Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Multiple Symptoms have hit at once

Started by Gotta Learn Dis Stuff , Mar 25 2011 07:17 AM

  • Please log in to reply

#1
Gotta Learn Dis Stuff
Posted 25 March 2011 - 07:17 AM

Gotta Learn Dis Stuff

    New Member

  • Member
  • Pip
  • 3 posts
My computer has picked up something nasty. I was being constantly redirected to ad sites while surfing, so I decided to shut down, reboot in safe mode and run mbam to clean up. The computer would not boot in safe mode. It would run throught the driver checks and get to the MUP.SYS point and just hng there after hitting the "enter" as instructed. Not good. I logged back in with last know good configuration, made sure all my malware programs had current files and ran them all. I also used AVAST to check for virus (nothing found). At this point I also started experiencing the Just-in-time debugger window poping up every few seconds. If I tried to run the debugger I would get a runtime error, or it would begin to debug and run into an error. It would never complete the debug process. Anyway, I ran mbam, spybot and super antispyware and came up with a few Trojan horses, several tracking cookies and one item that over rode my windows firewall. once I removed all of these items I was able to restore the firewall but still experience the same symptoms (redirected, JIT pop up, can't boot in safe mode). One additional odd thing is that I can't seem to open the Windows Update page. I get the standard "Internet Explorer cannot display the webpage" message. When I hit the "diagnose connection problems" link it tells me that there is no problem and and when I checked the connection log it says that it successfully connected to microsoft.com???

Any and all help will be greatly appreciated. OTL log copied here. Thank you.

OTL logfile created on: 3/25/2011 12:21:33 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\jwoodings\Desktop\Utilities
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.99 Gb Total Space | 22.17 Gb Free Space | 14.88% Space Free | Partition Type: NTFS
Drive E: | 80.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SFTY-JWOODINGS- | User Name: JWoodings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/24 23:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jwoodings\Desktop\Utilities\OTL.exe
PRC - [2011/03/24 20:36:48 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/06 15:06:54 | 001,004,840 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
PRC - [2010/08/06 15:06:54 | 000,972,072 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
PRC - [2010/08/06 15:06:54 | 000,296,224 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\Temp\UP699B.EXE
PRC - [2010/08/06 15:00:28 | 000,435,576 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/08/06 05:33:13 | 000,438,272 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe
PRC - [2009/01/13 11:28:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/25 09:00:46 | 000,574,808 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2007/05/14 15:21:40 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/02/01 10:21:22 | 001,466,368 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/01/30 11:37:42 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxbmcoms.exe
PRC - [2006/05/31 15:06:16 | 000,199,168 | ---- | M] (DameWare Development LLC) -- C:\WINDOWS\system32\DWRCS.EXE
PRC - [2006/05/23 11:22:26 | 000,071,680 | ---- | M] (DameWare Development) -- C:\WINDOWS\system32\DWRCST.EXE


========== Modules (SafeList) ==========

MOD - [2011/03/24 23:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jwoodings\Desktop\Utilities\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007/01/30 16:31:50 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2007/01/30 16:30:30 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2010/09/27 15:52:45 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/06 15:06:54 | 001,004,840 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe -- (tmlisten)
SRV - [2010/08/06 15:06:54 | 000,972,072 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe -- (ntrtscan)
SRV - [2010/08/06 15:00:14 | 000,652,552 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2010/06/07 15:28:17 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/08/06 05:33:13 | 000,438,272 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2009/01/13 11:28:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/09/25 09:00:46 | 000,574,808 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007/05/14 15:21:40 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/02/01 10:21:22 | 001,466,368 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/01/30 11:37:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxbmcoms.exe -- (lxbm_device)
SRV - [2007/01/29 22:59:58 | 000,487,424 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2006/05/31 15:06:16 | 000,199,168 | ---- | M] (DameWare Development LLC) [Auto | Running] -- C:\WINDOWS\System32\DWRCS.EXE -- (DWMRCS)


========== Driver Services (SafeList) ==========

DRV - [2010/12/01 15:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/11/11 19:11:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/10/20 19:45:16 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2010/10/20 19:45:06 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2010/10/20 19:30:02 | 001,331,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\VsapiNT.sys -- (VSApiNt)
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/07/08 10:52:32 | 000,231,424 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/14 20:29:22 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/01 15:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/09/22 03:41:10 | 000,078,736 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/09/22 03:38:28 | 000,142,992 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/08/12 07:13:32 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2009/08/12 07:13:32 | 000,113,680 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2009/08/12 07:13:32 | 000,054,416 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2009/08/12 07:13:28 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2009/08/12 07:13:28 | 000,011,920 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUWFLT.sys -- (PTDUWFLT)
DRV - [2009/02/13 15:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/13 11:27:38 | 000,306,811 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/10/02 14:51:15 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2008/09/30 08:11:56 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MovRVDrv32.sys -- (MovRVDrv32)
DRV - [2008/09/30 08:11:54 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SndTDriverV32.sys -- (SndTDriverV32)
DRV - [2008/08/28 17:17:38 | 000,131,856 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/12/23 17:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/11/14 18:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/10/09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/07/23 15:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/07/10 04:14:16 | 000,028,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFDCP32.sys -- (dgcfltr)
DRV - [2007/06/29 06:39:46 | 000,086,656 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFVA32.sys -- (acfva)
DRV - [2007/06/11 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/05/24 14:27:00 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/05/03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007/04/24 13:20:00 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/21 10:15:42 | 000,009,344 | ---- | M] (Hajo Krabbenhöft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tenCapture.sys -- (tenCapture)
DRV - [2007/03/15 05:52:34 | 000,012,672 | R--- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACFSDK32.sys -- (mdmxsdk)
DRV - [2007/03/01 16:53:00 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/20 17:55:00 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/11/11 18:25:20 | 000,066,944 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\thdudf.sys -- (thdudf)
DRV - [2006/11/02 19:47:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 19:47:00 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/02 19:46:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/10/10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/08/28 16:00:44 | 000,019,968 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,019,712 | ---- | M] (Pinnacle Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/28 19:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/06/02 18:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/23 17:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2005/01/06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2004/02/13 10:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/02/11 15:15:50 | 000,014,572 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC.SYS -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.ne...ch?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3071011
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.ne...ch?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3071011

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3071011
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll (NetZero, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/21 12:20:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/05/22 16:01:50 | 000,307,133 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 10573 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Pop-up Blocker) - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll (NetZero, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (TBSB00982 Class) - {DA3D342F-FF20-4E31-9E82-22334155730C} - Reg Error: Value error. File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (NetZero Toolbar Helper) - {FE3098B0-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files\NetZero\UCReg.dll (NetZero, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (NetZero, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (NetZero, Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKCU..\Run: [EPSON Artisan 50 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\jwoodings\Start Menu\Programs\StartUp\Seagate 2GE7WZTZ Product Registration.lnk = C:\Documents and Settings\jwoodings\Application Data\Leadertech\PowerRegister\Seagate 2GE7WZTZ Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O15 - HKLM\..Trusted Domains: travelers.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: travelers.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: travelerspc.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: travelerspc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: skillport.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: skillwsa.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: travelers.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: travelers.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: travelerspc.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: travelerspc.com ([]https in Trusted sites)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} http://vs-printserve...ll/WinNTChk.cab (ObjWinNTCheck Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} http://vs-printserve...stall/setup.cab (OfficeScan Corp Edition Web-Deployment SetupCtrl Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Reg Error: Key error.)
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} http://vs-printserve...root/AtxEnc.cab (Encrypt Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo1.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {48989C74-D5FC-4F17-BA40-3D825C716836} http://mgn.musicgian...ndownloader.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1192621035375 (MUWebControl Class)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.w...ler/install.cab (Reg Error: Key error.)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/ch...urce/ImlCID.cab (imlUCID Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.on...e/en/crlocx.ocx (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://feapc.webex....bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} https://secure.iolo....gradeVerify.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = triangleservices.com
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\itss.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (wxvault.dll) - C:\WINDOWS\System32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\jwoodings\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jwoodings\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1c2c7a70-14b4-11df-88f7-002170921f51}\Shell - "" = AutoRun
O33 - MountPoints2\{1c2c7a70-14b4-11df-88f7-002170921f51}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1c2c7a70-14b4-11df-88f7-002170921f51}\Shell\AutoRun\command - "" = D:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{1c2c7a72-14b4-11df-88f7-002170921f51}\Shell - "" = AutoRun
O33 - MountPoints2\{1c2c7a72-14b4-11df-88f7-002170921f51}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1c2c7a72-14b4-11df-88f7-002170921f51}\Shell\AutoRun\command - "" = D:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/24 20:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\vs7jit
[2011/03/24 20:10:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jwoodings\Recent
[2011/03/24 14:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/03/24 14:19:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/03/24 14:19:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/03/24 13:57:58 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\jwoodings\Desktop\setup-spybotsd162.exe
[2011/03/24 13:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/03/24 13:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Application Data\SUPERAntiSpyware.com
[2011/03/24 13:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/03/24 13:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/03/24 13:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/03/24 13:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/03/24 13:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/03/23 11:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\FileOpen
[2011/03/23 11:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/03/23 11:33:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/03/23 11:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/03/23 11:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/03/22 18:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\The Jared Project
[2011/03/21 16:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\Gimp Tutorials
[2011/03/15 16:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\New Folder (2)
[2011/03/10 10:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\St Louis Start Up
[2011/03/09 20:18:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\2010 Tax Forms
[2011/03/09 17:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\Tainted Gas Adventure
[2011/03/08 13:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD-Cloner
[2011/03/08 11:03:52 | 000,000,000 | ---D | C] -- C:\temp_dvd
[2011/03/08 11:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Application Data\DVD-Cloner
[2011/03/08 11:03:35 | 000,000,000 | ---D | C] -- C:\Program Files\DVD-Cloner
[2011/03/06 22:08:13 | 000,093,552 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2011/03/03 11:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\Eye Prescriptions
[2011/03/02 20:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\My Creative Ideas
[2011/03/02 15:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\CD1
[2011/02/28 10:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\Possibilities
[2011/02/28 10:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\My Playlists
[2011/02/28 10:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\New Folder
[2011/02/26 13:21:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\TaxACT 2010
[2011/02/26 13:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Start Menu\Programs\2nd Story Software
[2011/02/26 13:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\2nd Story Software
[2011/02/26 13:21:39 | 000,000,000 | ---D | C] -- C:\2nd Story Software
[2011/02/25 12:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\My Documents\My Cookbook
[2011/02/25 11:53:43 | 000,221,184 | ---- | C] (Veign Chris Hanscom Http://www.veign.com) -- C:\WINDOWS\System32\JwldButn2b.ocx
[2011/02/24 12:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Movie DVD Maker
[2011/02/23 19:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\Robin Hood (2010) UNRATED DVDRip XviD-MAXSPEED
[2011/02/23 10:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jwoodings\Desktop\CIMMS Documents
[2009/01/20 16:06:37 | 000,078,336 | ---- | C] ( ) -- C:\WINDOWS\pysoft_uninstaller.exe
[2009/01/04 14:13:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmserv.dll
[2009/01/04 14:13:56 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmusb1.dll
[2009/01/04 14:13:56 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmhbn3.dll
[2009/01/04 14:13:56 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmcomc.dll
[2009/01/04 14:13:56 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmpmui.dll
[2009/01/04 14:13:56 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmlmpm.dll
[2009/01/04 14:13:56 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmcoms.exe
[2009/01/04 14:13:56 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmcomm.dll
[2009/01/04 14:13:56 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbminpa.dll
[2009/01/04 14:13:56 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmiesc.dll
[2009/01/04 14:13:56 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmih.exe
[2009/01/04 14:13:56 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmcfg.exe
[2009/01/04 14:13:56 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXBMhcp.dll
[2009/01/04 14:13:56 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmprox.dll
[2009/01/04 14:13:56 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxbmpplc.dll
[2008/08/20 17:18:21 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\jwoodings\Application Data\pcouffin.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\jwoodings\My Documents\*.tmp files -> C:\Documents and Settings\jwoodings\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/25 00:16:01 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/24 23:57:31 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-299502267-1292428093-839522115-3149.job
[2011/03/24 23:57:31 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-299502267-1292428093-839522115-3149.job
[2011/03/24 23:36:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/24 23:36:08 | 3747,573,760 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/24 21:40:43 | 000,011,270 | -HS- | M] () -- C:\Documents and Settings\jwoodings\Local Settings\Application Data\210h2kha24354441t26262f1n5
[2011/03/24 21:40:43 | 000,011,270 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\210h2kha24354441t26262f1n5
[2011/03/24 21:28:11 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Microsoft Office Word 2003 (2).lnk
[2011/03/24 20:23:10 | 000,446,424 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/24 20:23:10 | 000,073,464 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/24 19:16:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/24 14:00:18 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\jwoodings\Desktop\setup-spybotsd162.exe
[2011/03/24 13:49:33 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\jwoodings\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/03/24 13:49:33 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Spybot - Search & Destroy.lnk
[2011/03/24 13:47:36 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/24 13:17:42 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/03/24 13:09:43 | 000,001,331 | ---- | M] () -- C:\Documents and Settings\jwoodings\Start Menu\Programs\StartUp\Seagate 2GE7WZTZ Product Registration.lnk
[2011/03/24 11:16:27 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Microsoft Office Outlook 2003 (2).lnk
[2011/03/24 11:15:58 | 000,002,433 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\VPN Client (2).lnk
[2011/03/23 23:44:14 | 000,047,761 | ---- | M] () -- C:\Documents and Settings\jwoodings\.recently-used.xbel
[2011/03/23 20:34:23 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Microsoft Office Excel 2003 (2).lnk
[2011/03/23 13:16:32 | 000,102,400 | ---- | M] () -- C:\WINDOWS\RegBootClean.exe
[2011/03/23 09:23:44 | 000,002,412 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/03/21 21:18:04 | 063,554,463 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Jared Reflect 1.xcf
[2011/03/21 09:56:50 | 000,006,966 | ---- | M] () -- C:\Documents and Settings\jwoodings\Application Data\PrimoPDFSet.xml
[2011/03/19 10:37:14 | 002,312,786 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0390.JPG
[2011/03/18 23:28:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/18 20:01:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2011/03/18 19:38:24 | 003,037,585 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0381.JPG
[2011/03/18 13:50:53 | 004,063,232 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\HoleInOne.wmv
[2011/03/16 15:07:04 | 005,314,380 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Sony-1.wmv
[2011/03/15 19:54:29 | 000,000,113 | ---- | M] () -- C:\WINDOWS\System32\msxkwn.vxp
[2011/03/15 19:21:32 | 000,000,061 | ---- | M] () -- C:\WINDOWS\TaxACT10.ini
[2011/03/14 15:47:35 | 000,459,908 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\2011 NCAA Bracket.pdf
[2011/03/13 15:33:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/11 15:13:41 | 000,000,002 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2011/03/11 15:13:34 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2011/03/11 15:13:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Twunk002.MTX
[2011/03/11 13:45:43 | 006,029,975 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\HP All-in-one printer L7590 User Guide.pdf
[2011/03/10 13:06:57 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2011/03/10 11:50:00 | 000,000,211 | ---- | M] () -- C:\WINDOWS\System32\test.aok
[2011/03/10 10:12:31 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\jwoodings\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/03/08 15:34:09 | 000,004,052 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\cc_20110308_143351.reg
[2011/03/08 13:33:31 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\DVD-Cloner8.lnk
[2011/03/08 10:37:34 | 000,000,166 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2011/03/06 22:08:13 | 000,093,552 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2011/03/04 18:41:57 | 000,183,900 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Pharmacy 2010.pdf
[2011/03/04 18:39:44 | 000,125,823 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Dental 2010.pdf
[2011/03/04 18:38:21 | 000,182,108 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Medical 2010.pdf
[2011/03/04 12:31:59 | 000,232,179 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\MN Jan-Jun.2011.pdf
[2011/03/04 00:05:17 | 000,067,531 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\TaxAct 2010 agreement.pdf
[2011/03/03 14:58:03 | 000,218,112 | ---- | M] () -- C:\Documents and Settings\jwoodings\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/03 11:30:33 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\jwoodings\Desktop\Microsoft Office PowerPoint 2003 (2).lnk
[2011/03/02 10:41:30 | 000,022,810 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\cc_20110302_094102.reg
[2011/03/01 17:43:30 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/28 10:34:39 | 000,031,823 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Audition 1.pdf
[2011/02/26 13:21:46 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TaxACT 2010.lnk
[2011/02/25 11:59:44 | 000,037,482 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Radio Head 1 Playlist.pdf
[2011/02/25 11:59:10 | 000,033,612 | ---- | M] () -- C:\Documents and Settings\jwoodings\My Documents\Playlist.pdf
[2011/02/24 12:29:39 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Movie DVD Maker.lnk
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\jwoodings\My Documents\*.tmp files -> C:\Documents and Settings\jwoodings\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/24 21:38:51 | 000,011,270 | -HS- | C] () -- C:\Documents and Settings\jwoodings\Local Settings\Application Data\210h2kha24354441t26262f1n5
[2011/03/24 21:38:51 | 000,011,270 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\210h2kha24354441t26262f1n5
[2011/03/24 13:49:33 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/03/24 13:49:33 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\Spybot - Search & Destroy.lnk
[2011/03/24 13:47:36 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/24 13:17:42 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/03/24 13:09:43 | 000,001,331 | ---- | C] () -- C:\Documents and Settings\jwoodings\Start Menu\Programs\StartUp\Seagate 2GE7WZTZ Product Registration.lnk
[2011/03/24 12:49:52 | 3747,573,760 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/23 23:44:14 | 000,047,761 | ---- | C] () -- C:\Documents and Settings\jwoodings\.recently-used.xbel
[2011/03/23 12:41:16 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2011/03/21 20:55:04 | 063,554,463 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\Jared Reflect 1.xcf
[2011/03/19 10:17:15 | 002,312,786 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0390.JPG
[2011/03/18 20:11:12 | 003,037,585 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0381.JPG
[2011/03/18 13:50:53 | 004,063,232 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\HoleInOne.wmv
[2011/03/16 15:07:04 | 005,314,380 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Sony-1.wmv
[2011/03/14 15:47:35 | 000,459,908 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\2011 NCAA Bracket.pdf
[2011/03/11 15:13:34 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Twunk001.MTX
[2011/03/11 15:13:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\Twain001.Mtx
[2011/03/11 15:13:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Twunk002.MTX
[2011/03/11 13:45:43 | 006,029,975 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\HP All-in-one printer L7590 User Guide.pdf
[2011/03/09 20:17:26 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\msxkwn.vxp
[2011/03/08 15:33:55 | 000,004,052 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\cc_20110308_143351.reg
[2011/03/08 13:33:31 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\DVD-Cloner8.lnk
[2011/03/08 11:04:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2011/03/04 18:41:57 | 000,183,900 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Pharmacy 2010.pdf
[2011/03/04 18:39:39 | 000,125,823 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Dental 2010.pdf
[2011/03/04 18:38:18 | 000,182,108 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Aetna Medical 2010.pdf
[2011/03/04 12:31:59 | 000,232,179 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\MN Jan-Jun.2011.pdf
[2011/03/04 00:05:12 | 000,067,531 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\TaxAct 2010 agreement.pdf
[2011/03/02 10:41:05 | 000,022,810 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\cc_20110302_094102.reg
[2011/03/01 17:43:30 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/28 10:34:36 | 000,031,823 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Audition 1.pdf
[2011/02/26 20:23:43 | 002,315,672 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0225.JPG
[2011/02/26 20:23:02 | 002,744,285 | ---- | C] () -- C:\Documents and Settings\jwoodings\Desktop\DSC_0181.JPG
[2011/02/26 13:21:46 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TaxACT 2010.lnk
[2011/02/26 13:21:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\TaxACT10.ini
[2011/02/25 11:59:44 | 000,037,482 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Radio Head 1 Playlist.pdf
[2011/02/25 11:59:10 | 000,033,612 | ---- | C] () -- C:\Documents and Settings\jwoodings\My Documents\Playlist.pdf
[2011/02/24 12:29:39 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Movie DVD Maker.lnk
[2011/02/24 12:29:37 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2011/02/24 12:29:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2010/08/20 09:40:05 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2010/08/20 09:39:00 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2010/08/20 09:38:59 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2010/08/20 09:38:59 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2010/04/12 12:02:18 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\SYSVCPDRV.SYS
[2010/02/01 17:05:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/02/01 17:05:55 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/02/01 17:05:52 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/29 22:07:45 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/01/26 15:23:06 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\AutoGK.ini
[2009/12/28 15:46:50 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPART50.ini
[2009/10/13 16:10:50 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/10/07 19:39:42 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/10/07 19:26:50 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/10/07 19:26:50 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/10/07 19:26:50 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/10/07 19:26:50 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/10/07 19:26:50 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/10/07 19:26:50 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/10/07 19:26:50 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/10/07 19:26:50 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/10/07 19:26:50 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/10/07 19:26:50 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/10/07 19:26:50 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/10/07 19:26:50 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/10/07 19:26:50 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/10/07 19:26:49 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/10/07 19:26:49 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/10/07 19:26:49 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/10/07 19:19:20 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw7c.bin
[2009/10/07 19:18:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PERFV500P.ini
[2009/09/23 10:17:32 | 000,016,485 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2009/07/14 21:44:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2009/07/03 11:30:59 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2009/03/26 11:31:40 | 000,003,452 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/03/26 11:31:40 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\F822652BB1.sys
[2009/03/21 12:07:15 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw32.bin
[2009/02/17 15:14:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/01/29 16:59:16 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/01/22 14:50:55 | 000,000,056 | ---- | C] () -- C:\WINDOWS\cryavitompeg.ini
[2009/01/22 11:24:37 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySavitompeg.dat
[2009/01/14 12:14:47 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2009/01/13 11:29:00 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/01/13 11:28:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/01/05 13:29:20 | 002,788,800 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2009/01/04 14:16:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMON.DLL
[2009/01/04 14:16:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMUI.DLL
[2009/01/04 14:16:03 | 000,000,548 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
[2009/01/04 14:15:46 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxbmcoin.dll
[2009/01/04 14:15:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbmvs.dll
[2009/01/04 14:15:33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxbmcnv4.dll
[2009/01/04 14:13:56 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\lxbmutil.dll
[2009/01/04 14:13:56 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXBMinst.dll
[2008/10/08 12:32:39 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2008/10/08 12:13:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/10/07 16:54:37 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/09/29 13:37:51 | 000,006,966 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\PrimoPDFSet.xml
[2008/09/29 13:34:59 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2008/09/24 15:59:57 | 000,000,603 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008/08/20 20:24:00 | 000,002,076 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/08/20 17:35:16 | 000,000,166 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/08/20 17:18:21 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\inst.exe
[2008/08/20 17:18:21 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\pcouffin.cat
[2008/08/20 17:18:21 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\jwoodings\Application Data\pcouffin.inf
[2008/08/18 16:27:16 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/08/18 16:20:51 | 000,142,067 | ---- | C] () -- C:\WINDOWS\hpwins05.dat
[2008/08/13 14:21:47 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2008/08/04 23:17:46 | 000,218,112 | ---- | C] () -- C:\Documents and Settings\jwoodings\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/24 12:31:52 | 000,004,071 | ---- | C] () -- C:\WINDOWS\notes.ini
[2008/07/23 08:37:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008/07/11 11:22:59 | 000,000,045 | ---- | C] () -- C:\WINDOWS\lotus.ini
[2008/07/09 15:10:18 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/07/09 15:10:16 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/07/09 15:10:16 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2008/04/28 12:13:33 | 000,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/02/18 13:09:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/02/18 10:12:27 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/02/18 10:12:27 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2008/02/15 08:30:12 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/11/18 15:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/10/17 09:09:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/11 20:47:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/11 20:30:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2007/10/11 20:27:24 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\Tsp1.dll
[2007/10/11 20:25:41 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2007/10/11 20:25:41 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2007/10/11 19:57:31 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2007/10/11 19:55:53 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/13 15:19:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/01/31 21:16:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/01/31 21:11:14 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\OEM_Resources.dll
[2007/01/31 21:08:44 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/01/31 21:08:36 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/01/31 21:08:26 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/01/31 21:08:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/01/31 21:08:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/01/31 21:08:00 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/01/31 21:07:50 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/01/31 21:07:42 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/01/31 21:07:34 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/01/31 21:07:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/01/31 14:09:46 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/01/31 14:09:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/01/31 14:09:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/01/31 14:08:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/01/31 14:08:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/01/31 14:08:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/01/31 14:07:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/01/31 14:07:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/01/31 14:07:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/01/31 14:06:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/01/30 16:31:50 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/01/30 16:30:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/01/02 10:14:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2006/09/20 04:25:44 | 000,012,416 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2006/09/07 15:41:04 | 000,003,953 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat
[2006/08/14 12:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2005/09/02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/09/10 13:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 001,658,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 18:00:28 | 000,446,424 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 18:00:28 | 000,073,464 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 18:54:04 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/01/28 00:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wrkgadm.exe
[2000/01/28 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2011/03/07 19:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
[2009/01/04 14:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4200 Series
[2009/01/04 14:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4200Series
[2010/02/05 10:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/27 15:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/05/22 15:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/12/28 16:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/09/24 10:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen
[2008/10/02 14:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2009/02/17 15:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Indentix
[2009/07/03 11:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/02/21 16:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lOoEb06504
[2009/01/04 18:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/03/26 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero
[2007/10/11 20:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/05/22 15:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/04/26 20:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdc
[2010/03/16 15:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/03/16 15:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2008/09/29 14:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PKWARE
[2009/02/19 14:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RootsMagic
[2010/04/12 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2008/09/02 16:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sctemp
[2011/03/24 13:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/08/20 17:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/07/03 20:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\temp
[2009/12/28 16:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/08/20 20:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2008/09/05 12:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007/10/11 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2010/09/13 09:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEngineLite
[2009/06/05 15:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/29 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\.dvdcss
[2009/01/04 19:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\4200Series
[2010/09/29 15:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\All Free Audio Converter
[2009/06/02 13:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Amazon
[2010/01/21 15:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\AnvSoft
[2009/12/21 11:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\AvexLab
[2008/09/03 19:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\avidemux
[2009/05/26 13:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\BitZipper
[2008/10/17 19:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Cakewalk
[2010/12/16 19:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\calibre
[2010/12/06 18:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/03/23 15:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\CopyToDvd
[2011/03/01 20:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Desktopicon
[2011/03/08 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\DVD-Cloner
[2009/07/20 13:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\eMusic
[2010/01/06 18:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\EPSON
[2009/09/24 10:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\FileOpen
[2008/08/26 22:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\FileVOoM
[2011/03/23 23:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\gtk-2.0
[2008/10/02 14:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\HotSync
[2011/03/11 15:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Image Zone Express
[2009/02/17 15:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Indentix
[2010/09/20 13:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\InfraRecorder
[2009/07/03 11:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\iolo
[2008/08/01 10:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\ISL Online Cache
[2009/12/29 10:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Leader Technologies
[2008/10/02 14:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Leadertech
[2010/04/26 22:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Leawo
[2008/09/02 21:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\MPEG Streamclip
[2010/04/14 12:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\NCH Swift Sound
[2009/08/06 23:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Nikon
[2009/05/22 15:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\ParetoLogic
[2010/01/29 11:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Pavtube
[2008/09/29 14:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\PKWARE
[2010/12/09 12:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\PriceGong
[2010/09/08 22:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\PTGui
[2009/11/08 00:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\RootsMagic
[2010/04/16 10:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Screaming Bee
[2010/05/14 10:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Skinux
[2008/08/20 17:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\SlySoft
[2010/04/28 13:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Smart PPT to DVD Converter
[2010/02/05 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Smith Micro
[2010/10/09 15:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Snapfish
[2009/05/06 12:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Uniblue
[2011/03/23 11:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\uTorrent
[2011/03/23 15:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Vso
[2011/03/25 00:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\Wave Systems Corp
[2010/06/24 15:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jwoodings\Application Data\webex

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:2D124BDC3AC00015
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\temp:d1b5b4f1

< End of report >
  • 0

Advertisements

#2
Gotta Learn Dis Stuff
Posted 04 April 2011 - 09:46 AM

Gotta Learn Dis Stuff

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Yep, figured free help with a computer problem was too good to be true. Well, thanks anyway.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP