Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Somoto Toolbar installed without permission


  • This topic is locked This topic is locked

#1
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Member
  • PipPipPip
  • 181 posts
Hi, I downloaded (from CNET) and installed (custom installation) it. Without my permission, mp3rocket installed toolbar(s) on my computer. I checked 'add/ remove programs' for any unknown entries - there was one entry and I removed it via Revo Uninstaller. Next, I checked all of my browsers. When I checked Firefox, Opera and Google Chrome, I found nothing unusual; however, when I checked Internet Explorer, I found the following:

right-click menu bar > Somoto Toolbar (This is there but nothing happens when I select it.)
tools > internet options > programs > manage add-ons > toolbars and extensions > Somoto Toolbar (x2) (This is no longer there.)

Then, I proceeded to run a search in my registry for 'Somoto' - I found several entries but have not taken any action.

Additionally, while searching my registry for entries related to a 'Somoto Toolbar', I found the following entries:

AMOVIE.ActiveMovie Control
AMOVIE.ActiveMovie Control.1
AMOVIE.ActiveMovie Control.2
AMOVIE.ActiveMovieControl
AMOVIE.ActiveMovieControl.1
AMOVIE.ActiveMovieControl.2
AMtoolbar.AMtoolbar
AMtoolbar.AMtoolbar.1

I did a quick search of the entries and found out they're affiliated with a company that has a bad reputation. I'm unsure whether or not they got in my registry via mp3rocket.

-

OTL logfile created on: 6/7/2011 11:41:18 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 71.72% Memory free
3.72 Gb Paging File | 3.35 Gb Available in Paging File | 89.88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 6.17 Gb Free Space | 9.94% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () -- C:\WINDOWS\system32\winopt.exe
PRC - [2011/03/24 07:24:36 | 000,409,320 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 10:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/08/09 08:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/08/18 04:00:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2006/08/18 04:00:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/17 21:41:01 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\winopt.exe -- (WinOptimizer)
SRV - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Apps\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/24 07:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/25 15:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 15:45:28 | 000,037,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/06 18:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 15:37:58 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/18 23:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/07/19 00:40:08 | 000,264,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/08/29 14:12:28 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/08/29 14:11:08 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/08/29 14:10:56 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 08:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/01 20:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/16 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/16 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/03/05 19:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/03/02 20:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/02 20:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/11/16 00:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/10/31 22:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/31 21:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/03 00:57:12 | 000,013,532 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Components: C:\Program Files\Aurora\components [2011/06/07 19:46:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2011/06/03 14:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Extensions
[2011/06/03 15:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Firefox\Profiles\z88e0e58.default\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2011/02/18 20:08:05 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HitmanPro35] File not found
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://dcode.suppor...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/ch...urce/ImlCID.cab (imlUCID Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\DOCUMENTS AND SETTINGS\DALE BURKET\DESKTOP\UNUSED DESKTOP SHORTCUTS\PROCESS EXPLORER\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell - "" = AutoRun
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/07 23:24:19 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/07 23:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\HiJackThis
[2011/06/07 22:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Incomplete
[2011/06/07 22:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2011/06/07 22:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2011/06/07 19:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\DreamVideoSoft
[2011/06/07 16:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\vlc
[2011/06/07 16:24:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/06/04 10:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next
[2011/06/03 14:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla
[2011/06/03 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2011/06/02 12:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/06/02 11:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\Google Chrome
[2011/06/02 11:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Temp
[2011/06/02 11:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Opera
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2011/06/01 23:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2011/06/01 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\COMODO Cleaning Essentials
[2011/06/01 11:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 01:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\SlimWare Utilities Inc
[2011/06/01 01:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlimCleaner
[2011/06/01 01:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2011/06/01 01:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011/05/31 23:57:49 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/31 23:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/31 23:57:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/31 23:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/31 09:35:12 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/05/31 09:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Kaspersky TDSSKiller
[2011/05/31 00:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro35
[2011/05/31 00:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/05/30 16:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Keriver 1-Click Restore Free
[2011/05/30 16:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Keriver 1-Click Restore Free
[2011/05/29 22:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/29 22:18:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dale Burket\Recent
[2011/05/29 21:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MediaMonkey
[2011/05/29 21:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\MediaMonkey
[2011/05/29 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2011/05/29 21:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PDF-XChange
[2011/05/29 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2011/05/29 20:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\New Folder
[2011/05/29 20:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/05/29 20:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/05/29 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/05/29 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/05/29 20:17:49 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/29 20:17:49 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/29 20:17:49 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/29 20:17:49 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/29 20:17:49 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/29 20:17:49 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/29 20:17:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/29 20:17:49 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/29 20:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/29 20:17:35 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/29 19:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware.com
[2011/05/29 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2011/05/29 19:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/05/29 08:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Tracker Software
[2011/05/29 08:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011/05/28 12:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/28 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/23 08:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2011/05/23 08:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2011/05/23 07:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Music
[2011/05/23 07:35:34 | 000,000,000 | ---D | C] -- C:\Users
[2011/05/22 09:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/07 23:07:07 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 22:53:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/07 22:53:33 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/07 22:52:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/07 22:52:26 | 2078,912,512 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/07 22:49:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/07 22:16:12 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/07 22:15:38 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/07 22:07:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/07 16:24:05 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/05 23:50:42 | 000,002,330 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/05 23:50:42 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/05 18:41:01 | 000,001,708 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/06/04 10:31:01 | 000,001,541 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/04 02:40:05 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to Yugioh Virtual Desktop 9_1.exe.lnk
[2011/06/03 17:47:42 | 000,017,396 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\vtzilla.xpi
[2011/06/03 14:36:10 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 19:14:41 | 000,002,231 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/02 19:03:04 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences2.dat
[2011/06/02 19:03:04 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences.dat
[2011/06/02 18:50:31 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagexappletviewer.preferences
[2011/06/02 11:49:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/01 11:36:10 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:11 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:30:53 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2011/05/29 21:15:10 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 20:37:14 | 000,420,800 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:36:52 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:17:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/29 20:17:49 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/28 12:19:11 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/05/13 16:08:08 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Disk Defrag.lnk
[2011/05/10 08:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 08:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 08:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/07 23:06:46 | 000,002,459 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 21:10:56 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\winopt.exe
[2011/06/07 16:24:05 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/05 18:24:25 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/04 10:31:01 | 000,001,547 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera Next.lnk
[2011/06/04 10:31:00 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 17:23:58 | 000,017,396 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\vtzilla.xpi
[2011/06/03 14:36:10 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Aurora.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 11:45:10 | 000,002,330 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/02 11:45:10 | 000,002,308 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/02 11:44:07 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/02 11:44:07 | 000,000,950 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/01 11:36:10 | 000,002,083 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 11:36:09 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/06/01 01:22:09 | 000,002,231 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:10 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:15:10 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:13:24 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2011/05/29 21:13:23 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 21:06:26 | 000,001,708 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/05/29 20:36:52 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:36:34 | 000,420,800 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:17:49 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/28 12:19:11 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/05/13 16:08:08 | 000,000,899 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Disk Defrag.lnk
[2011/05/11 17:17:07 | 2078,912,512 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/08 04:59:37 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2010/06/26 00:57:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\wklnhst.dat
[2010/06/26 00:38:38 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2010/06/20 22:32:42 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/05/20 19:35:52 | 000,788,256 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\prvlcl.dat
[2010/04/01 11:02:47 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2010/02/19 18:15:48 | 000,000,262 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\burnaware.ini
[2009/10/29 15:38:10 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2009/10/29 15:38:09 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/30 21:38:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/15 17:41:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/09/15 17:10:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/09/06 11:44:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/06/30 03:27:42 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/06/30 03:27:27 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/26 15:00:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/20 19:26:24 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2009/01/05 20:32:46 | 000,007,068 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2009/01/05 20:31:09 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/09/05 15:49:47 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/03/05 18:38:08 | 001,457,024 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2007/11/18 16:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/09/01 21:41:48 | 000,002,715 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/08 16:18:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/02/04 19:53:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2007/01/21 18:14:45 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\enigmarc.lua2
[2007/01/13 18:06:03 | 000,000,416 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/01/09 17:26:39 | 000,000,049 | ---- | C] () -- C:\WINDOWS\quizisam.ini
[2007/01/09 17:00:12 | 000,000,090 | ---- | C] () -- C:\WINDOWS\MVPSPADE.INI
[2007/01/09 16:01:30 | 000,001,639 | ---- | C] () -- C:\WINDOWS\yahtzee.ini
[2007/01/09 15:52:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\WW&W.ini
[2006/12/24 13:08:58 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/24 08:52:58 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\fusioncache.dat
[2006/09/21 02:20:37 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/21 02:15:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/09/21 02:15:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/21 02:01:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/21 01:49:44 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/18 04:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 04:00:00 | 001,617,920 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/18 04:00:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 04:00:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/18 04:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 04:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 04:00:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/18 04:00:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/18 04:00:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/29 15:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 15:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 14:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 14:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 14:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 14:27:08 | 000,455,656 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 14:27:08 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 14:18:06 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 14:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 03:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/05/05 22:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/03 03:50:56 | 000,004,460 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/02/11 14:39:07 | 000,000,316 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80

========== LOP Check ==========

[2010/09/29 21:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/07/03 23:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/09/11 12:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2010/02/19 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/07/10 03:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2009/10/03 13:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/09/24 16:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2010/06/20 22:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/05/13 21:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 05:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ISPCOMP
[2010/11/25 06:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2007/02/04 21:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2009/05/30 11:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/10/02 18:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2011/02/17 15:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Privacyware
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2009/09/30 19:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/09/15 21:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/05/20 19:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2011/02/18 11:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/01 04:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/06/26 01:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/11/22 23:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/08/31 17:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2
[2010/12/03 14:36:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2008/10/06 20:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/02/19 03:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/11 12:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/06/24 21:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Abine
[2010/09/29 21:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Acronis
[2011/05/28 12:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2010/09/25 20:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Auslogics
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\blg
[2009/09/15 19:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\BrandX Games
[2009/09/15 17:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Camel101
[2010/02/19 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Canneverbe Limited
[2010/11/30 12:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\CBS Interactive
[2009/09/07 18:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\cerasus.media
[2011/06/07 22:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Flood Light Games
[2011/03/19 22:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\G DATA
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gogii Games
[2009/09/17 23:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gold Casual Games
[2011/02/03 03:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\inkscape
[2010/11/30 11:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\IObit
[2011/06/01 23:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2006/12/30 08:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Leadertech
[2007/01/01 06:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Learn2.com
[2009/09/06 12:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Meridian93
[2011/03/26 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Miranda
[2011/06/07 22:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2007/02/04 21:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\muvee Technologies
[2010/06/25 02:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Netscape
[2011/05/29 19:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/02/18 10:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor(3)
[2010/12/03 17:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OpenOffice.org
[2011/06/04 10:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Otto
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\PlayFirst
[2009/09/09 14:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Playrix Entertainment
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QFX Software
[2011/06/02 12:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/02/08 06:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\RipIt4Me
[2009/09/17 14:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Shape games
[2011/05/29 19:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2009/09/06 11:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SystemRequirementsLab
[2010/12/01 04:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\TuneUp Software
[2010/07/08 01:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\VirtualStore
[2009/09/15 17:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildGames 3 Days Zoo Mystery
[2010/11/23 02:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangent
[2009/09/01 13:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1001
[2009/09/14 16:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1005
[2010/11/17 20:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WordWeb
[2011/04/26 09:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\X-Chat 2

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >

-

OTL Extras logfile created on: 6/7/2011 11:41:18 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 71.72% Memory free
3.72 Gb Paging File | 3.35 Gb Available in Paging File | 89.88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 6.17 Gb Free Space | 9.94% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Aurora\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [hitmanpro] -- "C:\Documents and Settings\Dale Burket\Desktop\HitmanPro35.exe" "%1\"
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:DCOM(135)
"1049:TCP" = 1049:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody -- (RealNetworks, Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
"C:\Program Files\Opera Next\opera.exe" = C:\Program Files\Opera Next\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{0EF6CC3A-C94E-4CC9-8EEA-88EEBE1B8BC4}" = SlimCleaner
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13BCF6CB-2F54-4962-9B11-32F07048ACF3}" = HP User Guides 0031
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 J1
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 G2
"{43E05D0C-E145-4FF4-A749-EAF822DBDCA4}" = Jetfighter V Homeland Protector
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.3
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{52FBAE98-D389-4281-8C14-21B4046CCB4E}" = SonicAC3Encoder
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.0.4
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{864314A6-75CD-461F-9C1D-CCE5722AE84E}" = openCanvas4.5e Plus
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}" =
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = TourSetup
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B16AF568-A644-483C-A6DA-5028CD019C8C}" = SonicMPEGEncoder
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43421C0-0DCB-4F26-8A3B-BF16155F9879}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DDD9B4E6-EEB7-4030-B141-F0E0C5429851}" = YVD
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{ED23E382-E5E3-4E21-B616-01FC59A40916}" = OpenOffice.org 3.3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FB09F05F-85C6-4205-B28D-5BF071D276C3}" = muvee autoProducer 5.0
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"074EEF5F-3BE8-4112-B253-C5D6CDE2924C" = Zuma Deluxe from Hewlett-Packard Laptops (remove only)
"0E5266B4-9069-401A-93AE-5FF9F1712016" = Insaniquarium Deluxe from Hewlett-Packard Laptops (remove only)
"103EFD47-9F2C-4490-95DD-AE6C442AFB92" = SCRABBLE from Hewlett-Packard Laptops (remove only)
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"1C3FDBBA-EBF7-4CDB-AD8A-A1125734AF86" = Tradewinds from Hewlett-Packard Laptops (remove only)
"320F055A-570F-4335-B026-16A836DB9549" = Final Drive Nitro from Hewlett-Packard Laptops (remove only)
"382C11F0-1A18-4F76-B8E0-15CA7F209C22" = Chuzzle Deluxe from Hewlett-Packard Laptops (remove only)
"384E0BF4-1E1F-45A6-B60E-42144A3F15CD" = Blackhawk Striker 2 from Hewlett-Packard Laptops (remove only)
"4C061F83-EE92-445A-A03F-184B0BD59242" = Jewel Quest from Hewlett-Packard Laptops (remove only)
"5658FB14-16A4-4DAE-946B-1457BE31572E" = Boggle Supreme from Hewlett-Packard Laptops (remove only)
"5758A0E8-A112-4A1D-82EC-EC72F7F16B88" = Lexibox Deluxe from Hewlett-Packard Laptops (remove only)
"6E377D95-DF37-4E67-B64B-68C314600BCB" = Bejeweled 2 Deluxe from Hewlett-Packard Laptops (remove only)
"6ECB6EE6-92E1-4525-AF3B-3CE51A7C5F89" = FATE from Hewlett-Packard Laptops (remove only)
"7948472C-423F-4134-B68F-48D660A05D71" = Big Kahuna Reef from Hewlett-Packard Laptops (remove only)
"7A940E33-6993-404B-ABA6-ED62E8FBE615" = Bounce Symphony from Hewlett-Packard Laptops (remove only)
"7ED8A70C-9597-40BE-AEA0-0573182F1F51" = Super Granny from Hewlett-Packard Laptops (remove only)
"7F8C5718-1BA9-4AAE-96D2-2B04D05F2D54" = Polar Bowler from Hewlett-Packard Laptops (remove only)
"7-Zip" = 7-Zip 9.20
"9F3399B2-9ED6-4339-84A2-686432638B86" = Blasterball 2 from Hewlett-Packard Laptops (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Aurora 6.0a2 (x86 en-US)" = Aurora 6.0a2 (x86 en-US)
"avast" = avast! Free Antivirus
"B0202B33-E73D-4FCD-AC88-0B2971AFC116" = Slyder from Hewlett-Packard Laptops (remove only)
"B0769D17-E72A-4E87-A83F-1F7A3F080008" = Bookworm Deluxe from Hewlett-Packard Laptops (remove only)
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Board Games" = Board Games
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"C264D692-8E15-4141-96A2-5621332E5DD0" = Slingo Deluxe from Hewlett-Packard Laptops (remove only)
"Card Games" = Card Games
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
"D2E44AA4-8665-4490-A6C9-2D0744B47B27" = Polar Golfer from Hewlett-Packard Laptops (remove only)
"DED8E2B5-BA9F-448F-84E8-0AEF79876F95" = Snowboard SuperJam
"E332F38A-75F6-4EF2-88CC-246E8A1CB5D7" = Oasis from Hewlett-Packard Laptops (remove only)
"E76A7EFF-7758-49EE-B3FA-9699830A2D6B" = Mah Jong Quest from Hewlett-Packard Laptops (remove only)
"E90E3AE9-73E4-4E5C-BB0F-673989A808D0" = Lemonade Tycoon 2 from Hewlett-Packard Laptops (remove only)
"E94C7046-2F7D-4D4D-B76F-C412DCCEAAC2" = Crystal Maze from Hewlett-Packard Laptops (remove only)
"EF860173-4FB7-4DE1-8BE8-5400F05A0DC5" = Puzzle Express from Hewlett-Packard Laptops (remove only)
"F2566CC2-D4C4-44ED-A838-3F8288D8D3FE" = Flip Words from Hewlett-Packard Laptops (remove only)
"FileHippo.com" = FileHippo.com Update Checker
"HeadGames_BigGameHunter3UninstallKey" = Cabela's Big Game Hunter III
"HitmanPro35" = Hitman Pro 3.5
"Hoyle Board Games 3 Demo" = Hoyle Board Games 3 Demo
"Hoyle Card Games 3 Demo" = Hoyle Card Games 3 Demo
"Hoyle Slots & Video Poker" = Hoyle Slots & Video Poker
"Hoyle Word Games Demo" = Hoyle Word Games Demo
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Rhapsody" = HP Rhapsody
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{43E05D0C-E145-4FF4-A749-EAF822DBDCA4}" = Jetfighter V Homeland Protector
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"InstallShield_{C43421C0-0DCB-4F26-8A3B-BF16155F9879}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
"Keriver 1-Click Restore Free" = Keriver 1-Click Restore Free
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Magic Solitaires" = Magic Solitaires
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.50.1027" = Opera Next 11.50 beta build 1027
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"Revo Uninstaller" = Revo Uninstaller 1.92
"Sandboxie" = Sandboxie 3.54 (32-bit)
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Top 30 Games 4 Kids" = Top 30 Games 4 Kids
"Top 50 Blazing Games" = Top 50 Blazing Games
"Trivia Madness" = Trivia Madness
"VLC media player" = VLC media player 1.1.10
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WildTangent CDA" = WildTangent Web Driver
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Yahtzeev1" = Yahtzee
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/6/2011 2:55:09 AM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/6/2011 10:04:37 AM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 3:36:42 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 3:43:19 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 4:26:16 PM | Computer Name = DALESLAPTOP | Source = nview_info | ID = 11141121
Description =

Error - 6/7/2011 8:19:40 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 10:18:45 PM | Computer Name = DALESLAPTOP | Source = nview_info | ID = 11141121
Description =

Error - 6/7/2011 10:20:35 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 10:42:12 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/7/2011 10:52:48 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

[ System Events ]
Error - 6/7/2011 3:43:35 PM | Computer Name = DALESLAPTOP | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/7/2011 3:43:35 PM | Computer Name = DALESLAPTOP | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 6/7/2011 3:43:44 PM | Computer Name = DALESLAPTOP | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/7/2011 3:43:44 PM | Computer Name = DALESLAPTOP | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 6/7/2011 3:46:14 PM | Computer Name = DALESLAPTOP | Source = NetBT | ID = 4321
Description = The name "MSHOME :1d" could not be registered on the Interface
with IP address 192.168.0.101. The machine with the IP address 192.168.0.103 did
not allow the name to be claimed by this machine.

Error - 6/7/2011 3:48:06 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/7/2011 8:24:36 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/7/2011 10:02:15 PM | Computer Name = DALESLAPTOP | Source = NetBT | ID = 4321
Description = The name "MSHOME :1d" could not be registered on the Interface
with IP address 192.168.0.101. The machine with the IP address 192.168.0.103 did
not allow the name to be claimed by this machine.

Error - 6/7/2011 10:42:44 PM | Computer Name = DALESLAPTOP | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 6/7/2011 10:53:17 PM | Computer Name = DALESLAPTOP | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

Advertisements


#2
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
I did some installing and uninstalling after the first OTL log so I decided to scan the computer and post a new one.

-

OTL logfile created on: 6/11/2011 6:18:35 AM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 71.59% Memory free
3.72 Gb Paging File | 3.34 Gb Available in Paging File | 89.65% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 5.77 Gb Free Space | 9.30% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () -- C:\WINDOWS\system32\winopt.exe
PRC - [2011/03/24 07:24:36 | 000,409,320 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 10:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/08/09 08:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/08/18 04:00:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2006/08/18 04:00:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/17 21:41:01 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\winopt.exe -- (WinOptimizer)
SRV - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Apps\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/24 07:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/25 15:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 15:45:28 | 000,037,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/06 18:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 15:37:58 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/18 23:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/07/19 00:40:08 | 000,264,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/08/29 14:12:28 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/08/29 14:11:08 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/08/29 14:10:56 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 08:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/01 20:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/16 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/16 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/03/05 19:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/03/02 20:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/02 20:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/11/16 00:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/10/31 22:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/31 21:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/03 00:57:12 | 000,013,532 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Components: C:\Program Files\Aurora\components [2011/06/09 12:01:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2011/06/03 14:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Extensions
[2011/06/09 21:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Firefox\Profiles\z88e0e58.default\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
[2011/04/24 14:00:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/02/18 20:08:05 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://dcode.suppor...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/ch...urce/ImlCID.cab (imlUCID Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\DOCUMENTS AND SETTINGS\DALE BURKET\DESKTOP\UNUSED DESKTOP SHORTCUTS\PROCESS EXPLORER\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell - "" = AutoRun
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/10 19:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\Google Chrome
[2011/06/10 10:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Windows sidebar for XP
[2011/06/09 22:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Solid YouTube Downloader and Converter
[2011/06/09 20:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\youtube-downloader-and-converter
[2011/06/09 20:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Solid YouTube Downloader and Converter
[2011/06/09 12:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Toolbar4
[2011/06/09 01:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2011/06/09 00:58:09 | 011,978,408 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 20:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2011/06/08 20:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlimCleaner
[2011/06/08 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2011/06/08 20:41:08 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011/06/08 12:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/08 12:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/08 11:59:13 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/06/08 01:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\OTL
[2011/06/07 23:24:19 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/07 23:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\HiJackThis
[2011/06/07 22:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Incomplete
[2011/06/07 22:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2011/06/07 22:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2011/06/07 19:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\DreamVideoSoft
[2011/06/07 16:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\vlc
[2011/06/07 16:24:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/06/04 10:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next
[2011/06/03 14:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla
[2011/06/03 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2011/06/02 12:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/06/02 11:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Temp
[2011/06/02 11:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Opera
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2011/06/01 23:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2011/06/01 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\COMODO Cleaning Essentials
[2011/06/01 11:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 01:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\SlimWare Utilities Inc
[2011/05/31 23:57:49 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/31 23:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/31 23:57:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/31 23:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/31 09:35:12 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/05/31 00:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro35
[2011/05/30 16:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Keriver 1-Click Restore Free
[2011/05/30 16:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Keriver 1-Click Restore Free
[2011/05/29 22:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/29 22:18:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dale Burket\Recent
[2011/05/29 21:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MediaMonkey
[2011/05/29 21:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\MediaMonkey
[2011/05/29 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2011/05/29 21:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PDF-XChange
[2011/05/29 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2011/05/29 20:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\New Folder
[2011/05/29 20:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/05/29 20:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/05/29 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/05/29 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/05/29 20:17:49 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/29 20:17:49 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/29 20:17:49 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/29 20:17:49 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/29 20:17:49 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/29 20:17:49 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/29 20:17:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/29 20:17:49 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/29 20:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/29 20:17:35 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/29 19:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware.com
[2011/05/29 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2011/05/29 19:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/05/29 08:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Tracker Software
[2011/05/29 08:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011/05/28 12:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/28 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/23 08:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2011/05/23 08:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2011/05/23 07:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Music
[2011/05/23 07:35:34 | 000,000,000 | ---D | C] -- C:\Users
[2011/05/22 09:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/11 05:49:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/10 23:16:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/10 22:46:57 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/10 22:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/10 22:46:29 | 2078,912,512 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/10 22:40:12 | 000,001,764 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/06/10 19:21:59 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/10 14:44:22 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/10 11:49:18 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/09 20:40:06 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 00:58:29 | 011,978,408 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 20:42:02 | 000,002,231 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/08 12:13:43 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/08 05:52:30 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to Yugioh Virtual Desktop 9_1.exe.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 23:24:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/07 22:16:12 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/07 22:07:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/07 16:24:05 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/04 10:31:01 | 000,001,541 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 19:03:04 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences2.dat
[2011/06/02 19:03:04 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences.dat
[2011/06/02 18:50:31 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagexappletviewer.preferences
[2011/06/01 11:36:10 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:11 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:30:53 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2011/05/29 21:15:10 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 20:37:14 | 000,420,800 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:36:52 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:17:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/29 20:17:49 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/28 12:19:11 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/05/13 16:08:08 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Disk Defrag.lnk
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/10 19:21:59 | 000,002,308 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/09 20:40:06 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 13:34:26 | 2078,912,512 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/08 20:41:46 | 000,002,231 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/08 12:13:43 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 21:10:56 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\winopt.exe
[2011/06/07 16:24:05 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/05 18:24:25 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/04 10:31:01 | 000,001,547 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera Next.lnk
[2011/06/04 10:31:00 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Aurora.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 11:44:07 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/02 11:44:07 | 000,000,950 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/01 11:36:10 | 000,002,083 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 11:36:09 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:10 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:15:10 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:13:24 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2011/05/29 21:13:23 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 21:06:26 | 000,001,764 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/05/29 20:36:52 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:36:34 | 000,420,800 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:17:49 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/28 12:19:11 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/05/13 16:08:08 | 000,000,899 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Disk Defrag.lnk
[2011/02/08 04:59:37 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2010/06/26 00:57:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\wklnhst.dat
[2010/06/26 00:38:38 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2010/06/20 22:32:42 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/05/20 19:35:52 | 000,788,256 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\prvlcl.dat
[2010/04/01 11:02:47 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2010/02/19 18:15:48 | 000,000,262 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\burnaware.ini
[2009/10/29 15:38:10 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2009/10/29 15:38:09 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/30 21:38:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/15 17:41:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/09/15 17:10:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/09/06 11:44:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/06/30 03:27:42 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/06/30 03:27:27 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/26 15:00:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/20 19:26:24 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2009/01/05 20:32:46 | 000,007,068 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2009/01/05 20:31:09 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/09/05 15:49:47 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/03/05 18:38:08 | 001,457,024 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2007/11/18 16:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/09/01 21:41:48 | 000,002,715 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/08 16:18:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/02/04 19:53:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2007/01/21 18:14:45 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\enigmarc.lua2
[2007/01/13 18:06:03 | 000,000,416 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/01/09 17:26:39 | 000,000,049 | ---- | C] () -- C:\WINDOWS\quizisam.ini
[2007/01/09 17:00:12 | 000,000,090 | ---- | C] () -- C:\WINDOWS\MVPSPADE.INI
[2007/01/09 16:01:30 | 000,001,639 | ---- | C] () -- C:\WINDOWS\yahtzee.ini
[2007/01/09 15:52:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\WW&W.ini
[2006/12/24 13:08:58 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/24 08:52:58 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\fusioncache.dat
[2006/09/21 02:20:37 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/21 02:15:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/09/21 02:15:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/21 02:01:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/21 01:49:44 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/18 04:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 04:00:00 | 001,617,920 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/18 04:00:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 04:00:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/18 04:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 04:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 04:00:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/18 04:00:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/18 04:00:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/29 15:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 15:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 14:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 14:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 14:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 14:27:08 | 000,455,656 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 14:27:08 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 14:18:06 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 14:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 03:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/05/05 22:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/03 03:50:56 | 000,004,460 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/02/11 14:39:07 | 000,000,316 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80

========== LOP Check ==========

[2010/09/29 21:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/07/03 23:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/09/11 12:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2010/02/19 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/07/10 03:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2009/10/03 13:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/09/24 16:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2010/06/20 22:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/05/13 21:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 05:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ISPCOMP
[2010/11/25 06:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2011/06/09 01:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2007/02/04 21:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2009/05/30 11:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/10/02 18:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2011/02/17 15:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Privacyware
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2009/09/30 19:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/09/15 21:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/05/20 19:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2011/02/18 11:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/01 04:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/06/26 01:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/11/22 23:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/08/31 17:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2
[2010/12/03 14:36:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2008/10/06 20:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/02/19 03:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/11 12:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/06/24 21:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Abine
[2010/09/29 21:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Acronis
[2011/06/10 14:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2010/09/25 20:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Auslogics
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\blg
[2009/09/15 19:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\BrandX Games
[2009/09/15 17:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Camel101
[2010/02/19 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Canneverbe Limited
[2010/11/30 12:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\CBS Interactive
[2009/09/07 18:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\cerasus.media
[2011/06/07 22:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Flood Light Games
[2011/03/19 22:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\G DATA
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gogii Games
[2009/09/17 23:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gold Casual Games
[2011/02/03 03:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\inkscape
[2010/11/30 11:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\IObit
[2011/06/01 23:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2006/12/30 08:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Leadertech
[2007/01/01 06:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Learn2.com
[2009/09/06 12:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Meridian93
[2011/03/26 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Miranda
[2011/06/07 22:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2007/02/04 21:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\muvee Technologies
[2010/06/25 02:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Netscape
[2011/05/29 19:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/02/18 10:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor(3)
[2010/12/03 17:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OpenOffice.org
[2011/06/04 10:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Otto
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\PlayFirst
[2009/09/09 14:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Playrix Entertainment
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QFX Software
[2011/06/08 12:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/02/08 06:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\RipIt4Me
[2009/09/17 14:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Shape games
[2011/05/29 19:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2009/09/06 11:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SystemRequirementsLab
[2011/06/09 20:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Toolbar4
[2010/12/01 04:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\TuneUp Software
[2010/07/08 01:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\VirtualStore
[2009/09/15 17:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildGames 3 Days Zoo Mystery
[2010/11/23 02:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangent
[2009/09/01 13:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1001
[2009/09/14 16:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1005
[2010/11/17 20:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WordWeb
[2011/04/26 09:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\X-Chat 2
[2011/06/09 20:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\youtube-downloader-and-converter

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >
  • 0

#3
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :unsure:

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together :)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

NEXT:


Please provide an update on how things are running in your next reply.
  • 0

#4
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
Hi SweetTech, thanks for assisting me and don't worry about the delayed response; it isn't a problem.

Since I installed mp3rocket, I'm not noticing anything unusual with my system's performance; however, now that you mention it (and I'm not sure if this malware related), some of my programs (mainly jqs.exe and avastsvc.exe) have an unusually high number of page faults. I have read a little about page faults and I have learned that a really high number can lead to program and system slowdowns. jqs.exe has 12,460,415 and avastsvc.exe has 6,397,238 (but has reached as much as 20,000,000) page faults as I type this post. It may be worth noting, since I have re-installed Avast! and replaced Online Armor with Zone Alarm, the performance of my programs and system has gotten better. Aside from the aforementioned, the unwanted toolbar entries in Internet Explorer (possibly my other browsers) and the registry are the only things I can think of. Below are the requested logs.

-RKU-

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 3989504 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 86.19 )
0xF57DF000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3690496 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.19 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF0BF9000 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 991232 bytes (Conexant Systems, Inc., HSF_DP driver)
0xF0B47000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 729088 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF2FA8000 C:\WINDOWS\system32\drivers\CHDAud.sys 610304 bytes (Conexant Systems Inc., High Definition Audio Function Driver)
0xF5FE8000 C:\WINDOWS\system32\DRIVERS\RTL8192su.sys 598016 bytes (Realtek Semiconductor Corporation , Realtek RTL8192S USB NDIS Driver)
0xF71C4000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xEB31F000 C:\WINDOWS\System32\vsdatant.sys 528384 bytes (Check Point Software Technologies LTD, ZoneAlarm Firewalling Driver)
0xF565F000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 503808 bytes (Microsoft Corporation, WDF Dynamic)
0xF5F06000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 458752 bytes (AVAST Software, avast! Virtualization Driver)
0xF607A000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF555D000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEB400000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB7D4D000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF5711000 C:\WINDOWS\system32\DRIVERS\NVNRM.SYS 307200 bytes (NVIDIA Corporation, NVIDIA Network Resource Manager.)
0xF5F9E000 C:\WINDOWS\System32\Drivers\aswSP.SYS 303104 bytes (AVAST Software, avast! self protection module)
0xBF3E0000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB8025000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xEB266000 C:\WINDOWS\System32\Drivers\UimFIO.SYS 245760 bytes (Paragon, Image Mounter File I/O)
0xEB3C8000 C:\WINDOWS\system32\DRIVERS\tcpip6.sys 229376 bytes (Microsoft Corporation, IPv6 driver)
0xF56DA000 C:\WINDOWS\system32\DRIVERS\NVSNPU.SYS 225280 bytes (NVIDIA Corporation, NVIDIA Networking Soft-NPU Driver.)
0xF562A000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 217088 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0xF0CEB000 C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 208896 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0xB7BAF000 C:\WINDOWS\system32\drivers\RMCast.sys 204800 bytes (Microsoft Corporation, Reliable Multicast Transport)
0xF55E3000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7358000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB82B4000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7197000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xAB836000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF60EA000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF575C000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xEB3A0000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF72E4000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xEB206000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xEB06E000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF2F84000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF57A7000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF5784000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xB7507000 C:\WINDOWS\System32\Drivers\RDPWD.SYS 143360 bytes (Microsoft Corporation, RDP Terminal Stack Driver (US/Canada Only, Not for Export))
0xEB2FD000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xEB244000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0xB8671000 C:\Program Files\Sandboxie\SbieDrv.sys 135168 bytes (SANDBOXIE L.T.D, Sandboxie Kernel Mode Driver)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF727A000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF730A000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF7329000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF717D000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xEB055000 C:\WINDOWS\System32\Drivers\dump_nvata.sys 102400 bytes
0xF72B3000 nvata.sys 102400 bytes (NVIDIA Corporation, NVIDIA® nForce™ IDE Performance Driver)
0xF729A000 nvatabus.sys 102400 bytes (NVIDIA Corporation, NVIDIA® nForce™ IDE Performance Driver)
0xF72CC000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB85A4000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF7251000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB7D0E000 C:\WINDOWS\system32\drivers\mqac.sys 94208 bytes (Microsoft Corporation, Windows NT MQ Access Control Device Driver)
0xF5613000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB865B000 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 90112 bytes (Microsoft Corporation, NWLINK2 IPX Protocol Driver)
0xB844F000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF57CB000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xEB459000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7268000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7347000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF7627000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7527000 C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 65536 bytes (Microsoft Corporation, NWLINK2 IPX Netbios Protocol Driver)
0xF7497000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF7507000 Serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF5B84000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF682D000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xEE499000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF5B94000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF74A7000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF75F7000 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 57344 bytes (Advanced Micro Devices, AMD Processor Driver)
0xF7547000 C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 57344 bytes (Microsoft Corporation, NWLINK2 SPX Protocol Driver)
0xF74E7000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF681D000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF67FD000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF74C7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF680D000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xF67DD000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xEBABC000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7617000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF74B7000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF67ED000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xECDAE000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xF7487000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF67BD000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF74F7000 PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF67CD000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xB6A7C000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF74D7000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF7607000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xECD8E000 C:\WINDOWS\system32\drivers\ip6fw.sys 36864 bytes (Microsoft Corporation, IPv6 Windows Firewall Driver)
0xB80BE000 C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 36864 bytes (Microsoft Corporation, IP FILTER DRIVER)
0xECDBE000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xECD9E000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xECD7E000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF776F000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xED0F4000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7807000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF77F7000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7707000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xEF52E000 C:\WINDOWS\system32\DRIVERS\usbprint.sys 28672 bytes (Microsoft Corporation, USB Printer driver)
0xED61D000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF780F000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF781F000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7827000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xEC309000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xEB7A0000 C:\WINDOWS\System32\Drivers\TDTCP.SYS 24576 bytes (Microsoft Corporation, TCP Transport Driver)
0xED104000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7847000 C:\WINDOWS\system32\DRIVERS\wanatw4.sys 24576 bytes (America Online, Inc., Wan Miniport (ATW))
0xED0EC000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF7817000 C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys 20480 bytes (Hewlett-Packard Development Company, L.P., HpqKbFiltr Keyboard Filter Driver)
0xED0FC000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7837000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF783F000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF782F000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF77FF000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xEE43F000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF789F000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF6845000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF796F000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xB8170000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0xF795F000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEE621000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF793F000 C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 16384 bytes (NVIDIA Corporation, NVIDIA Networking Bus Driver.)
0xF78A3000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xF5545000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF789B000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF6841000 C:\WINDOWS\system32\DRIVERS\cpqbttn.sys 12288 bytes (Hewlett-Packard Development Company, L.P., HP Tablet PC Key Button HID Driver)
0xEF21F000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF5F9A000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF55BF000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0xF5F96000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7947000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7937000 C:\WINDOWS\system32\DRIVERS\nvsmu.sys 12288 bytes (NVIDIA Corporation, NVIDIA® nForce™ SMU Microcontroller Driver)
0xB74EB000 C:\WINDOWS\system32\DRIVERS\psi_mf.sys 12288 bytes (Secunia, Secunia PSI Driver)
0xF55C7000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF6849000 C:\WINDOWS\system32\DRIVERS\tunmp.sys 12288 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0xF683D000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xF798F000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0xF7991000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF79A5000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF79B1000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF798B000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF79B3000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF79B5000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xEFC53000 C:\WINDOWS\System32\Drivers\StarOpen.SYS 8192 bytes
0xF79CD000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79CB000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF798D000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7989000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7AE4000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xEC490000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xECED3000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A50000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
WARNING: Virus alike driver modification [bthpan.sys]
WARNING: Virus alike driver modification [nvtcp.sys]
WARNING: Virus alike driver modification [sffp_mmc.sys]
WARNING: Virus alike driver modification [hsfdpsp2.sys]
WARNING: Virus alike driver modification [atinrvxx.sys]
WARNING: Virus alike driver modification [sffp_sd.sys]
WARNING: Virus alike driver modification [wadv08nt.sys]
WARNING: Virus alike driver modification [ati1mdxx.sys]
WARNING: Virus alike driver modification [cpqdap01.sys]
WARNING: Virus alike driver modification [wadv07nt.sys]
WARNING: Virus alike driver modification [wadv09nt.sys]
WARNING: Virus alike driver modification [sffdisk.sys]
WARNING: Virus alike driver modification [wadv11nt.sys]
WARNING: Virus alike driver modification [nikedrv.sys]
WARNING: Virus alike driver modification [rio8drv.sys]
WARNING: Virus alike driver modification [riodrv.sys]
WARNING: Virus alike driver modification [ws2ifsl.sys]
WARNING: Virus alike driver modification [ati1pdxx.sys]
WARNING: Virus alike driver modification [fsvga.sys]
WARNING: Virus alike driver modification [usbvideo.sys]
WARNING: Virus alike driver modification [tunmp.sys]
WARNING: Virus alike driver modification [mtlmnt5.sys]
WARNING: Virus alike driver modification [mutohpen.sys]
WARNING: Virus alike driver modification [usb8023.sys]
WARNING: Virus alike driver modification [usb8023x.sys]
WARNING: Virus alike driver modification [slnt7554.sys]
WARNING: Virus alike driver modification [mtlstrm.sys]
WARNING: Virus alike driver modification [slwdmsup.sys]
WARNING: Virus alike driver modification [recagent.sys]
WARNING: Virus alike driver modification [atinmdxx.sys]
WARNING: Virus alike driver modification [atinttxx.sys]
WARNING: Virus alike driver modification [diskdump.sys]
WARNING: Virus alike driver modification [wacompen.sys]
WARNING: Virus alike driver modification [atinpdxx.sys]
WARNING: Virus alike driver modification [smclib.sys]
WARNING: Virus alike driver modification [Hdaudio.sys]
WARNING: Virus alike driver modification [tape.sys]
WARNING: Virus alike driver modification [usbintel.sys]
WARNING: Virus alike driver modification [nwrdr.sys]
WARNING: Virus alike driver modification [s3gnbm.sys]
WARNING: Virus alike driver modification [ntmtlfax.sys]
WARNING: Virus alike driver modification [hidir.sys]
WARNING: Virus alike driver modification [ati1ttxx.sys]
WARNING: Virus alike driver modification [tsbvcap.sys]
WARNING: Virus alike driver modification [hsfbs2s2.sys]
WARNING: Virus alike driver modification [watv06nt.sys]
WARNING: Virus alike driver modification [sonydcam.sys]
WARNING: Virus alike driver modification [watv10nt.sys]
WARNING: Virus alike driver modification [hidbth.sys]
WARNING: Virus alike driver modification [usbcamd.sys]
WARNING: Virus alike driver modification [usbcamd2.sys]
WARNING: Virus alike driver modification [cinemst2.sys]
WARNING: Virus alike driver modification [ati1snxx.sys]
WARNING: Virus alike driver modification [atinsnxx.sys]
WARNING: Virus alike driver modification [ati1xbxx.sys]
WARNING: Virus alike driver modification [rndismp.sys]
WARNING: Virus alike driver modification [rndismpx.sys]
WARNING: Virus alike driver modification [ati1raxx.sys]
WARNING: Virus alike driver modification [atmepvc.sys]
WARNING: Virus alike driver modification [atinxbxx.sys]
WARNING: Virus alike driver modification [ati2mtaa.sys]
WARNING: Virus alike driver modification [rawwan.sys]
WARNING: Virus alike driver modification [ati1xsxx.sys]
WARNING: Virus alike driver modification [atmuni.sys]
WARNING: Virus alike driver modification [processr.sys]
WARNING: Virus alike driver modification [intelppm.sys]
WARNING: Virus alike driver modification [ati1tuxx.sys]
WARNING: Virus alike driver modification [bthprint.sys]
WARNING: Virus alike driver modification [crusoe.sys]
WARNING: Virus alike driver modification [amdk6.sys]
WARNING: Virus alike driver modification [amdk7.sys]
WARNING: Virus alike driver modification [bthmodem.sys]
WARNING: Virus alike driver modification [nmnt.sys]
WARNING: Virus alike driver modification [slntamr.sys]
WARNING: Virus alike driver modification [p3.sys]
WARNING: Virus alike driver modification [uagp35.sys]
WARNING: Virus alike driver modification [mtxparhm.sys]
WARNING: Virus alike driver modification [gagp30kx.sys]
WARNING: Virus alike driver modification [irbus.sys]
WARNING: Virus alike driver modification [tosdvd.sys]
WARNING: Virus alike driver modification [atinraxx.sys]
WARNING: Virus alike driver modification [atmlane.sys]
WARNING: Virus alike driver modification [nwlnkspx.sys]
WARNING: Virus alike driver modification [ati1btxx.sys]
WARNING: Virus alike driver modification [atinbtxx.sys]
WARNING: Virus alike driver modification [vdmindvd.sys]
WARNING: Virus alike driver modification [smbali.sys]
WARNING: Virus alike driver modification [nwlnknb.sys]
WARNING: Virus alike driver modification [atinxsxx.sys]
WARNING: Virus alike driver modification [ati1rvxx.sys]
WARNING: Virus alike driver modification [mf.sys]
WARNING: Virus alike driver modification [enum1394.sys]
WARNING: Virus alike driver modification [hsfcxts2.sys]
WARNING: Virus alike driver modification [ati2mtag.sys]
WARNING: Virus alike driver modification [bridge.sys]
WARNING: Virus alike driver modification [atintuxx.sys]
WARNING: Virus alike driver modification [mcd.sys]
WARNING: Virus alike driver modification [nwlnkipx.sys]
WARNING: Virus alike driver modification [slnthal.sys]

-OTL-

OTL logfile created on: 6/12/2011 4:34:46 PM - Run 3
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.55% Memory free
3.72 Gb Paging File | 3.31 Gb Available in Paging File | 88.90% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 5.07 Gb Free Space | 8.18% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () -- C:\WINDOWS\system32\winopt.exe
PRC - [2011/03/24 07:24:36 | 000,409,320 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 10:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/08/09 08:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/08/18 04:00:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2006/08/18 04:00:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/17 21:41:01 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\winopt.exe -- (WinOptimizer)
SRV - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Apps\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/24 07:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/25 15:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 15:45:28 | 000,037,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/06 18:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 15:37:58 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/18 23:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/07/19 00:40:08 | 000,264,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/08/29 14:12:28 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/08/29 14:11:08 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/08/29 14:10:56 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 08:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/01 20:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/16 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/16 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/03/05 19:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/03/02 20:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/02 20:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/11/16 00:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/10/31 22:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/31 21:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/03 00:57:12 | 000,013,532 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Components: C:\Program Files\Aurora\components [2011/06/09 12:01:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2011/06/03 14:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Extensions
[2011/06/09 21:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Firefox\Profiles\z88e0e58.default\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
[2011/04/24 14:00:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/02/18 20:08:05 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\StartUp\Uninstall LastPass RunOnce.lnk = C:\Documents and Settings\Administrator\Application Data\lpuninstall.exe (LastPass)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Dale\Start Menu\Programs\StartUp\Uninstall LastPass RunOnce.lnk = C:\Documents and Settings\Dale\Application Data\lpuninstall.exe (LastPass)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://dcode.suppor...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/ch...urce/ImlCID.cab (imlUCID Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\DOCUMENTS AND SETTINGS\DALE BURKET\DESKTOP\UNUSED DESKTOP SHORTCUTS\PROCESS EXPLORER\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell - "" = AutoRun
O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/12 16:24:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/11 16:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware.com
[2011/06/11 16:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/11 16:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/10 19:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\Google Chrome
[2011/06/09 22:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Solid YouTube Downloader and Converter
[2011/06/09 20:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\youtube-downloader-and-converter
[2011/06/09 20:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Solid YouTube Downloader and Converter
[2011/06/09 12:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Toolbar4
[2011/06/09 01:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2011/06/09 00:58:09 | 011,978,408 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 20:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2011/06/08 20:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlimCleaner
[2011/06/08 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2011/06/08 20:41:08 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011/06/08 12:05:41 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/08 12:05:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/08 12:05:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/08 11:59:13 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/06/07 23:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\HiJackThis
[2011/06/07 22:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Incomplete
[2011/06/07 22:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2011/06/07 22:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2011/06/07 19:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\DreamVideoSoft
[2011/06/07 16:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\vlc
[2011/06/07 16:24:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/06/04 10:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next
[2011/06/03 14:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla
[2011/06/03 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2011/06/02 12:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/06/02 11:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Temp
[2011/06/02 11:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Opera
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2011/06/01 23:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2011/06/01 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\COMODO Cleaning Essentials
[2011/06/01 11:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 01:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\SlimWare Utilities Inc
[2011/05/31 23:57:49 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/31 23:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/31 23:57:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/31 23:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/31 09:35:12 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/05/31 00:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro35
[2011/05/30 16:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Keriver 1-Click Restore Free
[2011/05/30 16:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Keriver 1-Click Restore Free
[2011/05/29 22:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/29 22:18:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dale Burket\Recent
[2011/05/29 21:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MediaMonkey
[2011/05/29 21:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\MediaMonkey
[2011/05/29 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2011/05/29 21:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PDF-XChange
[2011/05/29 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2011/05/29 20:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\New Folder
[2011/05/29 20:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/05/29 20:36:50 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2011/05/29 20:36:45 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2011/05/29 20:36:45 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2011/05/29 20:36:39 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2011/05/29 20:36:37 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2011/05/29 20:36:37 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2011/05/29 20:36:36 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2011/05/29 20:36:36 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2011/05/29 20:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/05/29 20:36:34 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/05/29 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/05/29 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/05/29 20:35:42 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2011/05/29 20:35:42 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2011/05/29 20:35:42 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2011/05/29 20:17:49 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/29 20:17:49 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/29 20:17:49 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/29 20:17:49 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/29 20:17:49 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/29 20:17:49 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/29 20:17:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/29 20:17:49 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/29 20:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/29 20:17:35 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/29 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2011/05/29 19:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/05/29 08:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Tracker Software
[2011/05/29 08:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011/05/28 12:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/28 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/23 08:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2011/05/23 08:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2011/05/23 07:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Music
[2011/05/23 07:35:34 | 000,000,000 | ---D | C] -- C:\Users
[2011/05/22 09:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/12 16:24:13 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RKUnhookerLE.EXE
[2011/06/12 15:49:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/12 11:49:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/12 01:13:13 | 004,514,991 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\love&joy.vmd
[2011/06/11 16:35:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/11 16:33:01 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/11 16:32:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/11 16:32:45 | 2078,912,512 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/11 16:29:19 | 000,002,231 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/11 16:25:36 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 22:40:12 | 000,001,764 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/06/10 19:21:59 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/10 14:44:22 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/09 20:40:06 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 00:58:29 | 011,978,408 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 05:52:30 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to Yugioh Virtual Desktop 9_1.exe.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 22:16:12 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/07 22:07:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/07 16:24:05 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/06 10:11:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/04 10:31:01 | 000,001,541 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 19:03:04 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences2.dat
[2011/06/02 19:03:04 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences.dat
[2011/06/02 18:50:31 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagexappletviewer.preferences
[2011/06/01 11:36:10 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:11 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:30:53 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2011/05/29 21:15:10 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 20:37:14 | 000,420,800 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:36:52 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:17:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/29 20:17:49 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/28 12:19:11 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/12 16:24:04 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RKUnhookerLE.EXE
[2011/06/12 01:13:07 | 004,514,991 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\love&joy.vmd
[2011/06/11 16:25:36 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 19:21:59 | 000,002,308 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/09 20:40:06 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 13:34:26 | 2078,912,512 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/08 20:41:46 | 000,002,231 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 21:10:56 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\winopt.exe
[2011/06/07 16:24:05 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/05 18:24:25 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/04 10:31:01 | 000,001,547 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera Next.lnk
[2011/06/04 10:31:00 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Aurora.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 11:44:07 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/02 11:44:07 | 000,000,950 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/01 11:36:10 | 000,002,083 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 11:36:09 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:10 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:15:10 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:13:24 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2011/05/29 21:13:23 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 21:06:26 | 000,001,764 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/05/29 20:36:52 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:36:34 | 000,420,800 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:17:49 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/28 12:19:11 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/02/08 04:59:37 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2010/06/26 00:57:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\wklnhst.dat
[2010/06/26 00:38:38 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2010/06/20 22:32:42 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/05/20 19:35:52 | 000,788,256 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\prvlcl.dat
[2010/04/01 11:02:47 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2010/02/19 18:15:48 | 000,000,262 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\burnaware.ini
[2009/10/29 15:38:10 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2009/10/29 15:38:09 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/30 21:38:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/15 17:41:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/09/15 17:10:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/09/06 11:44:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/06/30 03:27:42 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/06/30 03:27:27 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/26 15:00:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/20 19:26:24 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2009/01/05 20:32:46 | 000,007,068 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2009/01/05 20:31:09 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/09/05 15:49:47 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/03/05 18:38:08 | 001,457,024 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2007/11/18 16:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/09/01 21:41:48 | 000,002,715 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/08 16:18:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/02/04 19:53:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2007/01/21 18:14:45 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\enigmarc.lua2
[2007/01/13 18:06:03 | 000,000,416 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/01/09 17:26:39 | 000,000,049 | ---- | C] () -- C:\WINDOWS\quizisam.ini
[2007/01/09 17:00:12 | 000,000,090 | ---- | C] () -- C:\WINDOWS\MVPSPADE.INI
[2007/01/09 16:01:30 | 000,001,639 | ---- | C] () -- C:\WINDOWS\yahtzee.ini
[2007/01/09 15:52:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\WW&W.ini
[2006/12/24 13:08:58 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/24 08:52:58 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\fusioncache.dat
[2006/09/21 02:20:37 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/21 02:15:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/09/21 02:15:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/21 02:01:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/21 01:49:44 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/18 04:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 04:00:00 | 001,617,920 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/18 04:00:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 04:00:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/18 04:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 04:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 04:00:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/18 04:00:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/18 04:00:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/29 15:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 15:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 14:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 14:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 14:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 14:27:08 | 000,455,656 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 14:27:08 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 14:18:06 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 14:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 03:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/05/05 22:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/03 03:50:56 | 000,004,460 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/02/11 14:39:07 | 000,000,316 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >

-Extras-

OTL Extras logfile created on: 6/12/2011 4:34:46 PM - Run 3
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.55% Memory free
3.72 Gb Paging File | 3.31 Gb Available in Paging File | 88.90% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 5.07 Gb Free Space | 8.18% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Aurora\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:DCOM(135)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody -- (RealNetworks, Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
"C:\Program Files\Opera Next\opera.exe" = C:\Program Files\Opera Next\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13BCF6CB-2F54-4962-9B11-32F07048ACF3}" = HP User Guides 0031
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 26
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 J1
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{421C74DD-F4D0-4F8A-8371-5EB21CFA1E6C}" = SlimCleaner
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 G2
"{43E05D0C-E145-4FF4-A749-EAF822DBDCA4}" = Jetfighter V Homeland Protector
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.3
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{52FBAE98-D389-4281-8C14-21B4046CCB4E}" = SonicAC3Encoder
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.0.4
"{66712EEE-ECBC-4CA6-A474-youtube-downloader-and-~EF55A6A4_is1" = Solid YouTube Downloader and Converter 3.8.8
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{864314A6-75CD-461F-9C1D-CCE5722AE84E}" = openCanvas4.5e Plus
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}" =
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = TourSetup
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B16AF568-A644-483C-A6DA-5028CD019C8C}" = SonicMPEGEncoder
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43421C0-0DCB-4F26-8A3B-BF16155F9879}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DDD9B4E6-EEB7-4030-B141-F0E0C5429851}" = YVD
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{ED23E382-E5E3-4E21-B616-01FC59A40916}" = OpenOffice.org 3.3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FB09F05F-85C6-4205-B28D-5BF071D276C3}" = muvee autoProducer 5.0
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"074EEF5F-3BE8-4112-B253-C5D6CDE2924C" = Zuma Deluxe from Hewlett-Packard Laptops (remove only)
"0E5266B4-9069-401A-93AE-5FF9F1712016" = Insaniquarium Deluxe from Hewlett-Packard Laptops (remove only)
"103EFD47-9F2C-4490-95DD-AE6C442AFB92" = SCRABBLE from Hewlett-Packard Laptops (remove only)
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"1C3FDBBA-EBF7-4CDB-AD8A-A1125734AF86" = Tradewinds from Hewlett-Packard Laptops (remove only)
"320F055A-570F-4335-B026-16A836DB9549" = Final Drive Nitro from Hewlett-Packard Laptops (remove only)
"382C11F0-1A18-4F76-B8E0-15CA7F209C22" = Chuzzle Deluxe from Hewlett-Packard Laptops (remove only)
"384E0BF4-1E1F-45A6-B60E-42144A3F15CD" = Blackhawk Striker 2 from Hewlett-Packard Laptops (remove only)
"4C061F83-EE92-445A-A03F-184B0BD59242" = Jewel Quest from Hewlett-Packard Laptops (remove only)
"5658FB14-16A4-4DAE-946B-1457BE31572E" = Boggle Supreme from Hewlett-Packard Laptops (remove only)
"5758A0E8-A112-4A1D-82EC-EC72F7F16B88" = Lexibox Deluxe from Hewlett-Packard Laptops (remove only)
"6E377D95-DF37-4E67-B64B-68C314600BCB" = Bejeweled 2 Deluxe from Hewlett-Packard Laptops (remove only)
"6ECB6EE6-92E1-4525-AF3B-3CE51A7C5F89" = FATE from Hewlett-Packard Laptops (remove only)
"7948472C-423F-4134-B68F-48D660A05D71" = Big Kahuna Reef from Hewlett-Packard Laptops (remove only)
"7A940E33-6993-404B-ABA6-ED62E8FBE615" = Bounce Symphony from Hewlett-Packard Laptops (remove only)
"7ED8A70C-9597-40BE-AEA0-0573182F1F51" = Super Granny from Hewlett-Packard Laptops (remove only)
"7F8C5718-1BA9-4AAE-96D2-2B04D05F2D54" = Polar Bowler from Hewlett-Packard Laptops (remove only)
"7-Zip" = 7-Zip 9.20
"9F3399B2-9ED6-4339-84A2-686432638B86" = Blasterball 2 from Hewlett-Packard Laptops (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Aurora 6.0a2 (x86 en-US)" = Aurora 6.0a2 (x86 en-US)
"avast" = avast! Free Antivirus
"B0202B33-E73D-4FCD-AC88-0B2971AFC116" = Slyder from Hewlett-Packard Laptops (remove only)
"B0769D17-E72A-4E87-A83F-1F7A3F080008" = Bookworm Deluxe from Hewlett-Packard Laptops (remove only)
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Board Games" = Board Games
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"C264D692-8E15-4141-96A2-5621332E5DD0" = Slingo Deluxe from Hewlett-Packard Laptops (remove only)
"Card Games" = Card Games
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
"D2E44AA4-8665-4490-A6C9-2D0744B47B27" = Polar Golfer from Hewlett-Packard Laptops (remove only)
"DED8E2B5-BA9F-448F-84E8-0AEF79876F95" = Snowboard SuperJam
"E332F38A-75F6-4EF2-88CC-246E8A1CB5D7" = Oasis from Hewlett-Packard Laptops (remove only)
"E76A7EFF-7758-49EE-B3FA-9699830A2D6B" = Mah Jong Quest from Hewlett-Packard Laptops (remove only)
"E90E3AE9-73E4-4E5C-BB0F-673989A808D0" = Lemonade Tycoon 2 from Hewlett-Packard Laptops (remove only)
"E94C7046-2F7D-4D4D-B76F-C412DCCEAAC2" = Crystal Maze from Hewlett-Packard Laptops (remove only)
"EF860173-4FB7-4DE1-8BE8-5400F05A0DC5" = Puzzle Express from Hewlett-Packard Laptops (remove only)
"F2566CC2-D4C4-44ED-A838-3F8288D8D3FE" = Flip Words from Hewlett-Packard Laptops (remove only)
"FileHippo.com" = FileHippo.com Update Checker
"HeadGames_BigGameHunter3UninstallKey" = Cabela's Big Game Hunter III
"Hoyle Board Games 3 Demo" = Hoyle Board Games 3 Demo
"Hoyle Card Games 3 Demo" = Hoyle Card Games 3 Demo
"Hoyle Slots & Video Poker" = Hoyle Slots & Video Poker
"Hoyle Word Games Demo" = Hoyle Word Games Demo
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Rhapsody" = HP Rhapsody
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{43E05D0C-E145-4FF4-A749-EAF822DBDCA4}" = Jetfighter V Homeland Protector
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}" = Belkin F7D1101 Basic Wireless USB Adapter
"InstallShield_{C43421C0-0DCB-4F26-8A3B-BF16155F9879}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
"Keriver 1-Click Restore Free" = Keriver 1-Click Restore Free
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Magic Solitaires" = Magic Solitaires
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.50.1027" = Opera Next 11.50 beta build 1027
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"Revo Uninstaller" = Revo Uninstaller 1.92
"Sandboxie" = Sandboxie 3.54 (32-bit)
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Top 30 Games 4 Kids" = Top 30 Games 4 Kids
"Top 50 Blazing Games" = Top 50 Blazing Games
"Trivia Madness" = Trivia Madness
"VLC media player" = VLC media player 1.1.10
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WildTangent CDA" = WildTangent Web Driver
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Yahtzeev1" = Yahtzee
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3909528348-297803119-1053140754-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/10/2011 2:26:33 AM | Computer Name = DALESLAPTOP | Source = nview_info | ID = 11141121
Description =

Error - 6/10/2011 2:26:33 AM | Computer Name = DALESLAPTOP | Source = nview_info | ID = 11141121
Description =

Error - 6/10/2011 10:14:02 AM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/10/2011 3:20:19 PM | Computer Name = DALESLAPTOP | Source = nview_info | ID = 11141121
Description =

Error - 6/10/2011 7:12:23 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/10/2011 10:38:28 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/10/2011 10:47:25 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/11/2011 4:13:43 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/11/2011 4:23:12 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

Error - 6/11/2011 4:33:10 PM | Computer Name = DALESLAPTOP | Source = MSDTC | ID = 4439
Description = Failed to verify MS DTC service account information. Internal Information
: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\adme\uiname.cpp, Line: 9166,
VerifyAccountInfo : ReadRegKeyValue32W(ACCOUNT_NAME) failed, hr=0x80070002

[ System Events ]
Error - 6/9/2011 10:52:51 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/9/2011 11:20:11 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/10/2011 12:20:57 AM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/10/2011 10:18:37 AM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/10/2011 10:39:13 PM | Computer Name = DALESLAPTOP | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 6/10/2011 10:44:05 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/10/2011 10:53:05 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/11/2011 4:21:05 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/11/2011 4:28:51 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.

Error - 6/11/2011 4:38:14 PM | Computer Name = DALESLAPTOP | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}. The
backup browser is stopping.


< End of report >
  • 0

#5
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    O2 - BHO: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
    O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
    O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell - "" = AutoRun
    O33 - MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\Shell\AutoRun - "" = Auto&Play
    @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
    @Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Running ComboFix
Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
  • IMPORTANT - Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

    Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat.
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#6
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
I'm sorry about the delayed response. I intentionally delayed my response so I can get a more accurate representation of the current state of my computer.

State of Computer:

avastsvc.exe and jqs.exe have a significantly lower number of page faults (2,045,958 and 4,483,646 respectively). Yesterday, Firefox had approximately 400,000 page faults and today it has 2,709,450 (steadily climbing). The Somoto Toolbar registry and Internet Explorer entries have been successfully removed. The following registry entries still exist:

AMOVIE.ActiveMovie Control
AMOVIE.ActiveMovie Control.1
AMOVIE.ActiveMovie Control.2
AMOVIE.ActiveMovieControl
AMOVIE.ActiveMovieControl.1
AMOVIE.ActiveMovieControl.2
AMtoolbar.AMtoolbar
AMtoolbar.AMtoolbar.1

Overall, I don't notice much (if any) difference in system performance after running OTL and ComboFix (system performance wasn't bad prior to running OTL and ComboFix and isn't running them (nor is it much better (if at all)).

Below are the requested logs:

-OTL-

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{4F07DA45-8170-4859-9B5F-037EF2970034} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F07DA45-8170-4859-9B5F-037EF2970034}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2468a3f4-dd3e-11dd-920c-001636be152a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2468a3f4-dd3e-11dd-920c-001636be152a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2468a3f4-dd3e-11dd-920c-001636be152a}\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 deleted successfully.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Dale Burket\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Dale Burket\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Dale
->Temp folder emptied: 79 bytes
->Temporary Internet Files folder emptied: 1382833 bytes
->Flash cache emptied: 649 bytes

User: Dale Burket
->Temp folder emptied: 7175173 bytes
->Temporary Internet Files folder emptied: 17147498 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 469760471 bytes
->Google Chrome cache emptied: 10358303 bytes
->Flash cache emptied: 2488 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 596005 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 311296 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 165632 bytes
Windows Temp folder emptied: 179985 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 25543068 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 508.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Dale
->Flash cache emptied: 0 bytes

User: Dale Burket
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.24.0 log created on 06132011_140325

Files\Folders moved on Reboot...
C:\Documents and Settings\Dale Burket\Local Settings\Temp\~DFF5AE.tmp moved successfully.
C:\WINDOWS\temp\_avast_\unp2883993.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_508.dat not found!
File\Folder C:\WINDOWS\temp\ZLT04ca4.TMP not found!

Registry entries deleted on Reboot...

-ComboFix-

ComboFix 11-06-13.01 - Dale Burket 06/13/2011 14:27:41.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1983.1492 [GMT -4:00]
Running from: c:\documents and settings\Dale Burket\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\lpuninstall.exe
c:\documents and settings\Dale Burket\WINDOWS
c:\documents and settings\Dale\Application Data\lpuninstall.exe
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{421c74dd-f4d0-4f8a-8371-5eb21cfa1e6c}\setup.msi
c:\windows\Downloaded Program Files\ODCTOOLS
c:\windows\system32\Cache
.
.
((((((((((((((((((((((((( Files Created from 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))))
.
.
2011-06-13 18:03 . 2011-06-13 18:03 -------- d-----w- C:\_OTL
2011-06-11 20:25 . 2011-06-11 20:25 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\SUPERAntiSpyware.com
2011-06-11 20:25 . 2011-06-11 20:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-10 02:23 . 2011-06-10 02:23 -------- d-----w- c:\program files\Windows Sidebar
2011-06-10 00:40 . 2011-06-10 00:40 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\youtube-downloader-and-converter
2011-06-10 00:40 . 2011-06-10 00:40 -------- d-----w- c:\program files\Solid YouTube Downloader and Converter
2011-06-09 16:27 . 2011-06-10 00:32 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\Toolbar4
2011-06-09 05:25 . 2011-06-09 05:25 -------- d-----w- c:\documents and settings\All Users\Application Data\MediaMonkey
2011-06-09 00:58 . 2011-06-09 00:58 -------- d-----w- c:\documents and settings\All Users\Application Data\comodo
2011-06-09 00:41 . 2011-06-11 20:29 -------- d-----w- c:\program files\SlimCleaner
2011-06-08 15:59 . 2011-06-08 15:59 -------- d-----w- C:\found.002
2011-06-08 09:49 . 2011-06-08 09:49 388096 ----a-r- c:\documents and settings\Dale Burket\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-08 02:33 . 2011-06-08 02:39 -------- d-----w- c:\documents and settings\Dale Burket\Incomplete
2011-06-08 02:31 . 2011-06-08 02:31 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\dtband
2011-06-08 02:29 . 2011-06-08 02:50 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\MP3Rocket
2011-06-08 01:10 . 2011-04-30 12:27 1736704 ----a-w- c:\windows\system32\winopt.exe
2011-06-07 20:24 . 2011-06-07 20:25 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\vlc
2011-06-04 14:30 . 2011-06-04 14:31 -------- d-----w- c:\program files\Opera Next
2011-06-03 18:36 . 2011-06-09 16:01 -------- d-----w- c:\program files\Aurora
2011-06-02 16:30 . 2011-06-08 16:25 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\QuickScan
2011-06-02 15:44 . 2011-06-08 21:50 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\Temp
2011-06-02 15:44 . 2011-06-10 23:21 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\Google
2011-06-02 13:40 . 2011-06-04 14:31 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\Opera
2011-06-02 03:24 . 2011-06-02 03:24 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\KillSwitch 2
2011-06-01 05:22 . 2011-06-01 05:22 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\SlimWare Utilities Inc
2011-06-01 03:57 . 2011-05-29 13:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-01 03:57 . 2011-06-01 03:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-01 03:57 . 2011-05-29 13:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 13:35 . 2011-05-31 13:35 -------- d-----r- C:\Sandbox
2011-05-31 04:57 . 2011-05-31 04:57 -------- d-----w- c:\program files\HitmanPro35
2011-05-30 20:51 . 2011-05-30 20:52 -------- d-----w- c:\program files\Keriver 1-Click Restore Free
2011-05-30 02:24 . 2011-05-30 02:24 -------- d-----w- c:\program files\Trend Micro
2011-05-30 01:56 . 2011-06-10 18:36 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\MediaMonkey
2011-05-30 01:55 . 2011-05-30 01:56 -------- d-----w- c:\program files\MediaMonkey
2011-05-30 01:13 . 2009-11-12 18:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-05-30 01:13 . 2011-05-30 01:13 -------- d-----w- c:\program files\CDBurnerXP
2011-05-30 01:06 . 2011-05-30 01:06 -------- d-----w- c:\program files\Sandboxie
2011-05-30 00:36 . 2011-03-18 05:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-05-30 00:36 . 2011-03-18 05:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-05-30 00:36 . 2011-03-18 05:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-05-30 00:36 . 2011-05-30 00:36 -------- d-----w- c:\windows\system32\ZoneLabs
2011-05-30 00:36 . 2011-05-30 00:36 -------- d-----w- c:\program files\Zone Labs
2011-05-30 00:35 . 2011-06-13 18:40 -------- d-----w- c:\windows\Internet Logs
2011-05-30 00:17 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-30 00:17 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-30 00:17 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-30 00:17 . 2011-05-10 12:02 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-05-30 00:17 . 2011-05-10 12:02 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-05-30 00:17 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-30 00:17 . 2011-05-10 11:59 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-05-30 00:17 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-30 00:17 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-30 00:17 . 2011-05-30 00:17 -------- d-----w- c:\program files\AVAST Software
2011-05-30 00:17 . 2011-05-30 00:17 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-05-29 23:55 . 2011-05-29 23:55 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-29 23:39 . 2011-05-29 23:54 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
2011-05-29 23:39 . 2011-05-29 23:47 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\OnlineArmor
2011-05-29 12:56 . 2011-05-29 12:56 -------- d-----w- c:\documents and settings\Dale Burket\Local Settings\Application Data\Tracker Software
2011-05-29 12:53 . 2011-05-30 01:15 -------- d-----w- c:\program files\Tracker Software
2011-05-28 16:05 . 2011-05-28 16:10 -------- d-----w- c:\program files\CCleaner
2011-05-23 12:23 . 2011-05-23 12:23 -------- d-----w- c:\program files\Lame For Audacity
2011-05-23 12:05 . 2011-06-10 18:10 -------- d-----w- c:\documents and settings\Dale Burket\Application Data\Audacity
2011-05-23 11:35 . 2011-05-23 11:35 -------- d-----w- C:\Users
2011-05-22 13:10 . 2011-05-23 11:37 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-10 18:44 . 2010-06-21 02:32 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-06-06 14:11 . 2011-05-13 20:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2010-07-04 03:47 40112 ----a-w- c:\windows\avastSS.scr
2011-05-04 08:52 . 2010-04-16 09:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 06:25 . 2011-04-24 18:00 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-03-24 409320]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-18 7585792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-18 86016]
"nwiz"="nwiz.exe" [2006-08-18 1617920]
"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2006-03-15 44032]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-18 1043968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Uninstall LastPass RunOnce.lnk - c:\documents and settings\Administrator\Application Data\lpuninstall.exe [N/A]
.
c:\documents and settings\Dale\Start Menu\Programs\Startup\
Uninstall LastPass RunOnce.lnk - c:\documents and settings\Dale\Application Data\lpuninstall.exe [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless Configuration Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk
backup=c:\windows\pss\Wireless Configuration Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
2006-05-30 23:02 40960 ----a-w- c:\program files\Hewlett-Packard\Default Settings\Cpqset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2003-12-22 13:38 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 17:08 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2006-05-04 05:58 458752 ----a-w- c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-08-11 23:30 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-11 23:30 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-06-01 14:17 5252408 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2007-10-19 18:28 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2006-07-12 04:55 102400 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 16:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-06-10 16:26 2424192 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-09-15 00:27 1015808 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-15 00:29 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YMailAdvisor]
2008-06-05 22:06 125208 ----a-w- c:\program files\Yahoo!\Common\YMailAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\HP Rhapsody\\rhapsody.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Opera Next\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
"135:TCP"= 135:TCP:DCOM(135)
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/29/2011 8:17 PM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/29/2011 8:17 PM 307928]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 2:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 2:41 PM 67656]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [9/5/2008 3:47 PM 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/29/2011 8:17 PM 19544]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [1/10/2011 10:24 AM 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [1/10/2011 10:24 AM 399416]
R2 WinOptimizer;Windows optimizer;c:\windows\system32\winopt.exe [6/7/2011 9:10 PM 1736704]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 4:30 AM 15544]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [1/6/2010 6:21 PM 594048]
S3 cpuz134;cpuz134;c:\program files\PC Wizard 2010\pcwiz_x32.sys [2/17/2011 6:35 AM 20328]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\C.tmp --> c:\windows\system32\C.tmp [?]
S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\drivers\RTL8187B.sys [9/10/2009 6:48 PM 264576]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [10/3/2002 12:57 AM 13532]
S3 speccy;speccy;\??\c:\docume~1\DALEBU~1\LOCALS~1\Temp\a54156d9-6543-4e68-9563-43e1828db4e6 --> c:\docume~1\DALEBU~1\LOCALS~1\Temp\a54156d9-6543-4e68-9563-43e1828db4e6 [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
- c:\documents and settings\Dale Burket\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-02 15:44]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
- c:\documents and settings\Dale Burket\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-02 15:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://my.netzero.net/s/sp?r=al&cf=sp&mem=daleburket&login=bd6c31f8e9242700b49b9d8b22a24e69/daleburket:netzero.net/1166992594/30/sss.9.33200/&ts=458ee4d2&A=575289550000019&B=1158130800000&C=1158130800000&D=0&I=8.NH3&N=&O=A&UT=
uInternet Settings,ProxyOverride = *.local
IE: Display All Images with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/227"
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{10DD97D5-A0E7-4B6A-B688-FFC922178FEC}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{26E47040-980D-4508-B962-680B85E2EEDD}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{A849C6F8-C640-4724-8126-6AFAF4A93112}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\documents and settings\Dale Burket\Application Data\Mozilla\Firefox\Profiles\z88e0e58.default\
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-DriverMax - c:\program files\Innovative Solutions\DriverMax\devices.exe
MSConfigStartUp-HPDJ Taskbar Utility - c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-13 14:39
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\C.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\speccy]
"ImagePath"="\??\c:\docume~1\DALEBU~1\LOCALS~1\Temp\a54156d9-6543-4e68-9563-43e1828db4e6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\sessmgr.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\rundll32.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\mqsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2011-06-13 14:48:10 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-13 18:48
.
Pre-Run: 6,562,467,840 bytes free
Post-Run: 6,327,525,376 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 022E323534CE67C27752DA61C0701D67

Edited by Sode no Shirayuki, 13 June 2011 - 07:49 PM.

  • 0

#7
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

avastsvc.exe and jqs.exe have a significantly lower number of page faults (2,045,958 and 4,483,646 respectively). Yesterday, Firefox had approximately 400,000 page faults and today it has 2,709,450 (steadily climbing). The Somoto Toolbar registry and Internet Explorer entries have been successfully removed. The following registry entries still exist:

AMOVIE.ActiveMovie Control
AMOVIE.ActiveMovie Control.1
AMOVIE.ActiveMovie Control.2
AMOVIE.ActiveMovieControl
AMOVIE.ActiveMovieControl.1
AMOVIE.ActiveMovieControl.2
AMtoolbar.AMtoolbar
AMtoolbar.AMtoolbar.1

I'm not really seeing those entries in your logs, so I can't script them out to be removed.

____________________________________________________

Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#8
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
-Notes-

Windows wants to perform automatic updates - Should I allow it to? The ESET Online Scan took approximately 1 hr. 45 mins. to scan approximately 70,000 files - Is this normal? The number of page faults avastsvc.exe and jqs.exe are producing skyrocketed (to 18,375,282 and 8,854,430 respectively).

Edit: I just woke my computer up from Hibernation and it has 70 processes running now instead of the usual 59-60. Some processes keep reappearing and disappearing. Other processes are consuming a lot of my CPU making my total 100%. The following are some of the processes:

mofcomp.exe
ngen.exe
wmiadap.exe
msiexec.exe
update.exe
mscorsvw.exe
install.exe
mrtstub.exe
mrt.exe
MSIPatchRegFix-X86.exe
HotFixInstaller.exe
NDP20SP2-KB2518864-x86.exe
NMSAccessU.exe
DPCs

Edit: My computer just finished performing automatic updates - I thought that may have been the reason I had the extra processes and why those processes were consuming so much CPU but I was not sure because Windows had not given me any other sign it was updating (just the extra processes maxing CPU). My computer has returned to using about 10-30% CPU, 21-23% Commit Charge and 61-66% Physical Usage as well as running 58-60 processes. I currently have Firefox running with about 20 tabs open so this is pretty normal for me.


-Malwarebytes'-

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6858

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/14/2011 5:50:31 PM
mbam-log-2011-06-14 (17-50-31).txt

Scan type: Quick scan
Objects scanned: 180552
Time elapsed: 35 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


-ESET Online Scanner-

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP81\A0012082.exe Win32/Toolbar.Zugo application


-Security Check-

Results of screen317's Security Check version 0.99.13
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
avast! Free Antivirus
ESET Online Scanner v3
ZoneAlarm
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
SlimCleaner
Auslogics Registry Cleaner
Java™ 6 Update 26
Adobe Flash Player 10.3.181.22
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
Zone Labs ZoneAlarm zlclient.exe
``````````End of Log````````````

Edited by Sode no Shirayuki, 15 June 2011 - 09:43 AM.

  • 0

#9
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

The ESET Online Scan took approximately 1 hr. 45 mins. to scan approximately 70,000 files - Is this normal? The number of page faults avastsvc.exe and jqs.exe are producing skyrocketed (to 18,375,282 and 8,854,430 respectively).

Yes, that's normal.

The threat found by ESET will be removed when we clean-up our tools later.

OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.

  • 0

#10
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
-OTL Scan-

OTL logfile created on: 6/15/2011 3:44:23 PM - Run 4
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Dale Burket\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.59% Memory free
3.72 Gb Paging File | 3.31 Gb Available in Paging File | 89.05% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 5.28 Gb Free Space | 8.52% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.08 Gb Free Space | 9.46% Space Free | Partition Type: FAT32

Computer Name: DALESLAPTOP | User Name: Dale Burket | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () -- C:\WINDOWS\system32\winopt.exe
PRC - [2011/03/24 07:24:36 | 000,409,320 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 10:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/08/09 08:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/08/18 04:00:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2006/08/18 04:00:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/17 21:41:01 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/30 08:27:40 | 001,736,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\winopt.exe -- (WinOptimizer)
SRV - [2011/03/24 07:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/01/10 10:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 10:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Apps\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/24 07:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/09/01 04:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/25 15:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 15:45:28 | 000,037,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/06 18:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 15:37:58 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/18 23:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/07/19 00:40:08 | 000,264,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/08/29 14:12:28 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/08/29 14:11:08 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/08/29 14:10:56 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 08:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/01 20:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/16 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/16 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/03/05 19:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/03/02 20:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/02 20:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/01/26 20:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/11/16 00:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/10/31 22:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/31 21:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/03 00:57:12 | 000,013,532 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Components: C:\Program Files\Aurora\components [2011/06/14 20:21:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Aurora 6.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2011/06/03 14:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Extensions
[2011/06/12 17:21:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla\Firefox\Profiles\z88e0e58.default\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\DALE BURKET\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z88E0E58.DEFAULT\EXTENSIONS\[email protected]
[2011/04/24 14:00:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/06/13 14:38:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://dcode.suppor...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/ch...urce/ImlCID.cab (imlUCID Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\DOCUMENTS AND SETTINGS\DALE BURKET\DESKTOP\UNUSED DESKTOP SHORTCUTS\PROCESS EXPLORER\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/15 15:40:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/15 10:55:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/14 20:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/14 20:23:27 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Dale Burket\Desktop\esetsmartinstaller_enu.exe
[2011/06/13 14:25:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/13 14:22:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/06/13 14:22:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/06/13 14:22:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/06/13 14:22:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/06/13 14:22:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/13 14:22:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/13 14:14:02 | 004,120,909 | R--- | C] (Swearware) -- C:\Documents and Settings\Dale Burket\Desktop\ComboFix.exe
[2011/06/13 14:03:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/12 16:24:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/11 16:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware.com
[2011/06/11 16:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/11 16:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/10 19:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\Google Chrome
[2011/06/09 22:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Solid YouTube Downloader and Converter
[2011/06/09 20:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\youtube-downloader-and-converter
[2011/06/09 20:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Solid YouTube Downloader and Converter
[2011/06/09 12:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Toolbar4
[2011/06/09 01:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2011/06/09 00:58:09 | 011,978,408 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 20:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2011/06/08 20:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SlimCleaner
[2011/06/08 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2011/06/08 11:59:13 | 000,000,000 | ---D | C] -- C:\found.002
[2011/06/07 23:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\HiJackThis
[2011/06/07 22:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Incomplete
[2011/06/07 22:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2011/06/07 22:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2011/06/07 19:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\DreamVideoSoft
[2011/06/07 16:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\vlc
[2011/06/07 16:24:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/06/04 10:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next
[2011/06/03 14:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Mozilla
[2011/06/03 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2011/06/02 12:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/06/02 11:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Temp
[2011/06/02 11:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Opera
[2011/06/02 09:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2011/06/01 23:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2011/06/01 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\COMODO Cleaning Essentials
[2011/06/01 11:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 01:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\SlimWare Utilities Inc
[2011/05/31 23:57:49 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/31 23:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/31 23:57:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/31 23:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/31 09:35:12 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/05/31 00:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro35
[2011/05/30 16:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Keriver 1-Click Restore Free
[2011/05/30 16:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Keriver 1-Click Restore Free
[2011/05/29 22:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/29 22:18:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dale Burket\Recent
[2011/05/29 21:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MediaMonkey
[2011/05/29 21:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\MediaMonkey
[2011/05/29 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2011/05/29 21:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PDF-XChange
[2011/05/29 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/05/29 21:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2011/05/29 20:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\My Documents\New Folder
[2011/05/29 20:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/05/29 20:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/05/29 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/05/29 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/05/29 20:17:49 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/29 20:17:49 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/29 20:17:49 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/29 20:17:49 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/29 20:17:49 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/29 20:17:49 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/29 20:17:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/29 20:17:49 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/29 20:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/29 20:17:35 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/29 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2011/05/29 19:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/05/29 08:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Tracker Software
[2011/05/29 08:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011/05/28 12:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/28 12:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/23 08:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2011/05/23 08:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2011/05/23 07:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dale Burket\Desktop\Music
[2011/05/23 07:35:34 | 000,000,000 | ---D | C] -- C:\Users
[2011/05/22 09:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)

========== Files - Modified Within 30 Days ==========

[2011/06/15 14:49:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/15 11:49:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/15 11:29:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/15 11:27:28 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/15 11:26:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/15 11:26:40 | 2078,912,512 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/15 11:11:29 | 000,455,658 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 11:11:29 | 000,075,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/15 11:01:13 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/14 22:31:53 | 000,879,099 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\SecurityCheck.exe
[2011/06/14 22:07:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/14 20:23:48 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Dale Burket\Desktop\esetsmartinstaller_enu.exe
[2011/06/13 14:38:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/13 14:25:15 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/06/13 14:21:43 | 000,001,946 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011/06/13 14:14:03 | 004,120,909 | R--- | M] (Swearware) -- C:\Documents and Settings\Dale Burket\Desktop\ComboFix.exe
[2011/06/12 16:24:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dale Burket\Desktop\OTL.exe
[2011/06/12 16:24:13 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RKUnhookerLE.EXE
[2011/06/12 01:13:13 | 004,514,991 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\love&joy.vmd
[2011/06/11 16:29:19 | 000,002,231 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/11 16:25:36 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 19:21:59 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/10 14:44:22 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/09 20:40:06 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 00:58:29 | 011,978,408 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\Dale Burket\Desktop\winamp561_full_emusic-7plus_en-us.exe
[2011/06/08 05:52:30 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to Yugioh Virtual Desktop 9_1.exe.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 22:16:12 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/07 16:24:05 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/04 10:31:01 | 000,001,541 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 19:03:04 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences2.dat
[2011/06/02 19:03:04 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagex_runescape_preferences.dat
[2011/06/02 18:50:31 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Dale Burket\jagexappletviewer.preferences
[2011/06/01 11:36:10 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:11 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:30:53 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2011/05/29 21:15:10 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:16 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 20:37:14 | 000,420,800 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:36:52 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:17:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/29 20:17:49 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/28 12:19:11 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk

========== Files Created - No Company Name ==========

[2011/06/15 10:51:10 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/06/14 22:31:53 | 000,879,099 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\SecurityCheck.exe
[2011/06/13 14:25:15 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2011/06/13 14:25:12 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/06/13 14:22:44 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/13 14:22:44 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/13 14:22:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/13 14:22:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/13 14:22:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/12 16:24:04 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RKUnhookerLE.EXE
[2011/06/12 01:13:07 | 004,514,991 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\love&joy.vmd
[2011/06/11 16:25:36 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 19:21:59 | 000,002,308 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/10 19:21:58 | 000,002,330 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Google Chrome.lnk
[2011/06/09 20:40:06 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Solid YouTube Downloader and Converter.lnk
[2011/06/09 13:34:26 | 2078,912,512 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/08 20:41:46 | 000,002,231 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimCleaner.lnk
[2011/06/08 05:49:29 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HiJackThis.lnk
[2011/06/07 21:10:56 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\winopt.exe
[2011/06/07 16:24:05 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/05 18:24:25 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\HitmanPro 3.5.lnk
[2011/06/04 10:31:01 | 000,001,547 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera Next.lnk
[2011/06/04 10:31:00 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera Next.lnk
[2011/06/03 14:36:10 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Aurora.lnk
[2011/06/03 14:36:10 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aurora.lnk
[2011/06/02 11:44:07 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005UA.job
[2011/06/02 11:44:07 | 000,000,950 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3909528348-297803119-1053140754-1005Core.job
[2011/06/01 11:36:10 | 000,002,083 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Start Menu\Programs\RuneScape
[2011/06/01 11:36:09 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\RuneScape.lnk
[2011/05/31 23:57:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 16:51:55 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keriver 1-Click Restore Free.lnk
[2011/05/29 21:56:10 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2011/05/29 21:51:07 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Shortcut to DnsJumper.lnk
[2011/05/29 21:15:10 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDF-XChange Viewer.lnk
[2011/05/29 21:13:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2011/05/29 21:13:24 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2011/05/29 21:13:23 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Sandboxed Web Browser.lnk
[2011/05/29 21:06:28 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/29 21:06:26 | 000,001,946 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011/05/29 20:36:52 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/29 20:36:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\ZoneAlarm Security.lnk
[2011/05/29 20:36:34 | 000,420,800 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/05/29 20:17:49 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/28 12:19:11 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Auslogics Registry Cleaner.lnk
[2011/05/28 12:05:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\CCleaner.lnk
[2011/05/23 07:37:09 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/05/23 07:37:09 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/02/08 04:59:37 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\FixVTS.ini
[2010/06/26 00:57:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\wklnhst.dat
[2010/06/26 00:38:38 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2010/06/20 22:32:42 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/05/20 19:35:52 | 000,788,256 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\prvlcl.dat
[2010/04/01 11:02:47 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2010/02/19 18:15:48 | 000,000,262 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\burnaware.ini
[2009/10/29 15:38:10 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2009/10/29 15:38:09 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/30 21:38:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/15 17:41:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/09/15 17:10:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/09/06 11:44:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/06/30 03:27:42 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/06/30 03:27:27 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/26 15:00:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/20 19:26:24 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2009/01/05 20:32:46 | 000,007,068 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2009/01/05 20:31:09 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/09/05 15:49:47 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/03/05 18:38:08 | 001,457,024 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2007/11/18 16:22:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\imlCID.dll
[2007/09/01 21:41:48 | 000,002,715 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/08 16:18:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/02/04 19:53:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2007/01/21 18:14:45 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Application Data\enigmarc.lua2
[2007/01/13 18:06:03 | 000,000,416 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/01/09 17:26:39 | 000,000,049 | ---- | C] () -- C:\WINDOWS\quizisam.ini
[2007/01/09 17:00:12 | 000,000,090 | ---- | C] () -- C:\WINDOWS\MVPSPADE.INI
[2007/01/09 16:01:30 | 000,001,639 | ---- | C] () -- C:\WINDOWS\yahtzee.ini
[2007/01/09 15:52:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\WW&W.ini
[2006/12/24 13:08:58 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/24 08:52:58 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dale Burket\Local Settings\Application Data\fusioncache.dat
[2006/09/21 02:20:37 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/21 02:15:52 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/09/21 02:15:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/21 02:01:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/21 01:49:44 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/18 04:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 04:00:00 | 001,617,920 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/18 04:00:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 04:00:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/18 04:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 04:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 04:00:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/18 04:00:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/18 04:00:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/29 15:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 15:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 14:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 14:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 14:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 14:27:08 | 000,455,658 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 14:27:08 | 000,075,266 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 14:18:06 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 14:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 03:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/05/05 22:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/03 03:50:56 | 000,004,460 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/02/11 14:39:07 | 000,000,316 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D81EDBF9-D167-4011-B77D-211DF920EB80

========== LOP Check ==========

[2010/09/29 21:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/07/03 23:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/29 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/09/11 12:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2010/02/19 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/07/10 03:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2009/10/03 13:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/09/24 16:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2010/06/20 22:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/05/13 21:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 05:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ISPCOMP
[2010/11/25 06:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2011/06/09 01:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2007/02/04 21:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2009/05/30 11:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/10/02 18:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2011/02/17 15:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Privacyware
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2009/09/30 19:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/09/15 21:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/05/20 19:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2011/02/18 11:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/01 04:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/06/26 01:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/11/22 23:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/08/31 17:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2
[2010/12/03 14:36:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2008/10/06 20:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/02/19 03:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/11 12:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/06/24 21:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Abine
[2010/09/29 21:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Acronis
[2011/06/10 14:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Audacity
[2010/09/25 20:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Auslogics
[2009/09/26 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\blg
[2009/09/15 19:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\BrandX Games
[2009/09/15 17:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Camel101
[2010/02/19 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Canneverbe Limited
[2010/11/30 12:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\CBS Interactive
[2009/09/07 18:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\cerasus.media
[2011/06/07 22:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\dtband
[2009/09/20 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Flood Light Games
[2011/03/19 22:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\G DATA
[2009/09/09 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gogii Games
[2009/09/17 23:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Gold Casual Games
[2011/02/03 03:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\inkscape
[2010/11/30 11:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\IObit
[2011/06/01 23:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\KillSwitch 2
[2006/12/30 08:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Leadertech
[2007/01/01 06:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Learn2.com
[2009/09/06 12:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Meridian93
[2011/03/26 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Miranda
[2011/06/07 22:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\MP3Rocket
[2007/02/04 21:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\muvee Technologies
[2010/06/25 02:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Netscape
[2011/05/29 19:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor
[2011/02/18 10:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OnlineArmor(3)
[2010/12/03 17:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\OpenOffice.org
[2011/06/04 10:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Opera
[2010/06/26 00:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Otto
[2009/09/06 17:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\PlayFirst
[2009/09/09 14:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Playrix Entertainment
[2011/04/28 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QFX Software
[2011/06/08 12:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\QuickScan
[2011/02/08 06:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\RipIt4Me
[2009/09/17 14:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Shape games
[2011/05/29 19:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SUPERAntiSpyware(2).com
[2009/09/06 11:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\SystemRequirementsLab
[2011/06/09 20:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\Toolbar4
[2010/12/01 04:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\TuneUp Software
[2010/07/08 01:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\VirtualStore
[2009/09/15 17:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildGames 3 Days Zoo Mystery
[2010/11/23 02:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangent
[2009/09/01 13:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1001
[2009/09/14 16:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WildTangentv1005
[2010/11/17 20:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\WordWeb
[2011/04/26 09:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\X-Chat 2
[2011/06/09 20:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dale Burket\Application Data\youtube-downloader-and-converter

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Aurora\uninstall\helper.exe" /HideShortcuts [2011/06/14 20:21:46 | 000,705,620 | ---- | M] (mozilla.org)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Aurora\uninstall\helper.exe" /ShowShortcuts [2011/06/14 20:21:46 | 000,705,620 | ---- | M] (mozilla.org)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Aurora\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/14 20:21:46 | 000,705,620 | ---- | M] (mozilla.org)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Aurora\firefox.exe [2011/06/14 20:21:47 | 000,778,240 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Aurora\firefox.exe" -preferences [2011/06/14 20:21:47 | 000,778,240 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Aurora\firefox.exe" -safe-mode [2011/06/14 20:21:47 | 000,778,240 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/09 03:56:24 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/09 03:56:24 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/09 03:56:24 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Dale Burket\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/06/09 03:56:24 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaNext\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera Next\Opera.exe" /ShowIconsCommand [2011/06/04 10:30:57 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaNext\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera Next\Opera.exe" /HideIconsCommand [2011/06/04 10:30:57 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaNext\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera Next\Opera.exe" /ReInstallBrowser [2011/06/04 10:30:57 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaNext\shell\open\command\\: "C:\Program Files\Opera Next\Opera.exe" [2011/06/04 10:30:57 | 000,941,936 | ---- | M] (Opera Software)

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
"AUOptions" = 4
"AutoInstallMinorUpdates" = 1
"NoAutoUpdate" = 0

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-15 15:12:08

< End of report >
  • 0

Advertisements


#11
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

Your logs appear to be clean, so if you have no further issues with your computer, then please proceed with the following housekeeping procedures outlined below.



Time for some housekeeping
The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK: ComboFix /Uninstall



NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Commands
    [ClearAllRestorePoints]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



OTL Clean-Up

We Need to Clean Up our Mess
Our work on your machine has left considerable leftovers on your box. Let's clean those up real quick:
  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


NEXT:



All Clean Speech

===> Make sure you've re-enabled any Security Programs that we may have disabled during the malware removal process. <===



Below I have included a number of recommendations for how to protect your computer against malware infections.


Updated Anti-Virus Program
It's essential that you have an updated anti-virus program running on your computer. You don't want to run more than one as it can cause program conflicts, as well as false positives

You can view an excellent list of Free Security Software programs that has been compiled by GeekstoGo.


Avoid P2P Programs

Remember that no matter how clean the program you're using for peer-to-peer filesharing may be, it offers no guarantees regarding the cleanliness of files you may choose to download. All files available via p2p filesharing carry a high risk, particularly those that offer you illegitimate methods of using legitimate software programs without paying for them. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

If you have any of these programs installed then I highly suggest you uninstall them.

NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


Internet Browsers

Many of the users that I assist here on the forums, ask me which programs they can use to prevent themselves from getting infected again in the future. The best answer I can give you is too practice safe browsing.

Please consider using an alternative browser such as Google Chrome or Opera. They are both much more secure than Internet Explorer, immune to almost all known browser hijackers, and also have great built-in pop-up blockers.

I also suggest you make your Internet Explore more secure.


Make Internet Explorer more secure

  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.



Extra Goodies

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    then consider a password keeper, to keep all your passwords safe.
  • Keep Windows updated by regularly checking their website at: http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.
  • You should run an updated scan with MalwareBytes' Anti-Malware weekly. Instructions are included below:

    • Open Malwarebytes' Anti-Malware
    • Select the Update tab
    • Click Check for Updates

  • Be weary of e-mails from unknown senders. Keep the following in mind as well: If it's to good to be true, then it more than likely is.

  • FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for Chrome and Opera.
  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    Think Prevention.
    PC Safety and Security--What Do I Need?.
**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Cheers,
SweetTech.
  • 0

#12
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
-OTl Fix-

========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.24.0 log created on 06152011_163351

Running Cleanup...
  • 0

#13
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
:)
  • 0

#14
Sode no Shirayuki

Sode no Shirayuki

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 181 posts
Cleanup successful.

-Last Notes-

What should I do about the AMOVIE registry entries? Is it okay to just leave them alone?

When I open Google Chrome, 4 instances of 'chrome.exe' appear in my Task Manager - I can't recall this ever happening before.

Edited by Sode no Shirayuki, 15 June 2011 - 02:51 PM.

  • 0

#15
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts

What should I do about the AMOVIE registry entries? Is it okay to just leave them alone?

Yeah, I'd leave them alone.


When I open Google Chrome, 4 instances of 'chrome.exe' appear in my Task Manager - I can't recall this ever happening before.

I don't think that's anything to worry about. I usually always have more than one Chrome.exe process when I have Google Chrome open.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP