" = protocol=58 | dir=out | [email protected],-28546 |
"{5A85E7A1-1074-4638-8E53-76B48E3CB55F}" = protocol=1 | dir=out | [email protected],-28544 |
"{8A7092C2-A99B-4754-B522-D9FF599FB8F5}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8F6AD047-15F3-4ADC-8D4C-DB8347A9EAFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9AF15B3C-F366-440D-8D2D-21F88A5E14E8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A2452836-0A47-4219-8E42-521D2E73A37E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ABFEAEDB-3B53-4DE8-9992-0B045A12F8AB}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{AED71BCB-1224-4FF5-9320-187E5EEBB906}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{DA49A9D3-979B-4B44-9F56-4031F11F9A13}" = protocol=58 | dir=in | [email protected],-28545 |
"{F9295FC8-0504-4099-99C2-5D129B057FA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{304B576D-A16E-4983-A5E5-53E40806DFB5}" = STOPzilla
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{395AB8C5-F3A8-4380-8718-7A11EC5829F0}" = Crazy John's Broadband
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6210BD42-B7DF-81F6-D7BD-82430A7BE0E3}" = Market Samurai
"{65883ddf-2152-4cb7-8e13-b99194b13498}" = Nero BackItUp
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{6E1A6CD8-0079-4A16-A4C5-773930CB7265}" = CorTrack II
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75c53f52-398b-4d66-b28a-f9ef170b3b34}" = Nero BackItUp
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838BC0FB-4F8F-47B9-847F-06AE4CCE4181}" = Manual CanoScan LiDE 25
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}" = EndNote X3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter and the Goblet of Fire™
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5A7081A-0C91-41C1-9EFF-5BD8696053A2}" = SIMCardReaderPro
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA5784C0-06BB-4884-A7C4-89CC206EA2B6}" = ninemsn Toolbar
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EECEE314-C26B-4D75-9D6E-F03D9A7223D3}" = PLAN ApplyOnline Mobile
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FBDBServer1_is1" = Firebird 1.0.0.796
"FixRedirectVirus1.5" = FixRedirectVirus
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"LimeWire" = LimeWire 4.18.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Momento" = Momento 5.1.0
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Nokia PC Suite" = Nokia PC Suite
"Picasa 3" = Picasa 3
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Reimage Repair" = Reimage Repair
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/10/2010 1:45:06 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 20805557

Error - 8/10/2010 1:45:06 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20805557

Error - 8/10/2010 1:45:07 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2010 1:45:07 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 20806555

Error - 8/10/2010 1:45:07 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20806555

Error - 8/10/2010 1:45:08 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2010 1:45:08 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 20807569

Error - 8/10/2010 1:45:08 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20807569

Error - 8/10/2010 1:45:09 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2010 1:45:09 PM | Computer Name = MSA2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 20808568

[ Media Center Events ]
Error - 14/12/2009 6:36:31 PM | Computer Name = MSA2 | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ System Events ]
Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7026
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:50:55 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:51:02 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7001
Description =

Error - 1/11/2010 10:53:21 PM | Computer Name = MSA2 | Source = HTTP | ID = 15016
Description =

Error - 1/11/2010 10:53:39 PM | Computer Name = MSA2 | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP