Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Can't get online with desktop

Started by m powrd , Feb 06 2011 10:07 AM

This topic is locked

#1
m powrd

Posted 06 February 2011 - 10:07 AM

New Member

Member
8 posts

I am using my netbook to get online and try to find a solution to the problem I'm having with my desktop. About a week or so ago, my desktop picked up some sort of malware/spyware where it would generate pop-up's and a fake anti-virus window would open and tell me my computer was infected and that I needed to download this anti-virus software. It also would open a small window saying the same thing with an icon on the lower right toolbar. Then the computer would pretty much lock up. I could open a new browser but it wouldn't connect to the internet and then that window would lock up. I could open the C drive, but after 30 sec it would lock up. I right clicked on the fake anti virus icon and went to properties. I found where the file was located but every time I tried to delete it, I could not because it was running and then the window would freeze. I ran my own anti virus (McAfee) but it said my computer was fine. Finally, after several reboots, I got the message telling me that the malware program had encountered a problem and was shut down...would I like to send a report, etc. I immediately went into the C drive and found it under the temp internet files and deleted it.

Now my computer runs fine except no internet. I have run the diagnostics on the connection but they were no help. I cannot even connect to my router to see its settings. I uninstalled and then reinstalled the router...same results. My computer tells me that I'm connected to the router, but I can't really connect to it and make any changes. I can, however, go to microsoft's secure website (https), but no other connections can be made.

It is really frustrating because this little netbook was never intended to replace my desktop. It has no where near the computing power or memory. I'm glad that at least I can get online with it, but I need my desktop back up and running. I appreciate any help or advice you can give me!

#2
Essexboy

Posted 07 February 2011 - 03:33 PM

GeekU Moderator

Retired Staff
69,964 posts

Hi could you transfer the following to your sick computer and then attach the resultant log

Download OTS to your Desktop and double-click on it to run it

Make sure you close all other programs and don't use the PC while the scan runs.
Select All Users
Under additional scans select the following
Reg - NetSvcs
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check
File - Purity Scan
Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
When the scan is complete Notepad will open with the report file loaded in it.
Please attach the log in your next post.

#3
m powrd

Posted 08 February 2011 - 10:20 AM

New Member

Topic Starter
Member
8 posts

Thanks for the reply! I'm swamped with work at the moment but I will try to take care of this tonight or tomorrow and get back to you as soon as I can!

Thanks again!!!

#4
Essexboy

Posted 08 February 2011 - 01:22 PM

GeekU Moderator

Retired Staff
69,964 posts

No problem on the time

#5
m powrd

Posted 09 February 2011 - 10:58 AM

New Member

Topic Starter
Member
8 posts

I am running the scan right now. I will post the log when it is complete.

#6
m powrd

Posted 09 February 2011 - 11:12 AM

New Member

Topic Starter
Member
8 posts

Here is a copy of the log:

OTS logfile created on: 2/9/2011 11:57:01 AM - Run 1
OTS by OldTimer - Version 3.1.41.4     Folder = C:\Documents and Settings\Carlisle Vereen\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,022.00 Mb Total Physical Memory | 384.00 Mb Available Physical Memory | 38.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 154.23 Gb Free Space | 67.61% Space Free | Partition Type: NTFS
Drive D: | 235.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 37.31 Gb Total Space | 14.61 Gb Free Space | 39.17% Space Free | Partition Type: NTFS
 
Computer Name: VEREENDESKTOP
Current User Name: Carlisle Vereen
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Carlisle Vereen\Desktop\OTS.exe -> [2011/02/09 11:51:50 | 000,642,560 | ---- | M] (OldTimer Tools)
googlecrashhandler.exe -> C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe -> [2010/10/17 02:45:18 | 000,134,808 | ---- | M] (Google Inc.)
mfefire.exe -> C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -> [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.)
mfevtps.exe -> C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -> [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.)
mcagent.exe -> C:\Program Files\McAfee.com\Agent\mcagent.exe -> [2010/09/30 12:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.)
mcshield.exe -> C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -> [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.)
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2010/04/15 07:06:17 | 000,202,256 | ---- | M] (RealNetworks, Inc.)
mcsacore.exe -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2010/03/26 10:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.)
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.)
mcsvhost.exe -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
isuspm.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation)
ijplmsvc.exe -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2008/10/09 09:07:56 | 000,107,912 | ---- | M] ()
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
bjmyprt.exe -> C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE -> [2008/03/17 20:06:00 | 001,848,648 | ---- | M] (CANON INC.)
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/04/03 18:50:13 | 000,068,856 | ---- | M] (Google Inc.)
dsagnt.exe -> C:\Program Files\DellSupport\DSAgnt.exe -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
wcescomm.exe -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe -> [2006/11/13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
rapimgr.exe -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe -> [2006/11/13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation)
msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2006/11/03 17:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation)
msmpeng.exe -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 17:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation)
dlccmon.exe -> C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe -> [2005/07/22 14:03:00 | 000,425,984 | ---- | M] (Dell)
dlcccoms.exe -> C:\WINDOWS\system32\dlcccoms.exe -> [2005/06/21 15:19:38 | 000,491,520 | ---- | M] ()
 
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Carlisle Vereen\Desktop\OTS.exe -> [2011/02/09 11:51:50 | 000,642,560 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
serwvdrv.dll -> C:\WINDOWS\system32\serwvdrv.dll -> [2004/08/10 06:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation)
umdmxfrm.dll -> C:\WINDOWS\system32\umdmxfrm.dll -> [2004/08/10 06:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(mfefire) McAfee Firewall Core Service [Auto | Running] -> C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -> [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.)
(mfevtp) McAfee Validation Trust Protection Service [Unknown | Running] -> C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -> [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [On_Demand | Stopped] -> C:\Program Files\McAfee\VirusScan\mcods.exe -> [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.)
(McShield) McShield [Unknown | Running] -> C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -> [2010/08/24 13:57:38 | 000,171,168 | ---- | M] ()
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Auto | Running] -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2010/03/26 10:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.)
(MSK80Service) McAfee Anti-Spam Service [Auto | Running] -> C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Auto | Running] -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(McNASvc) McAfee Network Agent [Auto | Running] -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(McNaiAnn) McAfee VirusScan Announcer [Auto | Running] -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(mcmscsvc) McAfee Services [Auto | Running] -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(McMPFSvc) McAfee Personal Firewall Service [Auto | Running] -> C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
(IJPLMSVC) Canon Inkjet Printer/Scanner/Fax Extended Survey Program [Auto | Running] -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2008/10/09 09:07:56 | 000,107,912 | ---- | M] ()
(sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) [Disabled | Stopped] -> C:\Program Files\Dell Support Center\bin\sprtsvc.exe -> [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.)
(QBCFMonitorService) QBCFMonitorService [Disabled | Stopped] -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -> [2008/02/27 07:24:12 | 000,020,480 | ---- | M] (Intuit)
(Symantec RemoteAssist) Symantec RemoteAssist [On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -> [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.)
(STCAgent) Cisco Systems, Inc. STC Agent [Disabled | Stopped] -> C:\Program Files\Cisco Systems\SSL VPN Client\Agent.exe -> [2007/07/30 20:00:35 | 000,267,320 | ---- | M] (Cisco Systems, Inc.)
(GoToMyPC) GoToMyPC [Disabled | Stopped] -> C:\Program Files\Citrix\GoToMyPC\g2svc.exe -> [2007/06/20 10:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
(QBFCService) Intuit QuickBooks FCS [Disabled | Stopped] -> C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -> [2007/05/24 07:08:44 | 000,061,440 | ---- | M] (Intuit Inc.)
(DSBrokerService) DSBrokerService [Disabled | Stopped] -> C:\Program Files\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 000,076,848 | ---- | M] ()
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 17:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation)
(ewido anti-spyware 4.0 guard) ewido anti-spyware 4.0 guard [Disabled | Stopped] -> C:\Program Files\ewido anti-spyware 4.0\guard.exe -> [2006/06/16 09:38:44 | 000,172,032 | ---- | M] (Anti-Malware Development a.s.)
(dlcc_device) dlcc_device [On_Demand | Running] -> C:\WINDOWS\System32\dlcccoms.exe -> [2005/06/21 15:19:38 | 000,491,520 | ---- | M] ()
(IAANTMon) Intel(R) Matrix Storage Event Monitor [Disabled | Stopped] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation)
 
[Driver Services - Safe List]
(mfehidk) McAfee Inc. mfehidk [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\mfehidk.sys -> [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.)
(mfefirek) McAfee Inc. mfefirek [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mfefirek.sys -> [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mfeavfk.sys -> [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.)
(mfeapfk) McAfee Inc. mfeapfk [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mfeapfk.sys -> [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.)
(mfendiskmp) mfendiskmp [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mfendisk.sys -> [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.)
(mfendisk) McAfee Core NDIS Intermediate Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfendisk.sys -> [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.)
(mferkdet) McAfee Inc. mferkdet [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mferkdet.sys -> [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.)
(mfetdi2k) McAfee Inc. mfetdi2k [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mfetdi2k.sys -> [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.)
(cfwids) McAfee Inc. cfwids [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\cfwids.sys -> [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mfebopk.sys -> [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.)
(BVRPMPR5) BVRPMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -> [2010/06/30 03:27:08 | 000,049,904 | R--- | M] (Avanquest Software)
(XET1001Sp50) XET1001Sp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\XET1001Sp50.sys -> [2009/08/24 17:20:36 | 000,035,256 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
(PTDUWWAN) PANTECH UM175 WWAN Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PTDUWWAN.sys -> [2008/08/10 20:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.)
(PTDUVsp) PANTECH UM175 Diagnostic Port [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PTDUVsp.sys -> [2008/08/10 20:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.)
(PTDUMdm) PANTECH UM175 Drivers [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PTDUMdm.sys -> [2008/08/10 20:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.)
(PTDUBus) PANTECH UM175 Composite Device Driver  [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PTDUBus.sys -> [2008/08/10 20:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(CSVirtA) Cisco Systems SSL VPN Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\CSVirtA.sys -> [2007/07/30 20:00:35 | 000,022,136 | ---- | M] (Cisco Systems, Inc.)
(MCSTRM) MCSTRM [Kernel | Auto | Running] -> C:\WINDOWS\System32\drivers\mcstrm.sys -> [2007/07/02 17:33:00 | 000,008,413 | ---- | M] (RealNetworks, Inc.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.)
(DSproct) DSproct [Kernel | On_Demand | Running] -> C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.)
(ewido anti-spyware 4.0 driver) ewido anti-spyware 4.0 driver [Kernel | System | Running] -> C:\Program Files\ewido anti-spyware 4.0\guard.sys -> [2006/06/16 09:38:54 | 000,003,968 | ---- | M] ()
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2005/11/16 14:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.)
(iastor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\iastor.sys -> [2005/06/17 13:33:40 | 000,872,064 | ---- | M] (Intel Corporation)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\e1e5132.sys -> [2005/04/01 00:04:52 | 000,180,736 | ---- | M] (Intel Corporation)
(tfsnudfa) tfsnudfa [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnudfa.sys -> [2004/12/06 02:05:00 | 000,100,603 | ---- | M] (Sonic Solutions)
(tfsnudf) tfsnudf [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnudf.sys -> [2004/12/06 02:05:00 | 000,098,714 | ---- | M] (Sonic Solutions)
(tfsnifs) tfsnifs [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnifs.sys -> [2004/12/06 02:05:00 | 000,086,586 | ---- | M] (Sonic Solutions)
(tfsncofs) tfsncofs [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsncofs.sys -> [2004/12/06 02:05:00 | 000,034,843 | ---- | M] (Sonic Solutions)
(tfsnboio) tfsnboio [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnboio.sys -> [2004/12/06 02:05:00 | 000,025,883 | ---- | M] (Sonic Solutions)
(tfsnopio) tfsnopio [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnopio.sys -> [2004/12/06 02:05:00 | 000,015,227 | ---- | M] (Sonic Solutions)
(tfsnpool) tfsnpool [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnpool.sys -> [2004/12/06 02:05:00 | 000,006,363 | ---- | M] (Sonic Solutions)
(tfsndrct) tfsndrct [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsndrct.sys -> [2004/12/06 02:05:00 | 000,004,123 | ---- | M] (Sonic Solutions)
(tfsndres) tfsndres [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsndres.sys -> [2004/12/06 02:05:00 | 000,002,239 | ---- | M] (Sonic Solutions)
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\drvmcdb.sys -> [2004/12/01 04:22:00 | 000,087,488 | ---- | M] (Sonic Solutions)
(drvnddm) drvnddm [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\drvnddm.sys -> [2004/11/23 03:56:00 | 000,040,480 | ---- | M] (Sonic Solutions)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> C:\WINDOWS\system32\drivers\sscdbhk5.sys -> [2004/07/14 12:29:04 | 000,005,627 | ---- | M] (Sonic Solutions)
(ssrtln) ssrtln [File_System | System | Running] -> C:\WINDOWS\system32\drivers\ssrtln.sys -> [2004/07/14 12:28:50 | 000,023,545 | ---- | M] (Sonic Solutions)
(SDDMI2) SDDMI2 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\DDMI2.sys -> [2004/06/09 11:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.)
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWBS2.sys -> [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.)
(Aspi32) Aspi32 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\ASPI32.SYS -> [2003/06/10 17:51:27 | 000,016,512 | ---- | M] (Adaptec)
(ndiscm) Motorola SurfBoard USB Cable Modem Windows 2000 Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\netmotcm.sys -> [2001/11/06 04:06:28 | 000,015,399 | R--- | M] (Motorola Inc.)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.)
(ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.msn.com/ -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 1 -> 
HKEY_USERS\.DEFAULT\: "ProxyOverride" -> <local> -> 
HKEY_USERS\.DEFAULT\: "ProxyServer" -> http=127.0.0.1:8075 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.msn.com/ -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 1 -> 
HKEY_USERS\S-1-5-18\: "ProxyOverride" -> <local> -> 
HKEY_USERS\S-1-5-18\: "ProxyServer" -> http=127.0.0.1:8075 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 7E 3A 89 92 4A AF CB 01  [binary data] -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: "ProxyEnable" -> 1 -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: "ProxyOverride" -> <local> -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\: "ProxyServer" -> http=127.0.0.1:8075 -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\FireFox\Profiles\m95ly6xp.default\prefs.js -> 
browser.search.defaultenginename -> "Google" ->
browser.search.defaulturl -> "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" ->
browser.search.selectedEngine -> "Google" ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 ->
extensions.enabledItems -> {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} -> C:\Program Files\McAfee\SiteAdvisor [C:\PROGRAM FILES\MCAFEE\SITEADVISOR] -> [2011/01/12 19:43:08 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c} -> C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\GOOGLE\TOOLBAR FOR FIREFOX\{3112CA9C-DE6D-4884-A869-9855DE68056C}] -> [2010/02/14 02:46:36 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT] -> [2010/04/15 07:08:32 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/12/28 11:41:14 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/11/30 15:11:43 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\Extensions -> [2010/01/25 21:46:58 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\Firefox\Profiles\m95ly6xp.default\extensions -> [2011/01/31 13:01:10 | 000,000,000 | ---D | M]
Microsoft .NET Framework Assistant   -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\Firefox\Profiles\m95ly6xp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/02/14 03:09:20 | 000,000,000 | ---D | M]
Google Toolbar for Firefox   -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\Firefox\Profiles\m95ly6xp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} -> [2011/01/31 13:01:10 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 siteadvisor.xml -> C:\Documents and Settings\Carlisle Vereen\Application Data\Mozilla\Firefox\Profiles\m95ly6xp.default\searchplugins\siteadvisor.xml -> [2008/04/13 08:12:54 | 000,000,440 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2011/01/31 12:54:35 | 000,000,000 | ---D | M]
  -> C:\Program Files\Mozilla Firefox\extensions\[email protected] -> [2008/03/31 15:08:40 | 000,000,000 | ---D | M]
RealPlayer Browser Record Plugin -> C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT -> [2010/04/15 07:08:32 | 000,000,000 | ---D | M]
Java Quick Starter -> C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF -> [2009/02/27 19:54:59 | 000,000,000 | ---D | M]
McAfee SiteAdvisor -> C:\PROGRAM FILES\MCAFEE\SITEADVISOR -> [2011/01/12 19:43:08 | 000,000,000 | ---D | M]
< FireFox Components [Program Folders] > -> 
 McFFPlg.dll -> C:\Program Files\McAfee\SiteAdvisor\Components\McFFPlg.dll -> [2010/02/01 08:22:16 | 000,210,216 | ---- | M] (McAfee, Inc.)
< HOSTS File > ([2004/08/10 06:00:00 | 000,000,709 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> c:\Program Files\McAfee\MSK\mskapbho.dll [McAfee Phishing Filter] -> [2010/11/25 15:56:10 | 000,238,056 | ---- | M] ()
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010/04/15 07:08:30 | 000,341,600 | ---- | M] (RealPlayer)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2004/12/06 02:05:00 | 000,118,842 | ---- | M] (Sonic Solutions)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2009/02/27 19:54:58 | 000,320,920 | ---- | M] (Sun Microsystems, Inc.)
{77701e16-9bfe-4b63-a5b4-7bd156758a37} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103232411.dll [scriptproxy] -> [2010/10/13 21:28:54 | 000,073,288 | ---- | M] (McAfee, Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [Google Toolbar Notifier BHO] -> [2010/10/05 21:32:16 | 000,842,296 | ---- | M] (Google Inc.)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2010/02/01 08:22:16 | 000,251,416 | ---- | M] (McAfee, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2010/02/01 08:22:16 | 000,251,416 | ---- | M] (McAfee, Inc.)
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{A2595F37-48D0-46A1-9B51-478591A97764}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AppleSyncNotifier" -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe] -> [2010/03/16 20:58:34 | 000,047,392 | ---- | M] (Apple Inc.)
"CanonMyPrinter" -> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon] -> [2008/03/17 20:06:00 | 001,848,648 | ---- | M] (CANON INC.)
"CanonSolutionMenu" -> C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon] -> [2008/12/11 20:31:00 | 000,722,256 | ---- | M] (CANON INC.)
"DLCCCATS" -> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16] -> [2005/06/07 13:38:10 | 000,069,632 | ---- | M] ()
"dlccmon.exe" -> C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe ["C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"] -> [2005/07/22 14:03:00 | 000,425,984 | ---- | M] (Dell)
"mcui_exe" -> C:\Program Files\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2010/09/30 12:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.)
"TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> [2010/04/15 07:06:17 | 000,202,256 | ---- | M] (RealNetworks, Inc.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe ["C:\Program Files\Windows Defender\MSASCui.exe" -hide] -> [2006/11/03 17:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007/04/03 18:50:13 | 000,068,856 | ---- | M] (Google Inc.)
< RunOnce [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"RealUpgradeHelper" -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe ["C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0"] -> [2010/04/15 07:06:15 | 000,136,744 | ---- | M] (RealNetworks, Inc.)
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007/04/03 18:50:13 | 000,068,856 | ---- | M] (Google Inc.)
< RunOnce [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"RealUpgradeHelper" -> C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe ["C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0"] -> [2010/04/15 07:06:15 | 000,136,744 | ---- | M] (RealNetworks, Inc.)
< Run [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"DellSupport" -> C:\Program Files\DellSupport\DSAgnt.exe ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
"H/PC Connection Agent" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe ["C:\Program Files\Microsoft ActiveSync\wcescomm.exe"] -> [2006/11/13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"ISUSPM" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler] -> [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation)
"rrtuaemk" ->  [C:\DOCUME~1\CARLIS~1\LOCALS~1\Temp\mibouqrni\kklumlxusbs.exe] -> File not found
"SFrLNjqHIa.exe" ->  [C:\DOCUME~1\CARLIS~1\LOCALS~1\Temp\SFrLNjqHIa.exe] -> File not found
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2007/04/03 18:50:13 | 000,068,856 | ---- | M] (Google Inc.)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Carlisle Vereen Startup Folder > -> C:\Documents and Settings\Carlisle Vereen\Start Menu\Programs\Startup -> 
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
\\"NoCDBurning" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"InstallVisualStyle" -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> [2004/08/10 04:39:00 | 001,347,728 | ---- | M] (Microsoft)
\\"InstallTheme" -> C:\WINDOWS\Resources\Themes\Royale.Theme [C:\WINDOWS\Resources\Themes\Royale.theme] -> [2004/07/28 03:03:28 | 000,001,293 | ---- | M] ()
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Button: Create Mobile Favorite] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Menu: Create Mobile Favorite...] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite...] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite...] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}" [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite...] -> [2006/11/13 13:39:34 | 000,158,504 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 16 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 16 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 16 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 16 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\] > -> HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=39204 [Windows Genuine Advantage Validation Tool] -> 
{264AED84-12F1-4CA1-8AA7-EB939AE58D8D} [HKLM] -> https://remote.dixon-hughes.com/CACHE/stc/2/binaries/stcweb.cab [STCWeb Control] -> 
{2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} [HKLM] -> http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab [RhapsodyPlayerEngineCtrl Class] -> 
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [HKLM] -> http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab [McAfee.com Operating System Class] -> 
{6E5E167B-1566-4316-B27F-0DDAB3484CF7} [HKLM] -> http://www.putfile.com/includes/ImageUploader4-5.cab [Image Uploader Control] -> 
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{A82C3A33-5C0E-466C-B020-71585433A7E4} [HKLM] -> https://mycampus.phoenix.edu/secure/PhxStudent15.CAB [PhxStudent.OeSetup15] -> 
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> 
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab [Java Plug-in 1.5.0_09] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> 
{EDFCB7CB-942C-4822-AF14-F0B687409848} [HKLM] -> http://www.putfile.com/includes/ImageUploader4-5.cab [Reg Error: Key error.] -> 
Web-Based Email Tools [HKLM] -> http://email.secureserver.net/Download.CAB [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.1.1 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{EB3B009E-F6CB-4568-A31C-D3B8916F974B}\\DhcpNameServer -> 192.168.1.1   (Intel(R) PRO/1000 PL Network Connection) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
GoToMyPC -> C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll -> [2007/06/20 10:09:16 | 000,010,536 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{874443fe-aa33-4ebf-a6ac-73208787e62d}" [HKLM] -> Reg Error: Key error. [bestreak] -> File not found
< SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler -> 
"bestreak" [HKLM] -> Reg Error: Key error. [{874443fe-aa33-4ebf-a6ac-73208787e62d}] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> C:\Program Files\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 17:20:00 | 000,083,224 | ---- | M] (Microsoft Corporation)
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" [HKLM] -> C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll [ewido anti-spyware 4.0] -> [2006/06/16 09:38:50 | 000,073,728 | ---- | M] (Anti-Malware Development a.s.)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> [2004/09/01 12:56:56 | 000,259,184 | ---- | M] (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2006/11/13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2006/11/13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2006/11/13 13:39:54 | 004,270,888 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\usmt\migwiz.exe" ->  [C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard] -> File not found
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL] -> [2004/09/01 12:56:56 | 000,259,184 | ---- | M] (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL] -> File not found
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" -> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host] -> [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" ->  [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> File not found
"C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe" -> C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe [C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager] -> [2006/09/13 10:32:12 | 000,128,536 | ---- | M] (iAnywhere Solutions, Inc.)
"C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe" -> C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe [C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe:*:Enabled:QuickBooks 2008 Data Manager] -> [2006/09/13 10:32:12 | 000,128,536 | ---- | M] (iAnywhere Solutions, Inc.)
"C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" ->  [C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Disabled:backWeb-7288971] -> File not found
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire] -> [2007/01/29 16:33:41 | 000,122,880 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2006/11/13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2006/11/13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2006/11/13 13:39:54 | 004,270,888 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" -> C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe [C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software] -> [2010/08/25 18:19:00 | 003,342,168 | ---- | M] (Research In Motion)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Disabled:TurboTax] -> [2007/03/08 00:25:56 | 009,950,760 | ---- | M] (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Disabled:TurboTax Update Manager] -> [2007/03/20 16:47:04 | 003,679,784 | ---- | M] (Intuit, Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/08/16 05:43:04 | 000,000,000 | ---- | M] ()
D:\Autorun.exe [MZ | ] -> D:\Autorun.exe [ CDFS ] -> [2008/02/21 19:43:08 | 000,358,248 | R--- | M] (NETGEAR Inc.)
D:\autorun.inf [[autorun] | OPEN=autorun.exe | ICON=autorun.exe | ] -> D:\autorun.inf [ CDFS ] -> [2006/09/15 04:17:00 | 000,000,045 | R--- | M] ()
J:\Autotrader ad number.doc [ÐÏà¡±á | ] -> J:\Autotrader ad number.doc [ NTFS ] -> [2005/12/27 20:11:09 | 000,024,064 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{361ac05d-0e0d-11da-9aa9-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\\"" ->  [E:\setup.exe] -> File not found
\{36404342-e6a9-11de-b898-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36404342-e6a9-11de-b898-00038a000015}\Shell\AutoRun\command
\{36404342-e6a9-11de-b898-00038a000015}\Shell\AutoRun\command\\"" ->  [K:\slacker.synclauncher.exe] -> File not found
\{36404342-e6a9-11de-b898-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36404342-e6a9-11de-b898-00038a000015}\Shell\slacker\command
\{36404342-e6a9-11de-b898-00038a000015}\Shell\slacker\command\\"" ->  [K:\slacker.synclauncher.exe] -> File not found
\{965a97f4-4972-11de-b865-7a8020000200}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{965a97f4-4972-11de-b865-7a8020000200}\Shell
\{965a97f4-4972-11de-b865-7a8020000200}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{965a97f4-4972-11de-b865-7a8020000200}\Shell\AutoRun
\{965a97f4-4972-11de-b865-7a8020000200}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{965a97f4-4972-11de-b865-7a8020000200}\Shell\AutoRun\command
\{965a97f4-4972-11de-b865-7a8020000200}\Shell\AutoRun\command\\"" ->  [J:\LaunchU3.exe -a] -> File not found
\{978872b5-65fe-11de-b86f-00038a000015}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{978872b5-65fe-11de-b86f-00038a000015}\Shell
\{978872b5-65fe-11de-b86f-00038a000015}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{978872b5-65fe-11de-b86f-00038a000015}\Shell\AutoRun
\{978872b5-65fe-11de-b86f-00038a000015}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{978872b5-65fe-11de-b86f-00038a000015}\Shell\AutoRun\command
\{978872b5-65fe-11de-b86f-00038a000015}\Shell\AutoRun\command\\"" ->  [J:\LaunchU3.exe -a] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias ->  -> File not found
Iprip ->  -> File not found
Irmon ->  -> File not found
NWCWorkstation ->  -> File not found
Nwsapagent ->  -> File not found
WmdmPmSp ->  -> File not found
*MultiFile Done* -> -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
batfile [open] -> "%1" %* -> 
cmdfile [open] -> "%1" %* -> 
comfile [open] -> "%1" %* -> 
cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> 
exefile [open] -> "%1" %* -> 
piffile [open] -> "%1" %* -> 
scrfile [config] -> "%1" -> 
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> 
scrfile [open] -> "%1" /S -> 
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> 
Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 2/7/2011 4:12:33 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 4:12:33 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 4:12:33 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 4:12:33 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 7:20:02 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established  
Application [ Error ] 2/7/2011 7:20:02 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 7:20:02 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 2/7/2011 9:33:54 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established  
Application [ Error ] 2/7/2011 9:33:55 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established  
Application [ Error ] 2/8/2011 9:00:01 PM Computer Name = VEREENDESKTOP | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established  
System [ Error ] 1/15/2011 12:18:26 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 12:28:57 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 2:20:11 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 2:50:46 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 3:21:22 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 3:51:57 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 6:23:23 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 8:14:26 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/15/2011 8:55:07 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register with DCOM within the required timeout.
System [ Error ] 1/16/2011 4:34:34 PM Computer Name = VEREENDESKTOP | Source = DCOM | ID = 10010 -> Description = The server {211EBA3A-EA5A-496B-A021-5C6BEB365E4C} did not register with DCOM within the required timeout.
 
[Files/Folders - Created Within 30 Days]
 OTS.exe -> C:\Documents and Settings\Carlisle Vereen\Desktop\OTS.exe -> [2011/02/09 11:55:12 | 000,642,560 | ---- | C] (OldTimer Tools)
 McAfee -> C:\Documents and Settings\All Users\Start Menu\Programs\McAfee -> [2011/02/09 11:53:47 | 000,000,000 | ---D | C]
 shimgvw.dll -> C:\WINDOWS\System32\dllcache\shimgvw.dll -> [2011/01/21 09:44:37 | 000,439,296 | ---- | C] (Microsoft Corporation)
 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 1 C:\Documents and Settings\Carlisle Vereen\My Documents\*.tmp files -> C:\Documents and Settings\Carlisle Vereen\My Documents\*.tmp -> 
 1 C:\*.tmp files -> C:\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2011/02/09 12:01:11 | 000,000,868 | ---- | M] ()
 MP Scheduled Scan.job -> C:\WINDOWS\tasks\MP Scheduled Scan.job -> [2011/02/09 11:56:30 | 000,000,330 | -H-- | M] ()
 wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/02/09 11:54:28 | 000,002,206 | ---- | M] ()
 RealUpgradeLogonTaskS-1-5-21-859784056-323955481-3049035749-1005.job -> C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-859784056-323955481-3049035749-1005.job -> [2011/02/09 11:53:26 | 000,000,298 | ---- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2011/02/09 11:53:25 | 000,000,882 | ---- | M] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/02/09 11:53:18 | 000,002,048 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2011/02/09 11:53:15 | 1071,812,608 | -HS- | M] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/02/09 11:53:15 | 000,251,088 | ---- | M] ()
 OTS.exe -> C:\Documents and Settings\Carlisle Vereen\Desktop\OTS.exe -> [2011/02/09 11:51:50 | 000,642,560 | ---- | M] (OldTimer Tools)
 imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2011/02/09 03:11:42 | 000,001,355 | ---- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2011/02/09 02:50:03 | 000,000,886 | ---- | M] ()
 RealUpgradeScheduledTaskS-1-5-21-859784056-323955481-3049035749-1005.job -> C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-859784056-323955481-3049035749-1005.job -> [2011/02/08 18:59:01 | 000,000,306 | ---- | M] ()
 Path Test 1 from Oral Path 2.pdf -> C:\Documents and Settings\Carlisle Vereen\Desktop\Path Test 1 from Oral Path 2.pdf -> [2011/02/07 18:47:22 | 003,511,556 | ---- | M] ()
 OralPathII.doc.doc -> C:\Documents and Settings\Carlisle Vereen\Desktop\OralPathII.doc.doc -> [2011/02/07 18:41:00 | 000,432,640 | ---- | M] ()
 mcs.rma -> C:\WINDOWS\System32\mcs.rma -> [2011/02/06 22:55:07 | 000,870,128 | ---- | M] ()
 AE64AB -> C:\WINDOWS\System32\AE64AB -> [2011/02/06 22:55:07 | 000,000,004 | ---- | M] ()
 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2011/01/27 08:15:03 | 000,000,284 | ---- | M] ()
 shell32.dll -> C:\WINDOWS\System32\dllcache\shell32.dll -> [2011/01/21 09:44:37 | 008,462,336 | ---- | M] (Microsoft Corporation)
 shimgvw.dll -> C:\WINDOWS\System32\dllcache\shimgvw.dll -> [2011/01/21 09:44:37 | 000,439,296 | ---- | M] (Microsoft Corporation)
 Router_Setup.html -> C:\Documents and Settings\Carlisle Vereen\Desktop\Router_Setup.html -> [2011/01/20 12:12:18 | 000,006,027 | ---- | M] ()
 Resume for Carlisle.doc -> C:\Documents and Settings\Carlisle Vereen\My Documents\Resume for Carlisle.doc -> [2011/01/17 18:28:19 | 000,029,696 | ---- | M] ()
 521 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
 521 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
 170 C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\*.tmp -> 
 170 C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Carlisle Vereen\Local Settings\Temp\*.tmp -> 
 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 1 C:\Documents and Settings\Carlisle Vereen\My Documents\*.tmp files -> C:\Documents and Settings\Carlisle Vereen\My Documents\*.tmp -> 
 1 C:\*.tmp files -> C:\*.tmp -> 
 
[Files - No Company Name]
 Path Test 1 from Oral Path 2.pdf -> C:\Documents and Settings\Carlisle Vereen\Desktop\Path Test 1 from Oral Path 2.pdf -> [2011/02/07 18:52:29 | 003,511,556 | ---- | C] ()
 OralPathII.doc.doc -> C:\Documents and Settings\Carlisle Vereen\Desktop\OralPathII.doc.doc -> [2011/02/07 18:52:29 | 000,432,640 | ---- | C] ()
 Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2011/01/17 17:55:46 | 000,000,868 | ---- | C] ()
 FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2010/09/12 15:44:31 | 000,941,864 | ---- | C] ()
 Rim.Desktop.Exception.log -> C:\Documents and Settings\Carlisle Vereen\Application Data\Rim.Desktop.Exception.log -> [2010/09/03 09:53:56 | 000,000,308 | ---- | C] ()
 Rim.Desktop.HttpServerSetup.log -> C:\Documents and Settings\Carlisle Vereen\Application Data\Rim.Desktop.HttpServerSetup.log -> [2010/09/03 07:26:08 | 000,001,518 | ---- | C] ()
 avdrn.dat -> C:\Documents and Settings\Carlisle Vereen\Application Data\avdrn.dat -> [2010/08/30 11:25:15 | 000,000,004 | ---- | C] ()
 MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2008/05/20 14:42:25 | 000,000,118 | ---- | C] ()
 QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2007/10/17 16:14:22 | 000,001,751 | ---- | C] ()
 qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2007/07/09 14:07:50 | 003,596,288 | ---- | C] ()
 DivXWMPExtType.dll -> C:\WINDOWS\System32\DivXWMPExtType.dll -> [2007/07/09 14:05:28 | 000,012,288 | ---- | C] ()
 G-Force Prefs (WindowsMediaPlayer).txt -> C:\Documents and Settings\Carlisle Vereen\Application Data\G-Force Prefs (WindowsMediaPlayer).txt -> [2007/04/03 09:08:15 | 000,000,196 | ---- | C] ()
 $_hpcst$.hpc -> C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc -> [2007/01/01 13:00:03 | 000,002,508 | ---- | C] ()
 $_hpcst$.hpc -> C:\Documents and Settings\Carlisle Vereen\Application Data\$_hpcst$.hpc -> [2006/12/22 16:02:09 | 000,002,528 | ---- | C] ()
 cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2006/10/14 08:43:53 | 000,003,735 | ---- | C] ()
 pmm.INI -> C:\WINDOWS\pmm.INI -> [2006/05/27 12:35:11 | 000,000,026 | ---- | C] ()
 PhatMan.ini -> C:\WINDOWS\PhatMan.ini -> [2006/05/27 12:34:45 | 000,000,000 | ---- | C] ()
 zlbw.dll -> C:\WINDOWS\System32\zlbw.dll -> [2006/04/24 15:44:08 | 000,046,592 | ---- | C] ()
 G-Force Prefs (WindowsMediaPlayer).txt -> C:\Documents and Settings\LocalService\Application Data\G-Force Prefs (WindowsMediaPlayer).txt -> [2006/03/29 15:12:26 | 000,000,187 | ---- | C] ()
 KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2006/02/05 15:13:05 | 000,003,350 | -HS- | C] ()
 92ADE0EEF6.sys -> C:\WINDOWS\System32\92ADE0EEF6.sys -> [2006/02/05 15:13:05 | 000,000,056 | RHS- | C] ()
 expat.dll -> C:\WINDOWS\System32\expat.dll -> [2006/01/20 15:59:46 | 000,111,376 | ---- | C] ()
 agcrypto.dll -> C:\WINDOWS\System32\agcrypto.dll -> [2006/01/20 15:59:46 | 000,040,712 | ---- | C] ()
 PFP120JPR.{PB -> C:\Documents and Settings\Carlisle Vereen\Application Data\PFP120JPR.{PB -> [2005/12/27 19:44:07 | 000,061,678 | ---- | C] ()
 PFP120JCM.{PB -> C:\Documents and Settings\Carlisle Vereen\Application Data\PFP120JCM.{PB -> [2005/12/27 19:44:07 | 000,012,358 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Carlisle Vereen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2005/12/02 18:35:32 | 000,065,024 | ---- | C] ()
 ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/11/29 19:40:57 | 000,000,376 | ---- | C] ()
 fusioncache.dat -> C:\Documents and Settings\Carlisle Vereen\Local Settings\Application Data\fusioncache.dat -> [2005/11/29 14:54:14 | 000,000,138 | ---- | C] ()
 smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/11/22 01:47:04 | 000,000,061 | ---- | C] ()
 wininit.ini -> C:\WINDOWS\wininit.ini -> [2005/11/22 01:40:02 | 000,000,187 | ---- | C] ()
 OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2005/11/22 01:14:08 | 000,000,387 | ---- | C] ()
 fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/08/16 05:37:24 | 000,001,793 | ---- | C] ()
 ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2005/08/16 05:33:38 | 000,004,161 | ---- | C] ()
 psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2005/08/05 15:01:54 | 000,235,008 | ---- | C] ()
 dlccinsr.dll -> C:\WINDOWS\System32\dlccinsr.dll -> [2005/07/22 14:48:28 | 000,106,496 | ---- | C] ()
 dlcccur.dll -> C:\WINDOWS\System32\dlcccur.dll -> [2005/07/22 14:48:24 | 000,036,864 | ---- | C] ()
 dlccjswr.dll -> C:\WINDOWS\System32\dlccjswr.dll -> [2005/07/22 14:48:06 | 000,131,072 | ---- | C] ()
 dlccinsb.dll -> C:\WINDOWS\System32\dlccinsb.dll -> [2005/07/22 14:47:20 | 000,176,128 | ---- | C] ()
 dlcccub.dll -> C:\WINDOWS\System32\dlcccub.dll -> [2005/07/22 14:47:14 | 000,086,016 | ---- | C] ()
 dlcccu.dll -> C:\WINDOWS\System32\dlcccu.dll -> [2005/07/22 14:47:08 | 000,073,728 | ---- | C] ()
 dlccins.dll -> C:\WINDOWS\System32\dlccins.dll -> [2005/07/22 14:47:06 | 000,155,648 | ---- | C] ()
 dlccutil.dll -> C:\WINDOWS\System32\dlccutil.dll -> [2005/07/22 14:45:22 | 000,430,080 | ---- | C] ()
 dlccpmui.dll -> C:\WINDOWS\System32\dlccpmui.dll -> [2005/06/21 15:27:56 | 000,638,976 | ---- | C] ()
 dlccserv.dll -> C:\WINDOWS\System32\dlccserv.dll -> [2005/06/21 15:27:02 | 001,183,744 | ---- | C] ()
 dlcclmpm.dll -> C:\WINDOWS\System32\dlcclmpm.dll -> [2005/06/21 15:22:06 | 000,483,328 | ---- | C] ()
 dlcccomm.dll -> C:\WINDOWS\System32\dlcccomm.dll -> [2005/06/21 15:21:40 | 000,413,696 | ---- | C] ()
 dlccpplc.dll -> C:\WINDOWS\System32\dlccpplc.dll -> [2005/06/21 15:19:48 | 000,114,688 | ---- | C] ()
 dlcccomc.dll -> C:\WINDOWS\System32\dlcccomc.dll -> [2005/06/21 15:18:58 | 000,704,512 | ---- | C] ()
 dlccprox.dll -> C:\WINDOWS\System32\dlccprox.dll -> [2005/06/21 15:18:24 | 000,155,648 | ---- | C] ()
 dlccusb1.dll -> C:\WINDOWS\System32\dlccusb1.dll -> [2005/06/21 15:12:48 | 001,134,592 | ---- | C] ()
 dlcchbn3.dll -> C:\WINDOWS\System32\dlcchbn3.dll -> [2005/06/21 15:09:22 | 000,770,048 | ---- | C] ()
 dlcccfg.dll -> C:\WINDOWS\System32\dlcccfg.dll -> [2005/06/06 10:58:38 | 000,065,536 | ---- | C] ()
 px.ini -> C:\WINDOWS\System32\px.ini -> [2005/05/04 19:54:50 | 000,000,000 | ---- | C] ()
 xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2005/04/27 19:03:56 | 000,679,936 | ---- | C] ()
 xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2005/04/27 19:03:56 | 000,155,648 | ---- | C] ()
 dlccvs.dll -> C:\WINDOWS\System32\dlccvs.dll -> [2005/03/30 10:19:58 | 000,040,960 | ---- | C] ()
 
[File - Lop Check]
 CanonBJ -> C:\Documents and Settings\All Users\Application Data\CanonBJ -> [2010/01/04 16:48:40 | 000,000,000 | -H-D | M]
 CanonIJ -> C:\Documents and Settings\All Users\Application Data\CanonIJ -> [2010/10/20 21:41:29 | 000,000,000 | ---D | M]
 CanonIJEPPEX -> C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX -> [2010/06/20 20:47:07 | 000,000,000 | -H-D | M]
 CanonIJMyPrinter -> C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter -> [2010/01/04 17:37:03 | 000,000,000 | -H-D | M]
 CanonIJPLM -> C:\Documents and Settings\All Users\Application Data\CanonIJPLM -> [2011/02/07 18:52:45 | 000,000,000 | ---D | M]
 CanonIJScan -> C:\Documents and Settings\All Users\Application Data\CanonIJScan -> [2010/01/06 16:52:58 | 000,000,000 | -H-D | M]
 CanonIJSolutionMenu -> C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu -> [2010/01/04 17:37:05 | 000,000,000 | -H-D | M]
 Citrix -> C:\Documents and Settings\All Users\Application Data\Citrix -> [2008/04/12 14:27:19 | 000,000,000 | ---D | M]
 COMMON FILES -> C:\Documents and Settings\All Users\Application Data\COMMON FILES -> [2007/11/11 11:28:23 | 000,000,000 | ---D | M]
 DIGStream -> C:\Documents and Settings\All Users\Application Data\DIGStream -> [2005/08/16 21:54:52 | 000,000,000 | ---D | M]
 Research In Motion -> C:\Documents and Settings\All Users\Application Data\Research In Motion -> [2010/09/03 07:29:32 | 000,000,000 | ---D | M]
 SupportSoft -> C:\Documents and Settings\All Users\Application Data\SupportSoft -> [2008/06/14 10:41:51 | 000,000,000 | ---D | M]
 SyncClient -> C:\Documents and Settings\All Users\Application Data\SyncClient -> [2005/11/30 17:52:41 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2007/10/24 16:31:34 | 000,000,000 | ---D | M]
 WinZip -> C:\Documents and Settings\All Users\Application Data\WinZip -> [2007/06/30 17:41:23 | 000,000,000 | ---D | M]
 {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2010/04/01 07:48:50 | 000,000,000 | ---D | M]
 {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2010/02/21 11:49:42 | 000,000,000 | ---D | M]
 {8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> [2009/07/14 11:55:12 | 000,000,000 | ---D | M]
 Blackberry Desktop -> C:\Documents and Settings\Carlisle Vereen\Application Data\Blackberry Desktop -> [2009/03/10 11:01:55 | 000,000,000 | ---D | M]
 Canon -> C:\Documents and Settings\Carlisle Vereen\Application Data\Canon -> [2010/12/20 18:56:42 | 000,000,000 | ---D | M]
 com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Documents and Settings\Carlisle Vereen\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2008/07/21 08:41:04 | 000,000,000 | ---D | M]
 Leadertech -> C:\Documents and Settings\Carlisle Vereen\Application Data\Leadertech -> [2005/12/12 16:16:53 | 000,000,000 | ---D | M]
 LimeWire -> C:\Documents and Settings\Carlisle Vereen\Application Data\LimeWire -> [2007/05/01 15:26:44 | 000,000,000 | ---D | M]
 Research In Motion -> C:\Documents and Settings\Carlisle Vereen\Application Data\Research In Motion -> [2010/09/03 09:54:23 | 000,000,000 | ---D | M]
 RIM Palm&PPC Upgrade Wizard -> C:\Documents and Settings\Carlisle Vereen\Application Data\RIM Palm&PPC Upgrade Wizard -> [2009/02/13 22:12:16 | 000,000,000 | ---D | M]
 Smith Micro -> C:\Documents and Settings\Carlisle Vereen\Application Data\Smith Micro -> [2009/03/19 18:03:13 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\Carlisle Vereen\Application Data\Viewpoint -> [2007/10/24 16:31:39 | 000,000,000 | ---D | M]
 SACore -> C:\Documents and Settings\LocalService\Application Data\SACore -> [2009/05/28 03:29:39 | 000,000,000 | ---D | M]
 MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [2011/02/09 11:56:30 | 000,000,330 | -H-- | M] ()
 
[File - Purity Scan]
 
 
[Alternate Data Streams]
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\01-26-08 Dyno for E36M3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\02-05-2008 01;09;49PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\03-27-2006 04;45;18PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\03-27-2006 04;46;23PM.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\04-01-2008 04;48;11PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;24;58PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;26;21PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;27;22PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;29;32PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;31;08PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;34;40PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;37;48PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;39;50PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\05-28-2009 01;47;28PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\06-10-2008 09;37;48AM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\06-11-2007 09;05;18PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\06-23-2008 12;51;30PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\07-08-2008 08;37;46PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\07-16-2009 12;58;54PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\07-27-2008 01;49;07PM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\07-31-2009 09;50;08AM.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\12132005 MGT578Calendar(1).xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\14.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\1491_001.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\15.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\16.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\19.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\1905 Daytona race.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\22.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\22222.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\23.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\24.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\3.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\A Critical Review of Motorcycle Diaries.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\AADSAS.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Active Autowerke.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Add for CF hood.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Arabian Nights Paper.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Autotrader ad number.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Avon.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\BentleyBMW-E36ServiceManual.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Brake pads catalog.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\BS2.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\BS2.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Buck2.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Buck3.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\BuckBS.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\BuckBSgood.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\buckone.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\buddhist_readings_1_1.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\businessoffice.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\camcorder manual.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Carl Bartley.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Carlisle Major Vereen III Resume.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Carlisle_Vereen_203PAPER.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Catherine II of Russia.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Catherine the Great.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\certificate.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Charleston Area BMWCCA Events 07-08.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Charlie 98 Contact List_070806.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Chem ch 1.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Claim for loss or damage to personal property.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Clean Vereen 2008 tax worksheet.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\CPR Essay.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\CPR login.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\CPR text.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Cumulative Essay.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\DMD_2012.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\dogfight speech notes.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Dogfight Speech.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Dogfight Speech1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\donation.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Ebay address change.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Enrollment Letter.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Environmental Analysis-Vereen.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\ER for RELS 105.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\ergo.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Escort Passport 8500 X50 Laser.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Fat [bleep] Goes on an Interview.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Fedex tracking number for ipod.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\fiancen.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Food Log.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Fries.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Gamerltaxcalcs.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Go Ahead and Change the On.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\God of War 2 Walkthrough.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Greybook-0206.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Grill order.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Guiding Questions.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Half.com dispute.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\http.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\I am resigning from Dixon Hughes and this is why.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\I think employee.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Ilauncher key code.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\INCOMETAXBOOK040307.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Individual.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Intelligentsia.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\iPod_Click_Wheel_UserGuide.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\James Island Outreach.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\John Belush SPEAKING.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\John Belush1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\john belushi.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\John Belushi.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\johnsadress.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Keystone Concrete.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Koko the Gorilla.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\LACS 101.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\lacs final 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\lacs final.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Lagniappe's Stuff.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\lotiongreensong1.mov:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\LT-A Charter MGT578.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Martin Gallery 2007 Bank Recon.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Master Promissory Note.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\May 16.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\med terms xtra credit.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Membership%20Record%20Form%202004.10.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\mitchell_vs_aj_final.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\mpn.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\MUSC Application Verification.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\MUSC health ins.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\My Impressions of Beethoven.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\My roommate and I.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Nanobiotechnology Essay.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Nanotech HW 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Nanotech paper #3.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\nanotech paper.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\network settings.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Nutrition Assignment.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Nutrition Final.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\OAS Crap.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\October 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Orientation___Summary_of_benefits.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1010053.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1010054.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130061.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130062.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130063.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130064.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130065.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130066.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130067.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130068.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130069.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130070.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130071.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130072.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130073.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130074.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130075.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130076.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130077.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130078.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130079.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130080.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130081.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130082.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130083.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130084.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130085.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130086.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130087.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130088.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130089.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130090.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130091.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\P1130092.MOV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Package 1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Page 1 of 2Print Your Full Name.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Personal Statement for MUSC.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\pm to jay mic.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\PreventiveDentistryExam (#$).doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\PreventiveDentistryExam[1].doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\pricing.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Professional Fax.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Professional.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Psyc 101 xtra credit.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Purchase Confirmed.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Reflection Paper-vereen.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Reflection.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\REQUIREMENTS TO BE LICENSED AS A CPA.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Response for Some Girls.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Resume for Carlisle.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Router Settings.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Russian Autocrats.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Russian Revolution of 1917.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\scesc.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\schoolletter.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Schrodinger's Cat Essay.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\seenoutside.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Separation Agreement.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\settlement agreement.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\SEXYDISCO.pps:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Sleep Apnea  1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\sleep log write up.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Sleep Log.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\soul_food1.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\spring 08 enrollment.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\SPRING 2006 SYLLABUS BIOL 111.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\staffing.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\strategic_plan - vereen.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\strategic_plan - vereen1.rtf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\strategic_plan_overview.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Take Home Test.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TaliVereen_scoverletter[1].doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TaliVereen_scoverletter2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TaliVereen_scoverletter3.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TaliVereen'scoverletter.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TaliVereen'sresume.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Team B - Business Plan_rev 3.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Team B - Business Plan_rev 4.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Thank You for Choosing Kaplan.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\The connection to the server has failed.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\The_Greatest_Prank_Call_Ever_WMV_V8.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Think paper.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Thought.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Tire Order.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Tonyas_scoverletter[1].doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Tonya'sresume.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\treyscorrections.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\TV Manual.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\understeer.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Unknown 22.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Vareen Memo 4-21-06.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Veteran's survival guide.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00003.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00004.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00005.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00006.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00007.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00008.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIDEO_00009.mp4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\VIN #.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\vision_of_krishna.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Walter Blomberg.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\week2paper.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\week3dq1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Win Zip registration.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\wireless settings.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Wizards_of_Winter___SM.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\wk 3 dq 1 and 3.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\wk3dqs.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Your order ID is.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Carlisle Vereen\My Documents\Your Shopping Essentials membership has been cancelled per your membership terms.doc:Roxio EMC Stream
< End of report >

#7
Essexboy

Posted 09 February 2011 - 01:17 PM

GeekU Moderator

Retired Staff
69,964 posts

Download the attached fix.txt

[attachment=47730:fix.txt]

Start OTS. click the Run Fix button.
A dialogue will pop up asking for the loacation of fix.txt
Locate the text file you downloaded to the USB and select it

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

Then on the infected system go online and download then run MBAM

Posted Image

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

#8
m powrd

Posted 09 February 2011 - 02:28 PM

New Member

Topic Starter
Member
8 posts

I am posting this with the sick desktop. I am downloading MBAM now and will be running it shortly. Here is the report:

All Processes Killed
[Registry - Safe List]
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer deleted successfully.
Unable to delete registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable .
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer not found.
Registry value HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable deleted successfully.
Registry value HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77701e16-9bfe-4b63-a5b4-7bd156758a37}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77701e16-9bfe-4b63-a5b4-7bd156758a37}\ not found.
Registry value HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\rrtuaemk deleted successfully.
Registry value HKEY_USERS\S-1-5-21-859784056-323955481-3049035749-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SFrLNjqHIa.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\bestreak deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{874443fe-aa33-4ebf-a6ac-73208787e62d}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\bestreak deleted successfully.
J:\Autotrader ad number.doc moved successfully.
[Files/Folders - Modified Within 30 Days]
C:\WINDOWS\System32\AE64AB moved successfully.
[Custom Items]
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Carlisle Vereen\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Carlisle Vereen\Desktop\cmd.txt deleted successfully.
[Empty Temp Folders]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Carlisle Vereen
->Temp folder emptied: 112482233 bytes
->Temporary Internet Files folder emptied: 24073797 bytes
->Java cache emptied: 77640183 bytes
->FireFox cache emptied: 87762588 bytes
->Flash cache emptied: 1265358 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 538078 bytes
->Flash cache emptied: 8280 bytes

User: NetworkService
->Temp folder emptied: 1395931 bytes
->Temporary Internet Files folder emptied: 29982415 bytes

%systemdrive% .tmp files removed: 14648 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 234572585 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91217332 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 631.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Carlisle Vereen
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTS Restore Point (0)
< End of fix log >
OTS by OldTimer - Version 3.1.41.4 fix logfile created on 02092011_151124

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#9
Essexboy

Posted 09 February 2011 - 02:32 PM

GeekU Moderator

Retired Staff
69,964 posts

#10
m powrd

Posted 09 February 2011 - 03:28 PM

New Member

Topic Starter
Member
8 posts

Here is the log after running MBAM:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5722

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/9/2011 4:17:41 PM
mbam-log-2011-02-09 (16-17-41).txt

Scan type: Quick scan
Objects scanned: 165271
Time elapsed: 6 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{96E6B1C3-B5D0-89CC-4909-92D85A48B1A0} (Rogue.SpyHeal) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\yr87fk3d2dnszapq2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\AV8 (Rogue.Antivirus8) -> Quarantined and deleted successfully.
c:\program files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\carlisle vereen\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\carlisle vereen\favorites\online security test.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\AV8\av8.exe.tmp1 (Rogue.Antivirus8) -> Quarantined and deleted successfully.

#11
Essexboy

Posted 09 February 2011 - 04:01 PM

GeekU Moderator

Retired Staff
69,964 posts

What are your current problems ?

#12
m powrd

Posted 09 February 2011 - 05:03 PM

New Member

Topic Starter
Member
8 posts

The internet is working but the computer is running slow

#13
Essexboy

Posted 10 February 2011 - 12:08 PM

GeekU Moderator

Retired Staff
69,964 posts

OK then I will remove my tools and tackle the speed problem. Once this is complete can you let me know if there was any improvement

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Empty Temp Folders]
[EmptyFlash]
[ClearAllRestorePoints]

Run OTS again and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove . But it is a useful tool to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 23.
Click the "Download" button to the right.
Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
Click on Continue.
Click on the link to download Windows Offline Installation (jre-6u23-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u23-windows-i586-p.exe and select "Run as an Administrator.")

SPRING CLEAN

To manually create a new Restore Point

Go to Control Panel and select System
Select System
On the left select System Protection and accept the warning if you get one
Select System Protection Tab
Select Create at the bottom
Type in a name i.e. Clean
Select Create

Now we can purge the infected ones

GoStart > All programs > Accessories > system tools page
Select Performance Information and Tools
Right click Disc cleanup an select run as administrator
Select Your main drive and accept the warning if you get one
For a few moments the system will make some calculations
Select the More Options tab
In the System Restore and Shadow Backups select Clean up
Select Delete on the pop up
Select OK
Select Delete

Final stretch

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check

Posted Image

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image

Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe

#14
m powrd

Posted 11 February 2011 - 05:07 PM

New Member

Topic Starter
Member
8 posts

Back up to speed! Thanks for all your help! I'm gonna tell everyone about this place...you guys rock!!!

#15
Essexboy

Posted 12 February 2011 - 04:09 AM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.