Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Multiple Infections limiting internet access


  • Please log in to reply

#1
AZCMer

AZCMer

    Member

  • Member
  • PipPipPip
  • 108 posts
I came home from a short outing tonight and found my computer off. Thinking the storm had knocked out the power, I booted it up and as it came up, it began acting differently.

First off, a window opened asking for a program to open a file called 'The'. I backed out of that. Next, McAfee asked permission to give internet access to a program called csrss.exe located in the Temp folder. I denied that.

Next, I saw the window open (I forget what it is called) that is black background and the user types in commands that looks like the old DOS window. That went away on its own, but now I'm really concerned.

Then, McAfee starts with the popups saying it has found a trojan and that happened about 5 times, quarantining each one.

I ran MBam and that came up with 15 trojans: Trojan.backdoor.gen, Spyware.Passwords.XGen, Trojan.Tracur.Gen, Trojan.BHO.Agent, Trojan.Agent. There were several copies of each. I then allowed MBam to disinfect the system, rebooted, and tried going online and found out all my settings for firefox and IE were changed to a manual proxy.

I then came here and downloaded OTL and am hoping, with the help of the brilliant folks here, that my system will recover.


OTL logfile created on: 7/4/2011 10:38:27 PM - Run 5
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\The Reeve Family\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.10 Gb Available Physical Memory | 71.27% Memory free
17.47 Gb Paging File | 15.41 Gb Available in Paging File | 88.23% Paging File free
Paging file location(s): c:\pagefile.sys 12000 18000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 149.98 Gb Free Space | 25.68% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.86 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
Drive E: | 638.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FAMILYCOMPUTER | User Name: The Reeve Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
PRC - [2011/06/22 13:49:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/11/18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/02/27 19:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2006/06/10 02:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE


========== Modules (SafeList) ==========

MOD - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 05:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/07/13 18:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/13 18:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009/07/13 18:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/12/03 20:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Disabled | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/11/23 15:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 15:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/07 20:07:04 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/08 13:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/14 09:33:14 | 002,746,624 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV:64bit: - [2010/01/26 17:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010/01/24 22:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/01/18 16:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/14 10:02:20 | 000,027,304 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/07/31 00:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/12 09:03:34 | 000,651,776 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/09/12 09:03:34 | 000,539,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/02/16 10:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 53 42 69 02 3F 6C 5B 47 A4 F6 3F 80 3B A0 8A 10 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57131

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:11.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57131
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF:64bit: - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF:64bit: - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]

[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions
[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions
[2010/10/26 07:37:55 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2011/06/21 12:57:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/06/21 12:22:23 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\[email protected]
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\staged-xpis
[2010/09/22 10:01:11 | 000,002,160 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage-https.xml
[2010/09/22 10:00:52 | 000,002,152 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage.xml
[2011/06/06 07:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/27 08:40:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\THE REEVE FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5OIDU41J.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2011/06/22 13:49:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/27 08:40:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/06/03 09:50:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [L07AXLRD_2063144] C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - Startup: C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: grillflame.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (C:\ProgramData\fontsub32.dll) - C:\ProgramData\fontsub32.dll (wpcubed GmbH)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/05 14:49:18 | 000,000,038 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 14:40:32 | 000,383,760 | R--- | M] (Hewlett-Packard Development Company, L.P.) - E:\autorun.exe -- [ CDFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/04 22:36:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 22:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/04 21:47:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{09813E2E-E649-43D5-9C83-1034535E2211}
[2011/07/04 08:24:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{14EE15DE-B647-4CFE-877C-B5147AFD8E34}
[2011/07/03 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Tessera
[2011/07/03 10:43:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{68815A40-4632-4D21-B5AF-A53F5BB6E6AB}
[2011/07/02 22:42:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BC9A2AA9-20B6-4229-A06C-943D2DBF3363}
[2011/07/02 10:42:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E11879CA-159B-44FC-AF84-8441BC5BD68B}
[2011/07/01 22:41:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DA88F99F-E4C3-41E1-B2F1-013F73129722}
[2011/07/01 22:30:25 | 000,162,304 | -HS- | C] (wpcubed GmbH) -- C:\ProgramData\fontsub32.dll
[2011/07/01 10:41:21 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3E315E8E-4283-44BC-A089-B673C307161B}
[2011/06/30 22:40:57 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D01CE36F-4D98-4CCA-BECE-5B69E29EA32F}
[2011/06/30 10:40:31 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{969B14D4-C7DC-4AE8-89A6-65BD888136F5}
[2011/06/29 22:40:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7C999F0B-D100-41D0-AB25-4398247900DA}
[2011/06/29 10:39:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{ACAF3ABA-56D6-465E-8A6E-C76693E9D588}
[2011/06/28 20:44:18 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6A15B529-C6EE-45AA-A4DD-0746C01A220D}
[2011/06/28 08:43:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37DF5E25-631D-429C-A045-0D4F715BF42B}
[2011/06/23 22:25:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{84563D6E-C229-4DE1-BBAC-C20B14EE2E2C}
[2011/06/23 16:49:34 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2011/06/23 10:24:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E9BA431D-0E75-4BA1-A9F3-A9D1F17EA8E8}
[2011/06/23 10:24:13 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F899E2D2-03BF-4105-A8B9-3FD158688961}
[2011/06/22 22:23:59 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF131A69-7E87-4C53-A629-1AB520DA7864}
[2011/06/22 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{5E32E665-D79E-4048-B1C3-38292B139A2E}
[2011/06/22 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{017AFCB8-4351-4C14-A6B5-B0A1DAD82551}
[2011/06/21 20:20:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{385B4D43-993C-4AA3-8AB3-BB93BD56E1C8}
[2011/06/21 13:57:12 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/21 13:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/21 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/21 06:51:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BE4F6FF7-A784-4CD1-930D-A13BF362E422}
[2011/06/20 23:37:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2011/06/20 23:30:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\CANON_INC
[2011/06/20 21:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2011/06/20 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/06/20 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/06/20 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2011/06/20 12:16:51 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7E059AD-F750-4504-B2C6-9CC39BED1B77}
[2011/06/19 21:51:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DB4107A7-051C-4B2E-BE0B-BDE6B8618E2E}
[2011/06/19 21:51:09 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6F7FE07F-D539-4795-A3E0-D82AD07B979C}
[2011/06/19 18:56:07 | 099,204,560 | ---- | C] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/19 09:50:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E1478DFF-29B3-4FE6-B2BB-1B88950FB4B3}
[2011/06/19 09:50:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FAB34C23-9FA5-4A02-AF57-33A9894305B1}
[2011/06/18 21:49:50 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{125BF580-7436-42AE-8099-F488522B6C7C}
[2011/06/18 21:49:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0730C24-03D0-4361-BC05-D0F3BEEE6529}
[2011/06/18 09:49:04 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6986AF01-268B-4909-9D7D-5F39C40212F0}
[2011/06/18 09:48:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D906A3DE-22A2-4A90-BF76-C38600C01DBD}
[2011/06/17 21:48:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7A63BA67-E729-4535-98C5-D37DC1EA58C9}
[2011/06/17 21:47:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{4CA2CBB3-39CA-4DA3-A279-85FA312B6CA3}
[2011/06/17 09:47:38 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{947394BC-05D6-447E-8DFF-6533192A6D00}
[2011/06/17 09:47:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CD78352B-B0F6-45C2-B1A5-320F265FB1BF}
[2011/06/16 18:31:36 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C796E4B3-8A03-4F0F-9E54-8B44E4A46F32}
[2011/06/16 18:31:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C0957675-B30C-45BA-9FB8-558EE8AC5734}
[2011/06/16 06:30:40 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{59CBAAD0-6460-4EB7-B732-D4D28D4EA6E3}
[2011/06/15 11:12:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9BC10DA1-B747-4B92-ABC8-36C61782A2FC}
[2011/06/15 11:12:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3ED35803-50CB-4FE0-8547-31EF1E5AB034}
[2011/06/14 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0C9473F-B9BC-4949-A29C-D70CEA0B5C56}
[2011/06/14 11:11:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{24923A50-21A4-4237-BD65-354E9CF900EF}
[2011/06/12 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B566527D-DF0F-4218-B000-2563EA10B25D}
[2011/06/12 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F28B2D74-271C-4B59-B883-F63B8A4DDCE0}
[2011/06/12 07:32:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30D699D8-198D-49AB-A632-8A8112546BB5}
[2011/06/11 21:16:09 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/11 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF092D8E-8D10-40C2-81AE-1EE8DD98122E}
[2011/06/10 22:24:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6620FE5C-9524-4BBD-9E1C-AC5F57C582E9}
[2011/06/10 10:23:33 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7189F080-7420-4597-8C59-1AF10BB5AD42}
[2011/06/10 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F2230BC0-629E-4B3F-9E25-EE2394F74B10}
[2011/06/10 09:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/09 22:22:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30DBB548-7EF7-48F6-B4B2-6846582D4B4A}
[2011/06/09 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CCC9D8C6-F1CA-4A9F-A7E2-3487930114EB}
[2011/06/08 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{51496CD1-1A5F-446B-8B40-BC8796D66E55}
[2011/06/08 09:17:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7B284F0-D54A-42BF-BA26-9168D2B17A32}
[2011/06/08 09:17:08 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{209626BC-CDF1-4A14-82A0-7D3977C20D8D}
[2011/06/07 21:16:15 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B57FC191-C26A-47B8-BF8C-E70BE0DB9652}
[2011/06/07 21:16:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{50FB5BFC-369E-4C14-ABEC-B52158C8D996}
[2011/06/07 09:15:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{A08F840A-B51B-49B2-B1B3-5BCEE8ACA713}
[2011/06/07 09:14:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D59B9151-2510-46B4-AFB5-03EB40C118A8}
[2011/06/06 21:14:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{8B3507FF-535E-48A4-A313-27777B6A5614}
[2011/06/06 21:13:56 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37619C89-A371-433C-AFA5-1812C5BE29FB}
[2011/06/06 09:13:12 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B5EB47E8-2F60-469F-A6CC-E3DE52D8D8A1}
[2011/06/06 09:13:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CEB9B8BC-9510-4125-946B-EBA2A879C41C}
[2011/06/05 21:12:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D3E0CD66-53D4-4FA8-9F1C-268479943183}
[2011/06/05 09:11:41 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{0A11161F-3C2B-4F7C-84DA-FF0CF01A4137}
[2011/06/05 09:11:31 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{0F2E5491-0D5F-437C-B0E5-DC31881A92B7}

========== Files - Modified Within 30 Days ==========

[2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 22:19:50 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/04 22:19:50 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/04 22:12:44 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/07/04 22:12:27 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForThe Reeve Family.job
[2011/07/04 22:12:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/04 22:12:20 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 21:56:57 | 000,006,102 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/04 21:46:59 | 000,000,106 | ---- | M] () -- C:\Windows\SysWow64\573779942
[2011/07/01 22:30:27 | 000,162,304 | -HS- | M] (wpcubed GmbH) -- C:\ProgramData\fontsub32.dll
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/06/29 11:24:46 | 000,001,092 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2011/06/29 08:23:03 | 000,377,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/24 08:21:44 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 08:21:44 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 08:21:44 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/23 18:00:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\file.ext
[2011/06/21 13:57:12 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 07:59:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p04].bmp
[2011/06/20 21:21:41 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/19 18:57:18 | 099,204,560 | ---- | M] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/17 10:26:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0004]-[p04].bmp
[2011/06/16 17:04:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/14 11:18:20 | 000,001,854 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\GhostObjGAFix.xml
[2011/06/11 21:16:22 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/08 07:09:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p149].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p148].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p147].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p146].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p145].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p144].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p143].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p142].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p141].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p140].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p139].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p138].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p137].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p136].bmp
[2011/06/08 00:22:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p135].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p134].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p133].bmp
[2011/06/08 00:22:09 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p132].bmp
[2011/06/08 00:22:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p131].bmp
[2011/06/08 00:22:07 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p130].bmp
[2011/06/08 00:22:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p129].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p128].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p127].bmp
[2011/06/08 00:22:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p126].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p125].bmp
[2011/06/08 00:22:02 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p124].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p123].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p122].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p121].bmp
[2011/06/08 00:21:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p120].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p119].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p118].bmp
[2011/06/08 00:21:57 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p117].bmp
[2011/06/08 00:21:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p116].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p115].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p114].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p113].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p112].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p111].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p110].bmp
[2011/06/08 00:21:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p109].bmp
[2011/06/08 00:21:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p108].bmp
[2011/06/08 00:21:49 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p107].bmp
[2011/06/08 00:21:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p106].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p105].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p104].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p103].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p102].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p101].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p100].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p99].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p98].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p97].bmp
[2011/06/08 00:21:41 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p96].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p95].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p94].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p93].bmp
[2011/06/08 00:21:38 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p92].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p91].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p90].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p89].bmp
[2011/06/08 00:21:35 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p88].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p87].bmp
[2011/06/08 00:21:33 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p86].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p85].bmp
[2011/06/08 00:21:31 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p84].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p83].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p82].bmp
[2011/06/08 00:21:29 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p81].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p80].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p79].bmp
[2011/06/08 00:21:27 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p78].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p77].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p76].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p75].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p74].bmp
[2011/06/08 00:21:24 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p73].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p72].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p71].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p70].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p69].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p68].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p67].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p66].bmp
[2011/06/08 00:21:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p65].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p64].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p63].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p62].bmp
[2011/06/08 00:21:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p61].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p60].bmp
[2011/06/08 00:21:14 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p59].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p58].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p57].bmp
[2011/06/08 00:21:12 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p56].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p55].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p54].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p53].bmp
[2011/06/08 00:21:09 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p52].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p51].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p50].bmp
[2011/06/08 00:21:07 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p49].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p48].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p47].bmp
[2011/06/08 00:21:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p46].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p45].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p44].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p43].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p42].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p41].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p40].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p39].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p38].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p37].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p36].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p35].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p34].bmp
[2011/06/08 00:20:57 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p33].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p32].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p31].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p30].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p29].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p28].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p27].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p26].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p25].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p24].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p23].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p22].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p21].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p20].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p19].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p18].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p17].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p16].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p15].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p14].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p13].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p12].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p11].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p10].bmp
[2011/06/08 00:20:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p09].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p08].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p07].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p06].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p05].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p04].bmp
[2011/06/08 00:20:39 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p03].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p02].bmp
[2011/06/07 22:52:07 | 000,479,438 | ---- | M] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf
[2011/06/06 07:24:59 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/07/02 22:32:56 | 000,006,102 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/01 22:30:14 | 000,000,106 | ---- | C] () -- C:\Windows\SysWow64\573779942
[2011/06/22 10:22:41 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/21 13:57:12 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 07:59:16 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p04].bmp
[2011/06/20 21:21:41 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/10 09:40:44 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/08 00:36:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p149].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p148].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p147].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p146].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p145].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p144].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p143].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p142].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p141].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p140].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p139].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p138].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p137].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p136].bmp
[2011/06/08 00:22:11 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p135].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p134].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p133].bmp
[2011/06/08 00:22:09 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p132].bmp
[2011/06/08 00:22:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p131].bmp
[2011/06/08 00:22:07 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p130].bmp
[2011/06/08 00:22:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p129].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p128].bmp
[2011/06/08 00:22:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p127].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p126].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p125].bmp
[2011/06/08 00:22:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p124].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p123].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p122].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p121].bmp
[2011/06/08 00:21:59 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p120].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p119].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p118].bmp
[2011/06/08 00:21:57 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p117].bmp
[2011/06/08 00:21:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p116].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p115].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p114].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p113].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p112].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p111].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p110].bmp
[2011/06/08 00:21:51 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p109].bmp
[2011/06/08 00:21:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p108].bmp
[2011/06/08 00:21:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p107].bmp
[2011/06/08 00:21:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p106].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p105].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p104].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p103].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p102].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p101].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p100].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p99].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p98].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p97].bmp
[2011/06/08 00:21:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p96].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p95].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p94].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p93].bmp
[2011/06/08 00:21:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p92].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p91].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p90].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p89].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p88].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p87].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p86].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p85].bmp
[2011/06/08 00:21:31 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p84].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p83].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p82].bmp
[2011/06/08 00:21:29 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p81].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p80].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p79].bmp
[2011/06/08 00:21:27 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p78].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p77].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p76].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p75].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p74].bmp
[2011/06/08 00:21:24 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p73].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p72].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p71].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p70].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p69].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p68].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p67].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p66].bmp
[2011/06/08 00:21:19 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p65].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p64].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p63].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p62].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p61].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p60].bmp
[2011/06/08 00:21:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p59].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p58].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p57].bmp
[2011/06/08 00:21:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p56].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p55].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p54].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p53].bmp
[2011/06/08 00:21:09 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p52].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p51].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p50].bmp
[2011/06/08 00:21:07 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p49].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p48].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p47].bmp
[2011/06/08 00:21:05 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p46].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p45].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p44].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p43].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p42].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p41].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p40].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p39].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p38].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p37].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p36].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p35].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p34].bmp
[2011/06/08 00:20:57 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p33].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p32].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p31].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p30].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p29].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p28].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p27].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p26].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p25].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p24].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p23].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p22].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p21].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p20].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p19].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p18].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p17].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p16].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p15].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p14].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p13].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p12].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p11].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p10].bmp
[2011/06/08 00:20:43 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p09].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p08].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p07].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p06].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p05].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p03].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p02].bmp
[2011/06/07 22:52:07 | 000,479,438 | ---- | C] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf
[2011/06/06 19:09:16 | 000,001,854 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\GhostObjGAFix.xml
[2011/06/06 07:24:59 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/06 07:24:59 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/16 07:09:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0004]-[p04].bmp
[2010/10/16 07:09:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p04].bmp
[2010/09/28 07:42:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0005]-[p04].bmp
[2010/07/15 18:07:36 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat.temp
[2010/07/15 17:46:54 | 000,171,932 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/06/30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/27 13:29:20 | 000,000,070 | ---- | C] () -- C:\Windows\FSaver.ini
[2010/06/27 13:29:19 | 000,000,103 | ---- | C] () -- C:\Windows\Wingmakers.ini
[2010/06/06 08:18:23 | 000,003,235 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp11.html
[2010/06/06 08:18:08 | 000,000,778 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp1.html
[2010/04/30 22:34:58 | 000,000,036 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\housecall.guid.cache
[2010/04/30 06:37:02 | 000,003,276 | ---- | C] () -- C:\Windows\SysWow64\NVTBM.ini
[2010/04/08 10:53:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/22 08:00:15 | 000,007,605 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Resmon.ResmonCfg
[2010/02/02 13:05:58 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/12/21 10:06:32 | 000,002,325 | ---- | C] () -- C:\Windows\checkip.dat
[2009/12/12 09:01:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/07 14:41:31 | 000,000,022 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/11/27 09:05:23 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/11/26 10:12:08 | 000,001,092 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/09/05 17:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2007/08/23 09:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2000/06/28 03:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

========== LOP Check ==========

[2009/11/28 18:05:33 | 000,000,000 | -HSD | M] -- C:\Users\The Reeve Family\AppData\Roaming\.#
[2011/03/24 13:22:25 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Amazon
[2010/01/20 09:15:56 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Audio Recorder for Free
[2010/05/28 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Barnes & Noble
[2009/11/27 07:32:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\BNeReader
[2010/05/29 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\calibre
[2011/06/20 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2010/11/04 07:37:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Digiarty
[2011/06/07 07:12:03 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Dropbox
[2009/12/02 09:14:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit
[2010/01/07 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit Software
[2011/03/19 11:53:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Jasc
[2010/03/26 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Leadertech
[2010/08/24 15:32:49 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\muvee Technologies
[2010/07/15 06:30:48 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OpenDNS Updater
[2010/01/09 18:27:12 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OverDrive
[2009/11/25 20:14:55 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\PictureMover
[2010/11/27 14:49:57 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\QuickScan
[2010/02/23 15:48:31 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SecondLife
[2010/03/24 21:27:43 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SystemRequirementsLab
[2009/11/26 10:12:30 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Template
[2011/05/07 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Thunderbird
[2011/02/02 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Visan
[2009/12/18 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WildTangent
[2009/11/26 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WinBatch
[2010/08/07 18:35:16 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Windows Live Writer
[2010/07/03 07:49:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WTouch
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/05/26 11:17:36 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 985 bytes -> C:\Users\The Reeve Family\Documents\Lezli, welcome to www_realmindpowersecrets_com !.eml:OECustomProperty
@Alternate Data Stream - 1719 bytes -> C:\Users\The Reeve Family\Documents\Nieuwjaar 2010.eml:OECustomProperty

< End of report >
  • 0

Advertisements


#2
Cold Titanium

Cold Titanium

    Trusted Helper

  • Malware Removal
  • 1,735 posts
Hello AZCMer and welcome to G2G!

My name is Cold Titanium :yes: , and I will be assisting you with your problem.

Please follow all of my instructions without skipping anything. Also, please refrain from experimenting around whilst I am helping you. At times some of the things I tell you to do may seem unnecessary and frustrating, but just stick to it and we'll get through :)

:unsure: Note: Please save these instructions in a file or print them out, as the internet may not be available while we are fixing the system.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Do you know what any of these images are?

[2011/06/08 07:09:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
.
.
etc




Step #1

  • Re-Open OTL
  • When the window appears, underneath Output at the top make sure it is set to Standard Output.
  • Ensure the Use SafeList is selected for Extra Registry
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    dir C:\Users\The Reeve Family\AppData\Local\{09813E2E-E649-43D5-9C83-1034535E2211} /c
    dir C:\Windows\AxInstSV /c
    copy C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp C:\Users\The Reeve Family\Desktop /c



  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.
  • When the scan completes, it will open two notepad windows. OTL.txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.


A picture called [j0003]-[p152].bmp will appear on your desktop. Take a look at it and see what it is, then tell me. I want to make sure before I delete that many.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Step #2


  • Download GMER to your desktop
  • Right-Click and extract it to the desktop
  • Double-Click gmer.exe
  • If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
  • In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish. (Please be patient as it can take some time to complete)

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


After it finishes scanning
  • Click on the [Save..] button, and in the File name area, type in "ark.txt"
  • Save it to your desktop

Post ark.txt in your next reply


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like to see the OTL.txt, Extras.txt, and the ark.txt logs in your next post.
  • 0

#3
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts

Do you know what any of these images are?

[2011/06/08 07:09:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
.
.
etc


It looks like a word document I printed a while ago. I don't know why it is here as a bitmap image, but I have the document saved. Can I go ahead and delete these images?

Continuing on with your instructions and will report back when completed.

  • 0

#4
Cold Titanium

Cold Titanium

    Trusted Helper

  • Malware Removal
  • 1,735 posts
not yet. just continue with my instructions
  • 0

#5
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
OTL.Txt

OTL logfile created on: 7/6/2011 2:22:58 PM - Run 6
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\The Reeve Family\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.48 Gb Available Physical Memory | 77.96% Memory free
17.47 Gb Paging File | 15.75 Gb Available in Paging File | 90.19% Paging File free
Paging file location(s): c:\pagefile.sys 12000 18000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 150.24 Gb Free Space | 25.72% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.86 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
Drive E: | 638.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FAMILYCOMPUTER | User Name: The Reeve Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/11/18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/02/27 19:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2006/06/10 02:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE


========== Modules (SafeList) ==========

MOD - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 05:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/07/13 18:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/13 18:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009/07/13 18:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/12/03 20:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Disabled | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/11/23 15:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 15:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/07 20:07:04 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/08 13:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/14 09:33:14 | 002,746,624 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV:64bit: - [2010/01/26 17:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010/01/24 22:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/01/18 16:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/14 10:02:20 | 000,027,304 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/07/31 00:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/12 09:03:34 | 000,651,776 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/09/12 09:03:34 | 000,539,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/02/16 10:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 53 42 69 02 3F 6C 5B 47 A4 F6 3F 80 3B A0 8A 10 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57131

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:11.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57131
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF:64bit: - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF:64bit: - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]

[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions
[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions
[2010/10/26 07:37:55 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2011/06/21 12:57:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/06/21 12:22:23 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\[email protected]
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\staged-xpis
[2010/09/22 10:01:11 | 000,002,160 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage-https.xml
[2010/09/22 10:00:52 | 000,002,152 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage.xml
[2011/06/06 07:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/27 08:40:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\THE REEVE FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5OIDU41J.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2011/06/22 13:49:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/27 08:40:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/06/03 09:50:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [L07AXLRD_2063144] C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - Startup: C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: grillflame.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (C:\ProgramData\fontsub32.dll) - C:\ProgramData\fontsub32.dll (wpcubed GmbH)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/05 14:49:18 | 000,000,038 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 14:40:32 | 000,383,760 | R--- | M] (Hewlett-Packard Development Company, L.P.) - E:\autorun.exe -- [ CDFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/06 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9EFAC25E-B872-4E4D-9E2A-71FC08A14B00}
[2011/07/06 14:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/05 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{02D52A9B-68E2-4381-9FCF-51113F4A5747}
[2011/07/05 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Photography
[2011/07/05 09:48:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{152FDEF7-6DF2-42A0-88F9-E16E54781D77}
[2011/07/04 22:36:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 21:47:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{09813E2E-E649-43D5-9C83-1034535E2211}
[2011/07/04 08:24:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{14EE15DE-B647-4CFE-877C-B5147AFD8E34}
[2011/07/03 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Tessera
[2011/07/03 10:43:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{68815A40-4632-4D21-B5AF-A53F5BB6E6AB}
[2011/07/02 22:42:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BC9A2AA9-20B6-4229-A06C-943D2DBF3363}
[2011/07/02 10:42:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E11879CA-159B-44FC-AF84-8441BC5BD68B}
[2011/07/01 22:41:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DA88F99F-E4C3-41E1-B2F1-013F73129722}
[2011/07/01 22:30:25 | 000,162,304 | -HS- | C] (wpcubed GmbH) -- C:\ProgramData\fontsub32.dll
[2011/07/01 10:41:21 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3E315E8E-4283-44BC-A089-B673C307161B}
[2011/06/30 22:40:57 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D01CE36F-4D98-4CCA-BECE-5B69E29EA32F}
[2011/06/30 10:40:31 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{969B14D4-C7DC-4AE8-89A6-65BD888136F5}
[2011/06/29 22:40:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7C999F0B-D100-41D0-AB25-4398247900DA}
[2011/06/29 10:39:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{ACAF3ABA-56D6-465E-8A6E-C76693E9D588}
[2011/06/29 08:18:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/06/29 08:18:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/06/29 08:18:37 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/06/29 08:18:37 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/06/29 08:18:36 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/06/29 08:18:36 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/06/29 08:18:36 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/06/29 08:18:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/06/29 08:18:36 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/06/29 08:18:35 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/06/29 08:18:35 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/06/29 08:18:35 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/06/29 08:18:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011/06/29 08:18:35 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/06/29 08:18:35 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/06/29 08:18:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/06/28 20:44:18 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6A15B529-C6EE-45AA-A4DD-0746C01A220D}
[2011/06/28 08:43:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37DF5E25-631D-429C-A045-0D4F715BF42B}
[2011/06/23 22:25:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{84563D6E-C229-4DE1-BBAC-C20B14EE2E2C}
[2011/06/23 16:49:34 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2011/06/23 10:24:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E9BA431D-0E75-4BA1-A9F3-A9D1F17EA8E8}
[2011/06/23 10:24:13 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F899E2D2-03BF-4105-A8B9-3FD158688961}
[2011/06/22 22:23:59 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF131A69-7E87-4C53-A629-1AB520DA7864}
[2011/06/22 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{5E32E665-D79E-4048-B1C3-38292B139A2E}
[2011/06/22 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{017AFCB8-4351-4C14-A6B5-B0A1DAD82551}
[2011/06/21 20:20:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{385B4D43-993C-4AA3-8AB3-BB93BD56E1C8}
[2011/06/21 13:57:12 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/21 13:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/21 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/21 06:51:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BE4F6FF7-A784-4CD1-930D-A13BF362E422}
[2011/06/20 23:37:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2011/06/20 23:30:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\CANON_INC
[2011/06/20 21:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2011/06/20 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/06/20 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/06/20 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2011/06/20 12:16:51 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7E059AD-F750-4504-B2C6-9CC39BED1B77}
[2011/06/19 21:51:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DB4107A7-051C-4B2E-BE0B-BDE6B8618E2E}
[2011/06/19 21:51:09 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6F7FE07F-D539-4795-A3E0-D82AD07B979C}
[2011/06/19 18:56:07 | 099,204,560 | ---- | C] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/19 09:50:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E1478DFF-29B3-4FE6-B2BB-1B88950FB4B3}
[2011/06/19 09:50:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FAB34C23-9FA5-4A02-AF57-33A9894305B1}
[2011/06/18 21:49:50 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{125BF580-7436-42AE-8099-F488522B6C7C}
[2011/06/18 21:49:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0730C24-03D0-4361-BC05-D0F3BEEE6529}
[2011/06/18 09:49:04 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6986AF01-268B-4909-9D7D-5F39C40212F0}
[2011/06/18 09:48:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D906A3DE-22A2-4A90-BF76-C38600C01DBD}
[2011/06/17 21:48:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7A63BA67-E729-4535-98C5-D37DC1EA58C9}
[2011/06/17 21:47:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{4CA2CBB3-39CA-4DA3-A279-85FA312B6CA3}
[2011/06/17 09:47:38 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{947394BC-05D6-447E-8DFF-6533192A6D00}
[2011/06/17 09:47:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CD78352B-B0F6-45C2-B1A5-320F265FB1BF}
[2011/06/16 18:31:36 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C796E4B3-8A03-4F0F-9E54-8B44E4A46F32}
[2011/06/16 18:31:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C0957675-B30C-45BA-9FB8-558EE8AC5734}
[2011/06/16 06:30:40 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{59CBAAD0-6460-4EB7-B732-D4D28D4EA6E3}
[2011/06/15 23:18:51 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 23:18:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 23:18:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 23:18:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 23:18:49 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/15 23:18:49 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/15 23:18:49 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/15 23:18:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/15 22:31:06 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/15 11:12:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9BC10DA1-B747-4B92-ABC8-36C61782A2FC}
[2011/06/15 11:12:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3ED35803-50CB-4FE0-8547-31EF1E5AB034}
[2011/06/14 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0C9473F-B9BC-4949-A29C-D70CEA0B5C56}
[2011/06/14 11:11:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{24923A50-21A4-4237-BD65-354E9CF900EF}
[2011/06/12 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B566527D-DF0F-4218-B000-2563EA10B25D}
[2011/06/12 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F28B2D74-271C-4B59-B883-F63B8A4DDCE0}
[2011/06/12 07:32:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30D699D8-198D-49AB-A632-8A8112546BB5}
[2011/06/11 21:16:09 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/11 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF092D8E-8D10-40C2-81AE-1EE8DD98122E}
[2011/06/10 22:24:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6620FE5C-9524-4BBD-9E1C-AC5F57C582E9}
[2011/06/10 10:23:33 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7189F080-7420-4597-8C59-1AF10BB5AD42}
[2011/06/10 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F2230BC0-629E-4B3F-9E25-EE2394F74B10}
[2011/06/10 09:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/09 22:22:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30DBB548-7EF7-48F6-B4B2-6846582D4B4A}
[2011/06/09 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CCC9D8C6-F1CA-4A9F-A7E2-3487930114EB}
[2011/06/08 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{51496CD1-1A5F-446B-8B40-BC8796D66E55}
[2011/06/08 09:17:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7B284F0-D54A-42BF-BA26-9168D2B17A32}
[2011/06/08 09:17:08 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{209626BC-CDF1-4A14-82A0-7D3977C20D8D}
[2011/06/08 00:34:05 | 000,275,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
[2011/06/07 21:16:15 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B57FC191-C26A-47B8-BF8C-E70BE0DB9652}
[2011/06/07 21:16:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{50FB5BFC-369E-4C14-ABEC-B52158C8D996}
[2011/06/07 09:15:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{A08F840A-B51B-49B2-B1B3-5BCEE8ACA713}
[2011/06/07 09:14:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D59B9151-2510-46B4-AFB5-03EB40C118A8}
[2011/06/06 21:14:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{8B3507FF-535E-48A4-A313-27777B6A5614}
[2011/06/06 21:13:56 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37619C89-A371-433C-AFA5-1812C5BE29FB}

========== Files - Modified Within 30 Days ==========

[2011/07/06 14:08:24 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 14:08:24 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 14:01:05 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/07/06 14:00:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/06 14:00:38 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 22:12:27 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForThe Reeve Family.job
[2011/07/04 21:56:57 | 000,006,102 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/04 21:46:59 | 000,000,106 | ---- | M] () -- C:\Windows\SysWow64\573779942
[2011/07/01 22:30:27 | 000,162,304 | -HS- | M] (wpcubed GmbH) -- C:\ProgramData\fontsub32.dll
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/06/29 11:24:46 | 000,001,092 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2011/06/29 08:23:03 | 000,377,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/24 08:21:44 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 08:21:44 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 08:21:44 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/23 18:00:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\file.ext
[2011/06/21 13:57:12 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/19 18:57:18 | 099,204,560 | ---- | M] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/17 10:26:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0004]-[p04].bmp
[2011/06/16 17:42:42 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/16 17:04:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/14 11:18:20 | 000,001,854 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\GhostObjGAFix.xml
[2011/06/11 21:16:22 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/08 07:09:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p149].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p148].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p147].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p146].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p145].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p144].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p143].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p142].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p141].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p140].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p139].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p138].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p137].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p136].bmp
[2011/06/08 00:22:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p135].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p134].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p133].bmp
[2011/06/08 00:22:09 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p132].bmp
[2011/06/08 00:22:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p131].bmp
[2011/06/08 00:22:07 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p130].bmp
[2011/06/08 00:22:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p129].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p128].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p127].bmp
[2011/06/08 00:22:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p126].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p125].bmp
[2011/06/08 00:22:02 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p124].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p123].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p122].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p121].bmp
[2011/06/08 00:21:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p120].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p119].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p118].bmp
[2011/06/08 00:21:57 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p117].bmp
[2011/06/08 00:21:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p116].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p115].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p114].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p113].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p112].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p111].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p110].bmp
[2011/06/08 00:21:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p109].bmp
[2011/06/08 00:21:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p108].bmp
[2011/06/08 00:21:49 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p107].bmp
[2011/06/08 00:21:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p106].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p105].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p104].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p103].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p102].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p101].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p100].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p99].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p98].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p97].bmp
[2011/06/08 00:21:41 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p96].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p95].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p94].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p93].bmp
[2011/06/08 00:21:38 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p92].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p91].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p90].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p89].bmp
[2011/06/08 00:21:35 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p88].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p87].bmp
[2011/06/08 00:21:33 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p86].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p85].bmp
[2011/06/08 00:21:31 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p84].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p83].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p82].bmp
[2011/06/08 00:21:29 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p81].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p80].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p79].bmp
[2011/06/08 00:21:27 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p78].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p77].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p76].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p75].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p74].bmp
[2011/06/08 00:21:24 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p73].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p72].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p71].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p70].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p69].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p68].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p67].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p66].bmp
[2011/06/08 00:21:19 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p65].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p64].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p63].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p62].bmp
[2011/06/08 00:21:16 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p61].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p60].bmp
[2011/06/08 00:21:14 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p59].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p58].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p57].bmp
[2011/06/08 00:21:12 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p56].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p55].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p54].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p53].bmp
[2011/06/08 00:21:09 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p52].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p51].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p50].bmp
[2011/06/08 00:21:07 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p49].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p48].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p47].bmp
[2011/06/08 00:21:05 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p46].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p45].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p44].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p43].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p42].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p41].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p40].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p39].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p38].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p37].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p36].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p35].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p34].bmp
[2011/06/08 00:20:57 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p33].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p32].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p31].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p30].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p29].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p28].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p27].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p26].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p25].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p24].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p23].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p22].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p21].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p20].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p19].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p18].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p17].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p16].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p15].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p14].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p13].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p12].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p11].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p10].bmp
[2011/06/08 00:20:43 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p09].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p08].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p07].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p06].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p05].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p04].bmp
[2011/06/08 00:20:39 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p03].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p02].bmp
[2011/06/07 22:52:07 | 000,479,438 | ---- | M] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf

========== Files Created - No Company Name ==========

[2011/07/02 22:32:56 | 000,006,102 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/01 22:30:14 | 000,000,106 | ---- | C] () -- C:\Windows\SysWow64\573779942
[2011/06/22 10:22:41 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/21 13:57:12 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/10 09:40:44 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/08 00:36:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0002]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp
[2011/06/08 00:22:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p151].bmp
[2011/06/08 00:22:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p150].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p149].bmp
[2011/06/08 00:22:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p148].bmp
[2011/06/08 00:22:19 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p147].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p146].bmp
[2011/06/08 00:22:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p145].bmp
[2011/06/08 00:22:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p144].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p143].bmp
[2011/06/08 00:22:16 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p142].bmp
[2011/06/08 00:22:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p141].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p140].bmp
[2011/06/08 00:22:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p139].bmp
[2011/06/08 00:22:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p138].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p137].bmp
[2011/06/08 00:22:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p136].bmp
[2011/06/08 00:22:11 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p135].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p134].bmp
[2011/06/08 00:22:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p133].bmp
[2011/06/08 00:22:09 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p132].bmp
[2011/06/08 00:22:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p131].bmp
[2011/06/08 00:22:07 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p130].bmp
[2011/06/08 00:22:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p129].bmp
[2011/06/08 00:22:05 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p128].bmp
[2011/06/08 00:22:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p127].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p126].bmp
[2011/06/08 00:22:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p125].bmp
[2011/06/08 00:22:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p124].bmp
[2011/06/08 00:22:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p123].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p122].bmp
[2011/06/08 00:22:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p121].bmp
[2011/06/08 00:21:59 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p120].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p119].bmp
[2011/06/08 00:21:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p118].bmp
[2011/06/08 00:21:57 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p117].bmp
[2011/06/08 00:21:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p116].bmp
[2011/06/08 00:21:55 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p115].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p114].bmp
[2011/06/08 00:21:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p113].bmp
[2011/06/08 00:21:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p112].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p111].bmp
[2011/06/08 00:21:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p110].bmp
[2011/06/08 00:21:51 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p109].bmp
[2011/06/08 00:21:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p108].bmp
[2011/06/08 00:21:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p107].bmp
[2011/06/08 00:21:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p106].bmp
[2011/06/08 00:21:47 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p105].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p104].bmp
[2011/06/08 00:21:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p103].bmp
[2011/06/08 00:21:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p102].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p101].bmp
[2011/06/08 00:21:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p100].bmp
[2011/06/08 00:21:43 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p99].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p98].bmp
[2011/06/08 00:21:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p97].bmp
[2011/06/08 00:21:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p96].bmp
[2011/06/08 00:21:40 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p95].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p94].bmp
[2011/06/08 00:21:39 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p93].bmp
[2011/06/08 00:21:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p92].bmp
[2011/06/08 00:21:37 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p91].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p90].bmp
[2011/06/08 00:21:36 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p89].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p88].bmp
[2011/06/08 00:21:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p87].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p86].bmp
[2011/06/08 00:21:32 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p85].bmp
[2011/06/08 00:21:31 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p84].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p83].bmp
[2011/06/08 00:21:30 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p82].bmp
[2011/06/08 00:21:29 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p81].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p80].bmp
[2011/06/08 00:21:28 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p79].bmp
[2011/06/08 00:21:27 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p78].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p77].bmp
[2011/06/08 00:21:26 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p76].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p75].bmp
[2011/06/08 00:21:25 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p74].bmp
[2011/06/08 00:21:24 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p73].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p72].bmp
[2011/06/08 00:21:23 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p71].bmp
[2011/06/08 00:21:22 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p70].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p69].bmp
[2011/06/08 00:21:21 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p68].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p67].bmp
[2011/06/08 00:21:20 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p66].bmp
[2011/06/08 00:21:19 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p65].bmp
[2011/06/08 00:21:18 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p64].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p63].bmp
[2011/06/08 00:21:17 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p62].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p61].bmp
[2011/06/08 00:21:15 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p60].bmp
[2011/06/08 00:21:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p59].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p58].bmp
[2011/06/08 00:21:13 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p57].bmp
[2011/06/08 00:21:12 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p56].bmp
[2011/06/08 00:21:11 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p55].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p54].bmp
[2011/06/08 00:21:10 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p53].bmp
[2011/06/08 00:21:09 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p52].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p51].bmp
[2011/06/08 00:21:08 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p50].bmp
[2011/06/08 00:21:07 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p49].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p48].bmp
[2011/06/08 00:21:06 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p47].bmp
[2011/06/08 00:21:05 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p46].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p45].bmp
[2011/06/08 00:21:04 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p44].bmp
[2011/06/08 00:21:03 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p43].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p42].bmp
[2011/06/08 00:21:02 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p41].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p40].bmp
[2011/06/08 00:21:01 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p39].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p38].bmp
[2011/06/08 00:21:00 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p37].bmp
[2011/06/08 00:20:59 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p36].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p35].bmp
[2011/06/08 00:20:58 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p34].bmp
[2011/06/08 00:20:57 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p33].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p32].bmp
[2011/06/08 00:20:56 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p31].bmp
[2011/06/08 00:20:55 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p30].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p29].bmp
[2011/06/08 00:20:54 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p28].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p27].bmp
[2011/06/08 00:20:53 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p26].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p25].bmp
[2011/06/08 00:20:52 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p24].bmp
[2011/06/08 00:20:51 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p23].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p22].bmp
[2011/06/08 00:20:50 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p21].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p20].bmp
[2011/06/08 00:20:49 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p19].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p18].bmp
[2011/06/08 00:20:48 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p17].bmp
[2011/06/08 00:20:47 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p16].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p15].bmp
[2011/06/08 00:20:46 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p14].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p13].bmp
[2011/06/08 00:20:45 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p12].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p11].bmp
[2011/06/08 00:20:44 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p10].bmp
[2011/06/08 00:20:43 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p09].bmp
[2011/06/08 00:20:42 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p08].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p07].bmp
[2011/06/08 00:20:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p06].bmp
[2011/06/08 00:20:40 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p05].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p03].bmp
[2011/06/08 00:20:38 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p02].bmp
[2011/06/07 22:52:07 | 000,479,438 | ---- | C] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf
[2011/06/06 19:09:16 | 000,001,854 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\GhostObjGAFix.xml
[2010/10/16 07:09:41 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0004]-[p04].bmp
[2010/10/16 07:09:14 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0003]-[p04].bmp
[2010/09/28 07:42:34 | 002,447,334 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\[j0005]-[p04].bmp
[2010/07/15 18:07:36 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat.temp
[2010/07/15 17:46:54 | 000,171,932 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/06/30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/27 13:29:20 | 000,000,070 | ---- | C] () -- C:\Windows\FSaver.ini
[2010/06/27 13:29:19 | 000,000,103 | ---- | C] () -- C:\Windows\Wingmakers.ini
[2010/06/06 08:18:23 | 000,003,235 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp11.html
[2010/06/06 08:18:08 | 000,000,778 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp1.html
[2010/04/30 22:34:58 | 000,000,036 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\housecall.guid.cache
[2010/04/30 06:37:02 | 000,003,276 | ---- | C] () -- C:\Windows\SysWow64\NVTBM.ini
[2010/04/08 10:53:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/22 08:00:15 | 000,007,605 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Resmon.ResmonCfg
[2010/02/02 13:05:58 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/12/21 10:06:32 | 000,002,325 | ---- | C] () -- C:\Windows\checkip.dat
[2009/12/12 09:01:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/07 14:41:31 | 000,000,022 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/11/27 09:05:23 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/11/26 10:12:08 | 000,001,092 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/09/05 17:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2007/08/23 09:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2000/06/28 03:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

========== Custom Scans ==========


< dir C:\Users\The Reeve Family\AppData\Local\{09813E2E-E649-43D5-9C83-1034535E2211} /c >

< dir C:\Windows\AxInstSV /c >
Volume in drive C is HP
Volume Serial Number is D89D-3891
Directory of C:\WINDOWS\AXINSTSV

< copy C:\Users\The Reeve Family\AppData\Local\[j0003]-[p152].bmp C:\Users\The Reeve Family\Desktop /c >
The syntax of the command is incorrect.

========== Alternate Data Streams ==========

@Alternate Data Stream - 985 bytes -> C:\Users\The Reeve Family\Documents\Lezli, welcome to www_realmindpowersecrets_com !.eml:OECustomProperty
@Alternate Data Stream - 1719 bytes -> C:\Users\The Reeve Family\Documents\Nieuwjaar 2010.eml:OECustomProperty

< End of report >
  • 0

#6
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Extras.Txt

OTL Extras logfile created on: 7/6/2011 2:22:58 PM - Run 6
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\The Reeve Family\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.48 Gb Available Physical Memory | 77.96% Memory free
17.47 Gb Paging File | 15.75 Gb Available in Paging File | 90.19% Paging File free
Paging file location(s): c:\pagefile.sys 12000 18000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 150.24 Gb Free Space | 25.72% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.86 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
Drive E: | 638.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FAMILYCOMPUTER | User Name: The Reeve Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07044040-959A-4B0D-8825-2C533F0DDB19}" = Encarta Search Bar (64-bit)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07041881-E9B4-4DF6-A845-CAAFD093E477}" = Microsoft Student with Encarta Premium 2007
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08067AFD-4ECE-4454-80B4-31C859D4EDC1}" = F4400
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24960CD0-661D-4957-9D5F-D2905A30EDB1}" = Jasc Paint Shop Photo Album 5
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{26E76762-7F20-4694-AD06-CC3A9B547A71}" = Microsoft Office Live Meeting 2007
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{395A57A6-E0E1-C599-3A28-19A96682B4C6}" = Adobe Photoshop.com Inspiration Browser
"{3BB33344-3179-49A4-B6EB-22D2A390764D}" = HP Webcam User's Guide
"{3E31F0CE-D1D7-44C0-AE9B-6221D7F2DF36}" = Cooliris for Internet Explorer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{567C5FE9-17AC-4D5D-99FD-1AC0FC43977C}" = OverDrive Media Console
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A8D3524-79DB-11D5-99D1-00010256D40E}" = SD Viewer for DSC
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78E9A751-5616-233F-1249-16AC5758C646}" = muvee Reveal Seagate Edition
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-004E-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector 32-bit
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B348E585-E872-41DF-8234-E2D49917CFBB}" = Learning Essentials for Microsoft Office
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3D84D4A-DE51-42A1-964B-E80013272D55}" = HuluDesktopIntegration
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Activate Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C997A605-AB22-4B3F-8BC4-C3062F65F3F0}" = PlayOn
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E92E462A-700D-4949-B24B-789AEDDA3B88}" = ArcSoft ShowBiz
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEFD86B-5D4F-4A2D-8D4E-ECD7D9AD925E}" = ArcSoft WebCam Companion 3
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BN_DesktopReader" = Barnes & Noble Desktop Reader
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"Cisco Connect" = Cisco Connect
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Digital Editions" = Adobe Digital Editions
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EA Download Manager" = EA Download Manager
"EOS Utility" = Canon Utilities EOS Utility
"Homepage Protection" = Homepage Protection
"HP Photo Creations" = HP Photo Creations
"hp print screen utility" = hp print screen utility
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pen Tablet Driver" = Pen Tablet
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RealPlayer 12.0" = RealPlayer
"SecondLife" = SecondLife (remove only)
"SecondLifeBetaViewer" = SecondLifeBetaViewer (remove only)
"sp44401" = sp44401
"SystemRequirementsLab" = System Requirements Lab
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WePrint" = WePrint
"WFTK" = Canon Utilities WFT Utility
"WildTangent hp Master Uninstall" = HP Games
"Wingmakers" = Wingmakers
"WinLiveSuite" = Windows Live Essentials
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.0.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"HuluDesktop" = Hulu Desktop
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#7
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-06 15:42:57
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows Live\Companion\[email protected]@533880bb4f5fa2dcf0d3532afeb09929\r\n 0xAB 0x9F 0xE9 0x48 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\[email protected]@9616760243a4c028dc60d298aa3ccd7e\r\n 0xCA 0x24 0xD5 0x5A ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\[email protected]@7542a3e30fa7341633c1b6f044eeb19c\r\n 0xA8 0xEC 0x30 0x75 ...

---- EOF - GMER 1.0.15 ----
  • 0

#8
Cold Titanium

Cold Titanium

    Trusted Helper

  • Malware Removal
  • 1,735 posts
Step #1

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57131
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 57131
    FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
    FF - prefs.js..network.proxy.type: 4
    O20 - AppInit_DLLs: (C:\ProgramData\fontsub32.dll) - C:\ProgramData\fontsub32.dll (wpcubed GmbH)
    [2011/07/04 21:47:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{09813E2E-E649-43D5-9C83-1034535E2211}
    [2011/07/04 08:24:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{14EE15DE-B647-4CFE-877C-B5147AFD8E34}
    [2011/07/03 10:43:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{68815A40-4632-4D21-B5AF-A53F5BB6E6AB}
    [2011/07/02 22:42:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BC9A2AA9-20B6-4229-A06C-943D2DBF3363}
    [2011/07/02 10:42:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E11879CA-159B-44FC-AF84-8441BC5BD68B}
    [2011/07/01 22:41:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DA88F99F-E4C3-41E1-B2F1-013F73129722}
    [2011/07/01 22:30:25 | 000,162,304 | -HS- | C] (wpcubed GmbH) -- C:\ProgramData\fontsub32.dll
    [2011/07/01 10:41:21 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3E315E8E-4283-44BC-A089-B673C307161B}
    [2011/06/30 22:40:57 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D01CE36F-4D98-4CCA-BECE-5B69E29EA32F}
    [2011/06/30 10:40:31 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{969B14D4-C7DC-4AE8-89A6-65BD888136F5}
    [2011/06/29 22:40:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7C999F0B-D100-41D0-AB25-4398247900DA}
    [2011/06/29 10:39:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{ACAF3ABA-56D6-465E-8A6E-C76693E9D588}
    [2011/06/28 20:44:18 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6A15B529-C6EE-45AA-A4DD-0746C01A220D}
    [2011/06/28 08:43:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37DF5E25-631D-429C-A045-0D4F715BF42B}
    [2011/06/23 22:25:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{84563D6E-C229-4DE1-BBAC-C20B14EE2E2C}
    [2011/06/23 16:49:34 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
    [2011/06/23 10:24:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E9BA431D-0E75-4BA1-A9F3-A9D1F17EA8E8}
    [2011/06/23 10:24:13 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F899E2D2-03BF-4105-A8B9-3FD158688961}
    [2011/06/22 22:23:59 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF131A69-7E87-4C53-A629-1AB520DA7864}
    [2011/06/22 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{5E32E665-D79E-4048-B1C3-38292B139A2E}
    [2011/06/22 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{017AFCB8-4351-4C14-A6B5-B0A1DAD82551}
    [2011/06/21 20:20:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{385B4D43-993C-4AA3-8AB3-BB93BD56E1C8}
    [2011/06/21 06:51:46 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{BE4F6FF7-A784-4CD1-930D-A13BF362E422}
    [2011/06/20 12:16:51 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7E059AD-F750-4504-B2C6-9CC39BED1B77}
    [2011/06/19 21:51:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{DB4107A7-051C-4B2E-BE0B-BDE6B8618E2E}
    [2011/06/19 21:51:09 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6F7FE07F-D539-4795-A3E0-D82AD07B979C}
    [2011/06/19 09:50:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E1478DFF-29B3-4FE6-B2BB-1B88950FB4B3}
    [2011/06/19 09:50:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FAB34C23-9FA5-4A02-AF57-33A9894305B1}
    [2011/06/18 21:49:50 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{125BF580-7436-42AE-8099-F488522B6C7C}
    [2011/06/18 21:49:39 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0730C24-03D0-4361-BC05-D0F3BEEE6529}
    [2011/06/18 09:49:04 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6986AF01-268B-4909-9D7D-5F39C40212F0}
    [2011/06/18 09:48:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D906A3DE-22A2-4A90-BF76-C38600C01DBD}
    [2011/06/17 21:48:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7A63BA67-E729-4535-98C5-D37DC1EA58C9}
    [2011/06/17 21:47:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{4CA2CBB3-39CA-4DA3-A279-85FA312B6CA3}
    [2011/06/17 09:47:38 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{947394BC-05D6-447E-8DFF-6533192A6D00}
    [2011/06/17 09:47:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CD78352B-B0F6-45C2-B1A5-320F265FB1BF}
    [2011/06/16 18:31:36 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C796E4B3-8A03-4F0F-9E54-8B44E4A46F32}
    [2011/06/16 18:31:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C0957675-B30C-45BA-9FB8-558EE8AC5734}
    [2011/06/16 06:30:40 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{59CBAAD0-6460-4EB7-B732-D4D28D4EA6E3}
    [2011/06/15 11:12:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9BC10DA1-B747-4B92-ABC8-36C61782A2FC}
    [2011/06/15 11:12:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{3ED35803-50CB-4FE0-8547-31EF1E5AB034}
    [2011/06/14 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E0C9473F-B9BC-4949-A29C-D70CEA0B5C56}
    [2011/06/14 11:11:35 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{24923A50-21A4-4237-BD65-354E9CF900EF}
    [2011/06/12 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B566527D-DF0F-4218-B000-2563EA10B25D}
    [2011/06/12 07:32:34 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F28B2D74-271C-4B59-B883-F63B8A4DDCE0}
    [2011/06/12 07:32:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30D699D8-198D-49AB-A632-8A8112546BB5}
    [2011/06/11 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{FF092D8E-8D10-40C2-81AE-1EE8DD98122E}
    [2011/06/10 22:24:20 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{6620FE5C-9524-4BBD-9E1C-AC5F57C582E9}
    [2011/06/10 10:23:33 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{7189F080-7420-4597-8C59-1AF10BB5AD42}
    [2011/06/10 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{F2230BC0-629E-4B3F-9E25-EE2394F74B10}
    [2011/06/09 22:22:44 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{30DBB548-7EF7-48F6-B4B2-6846582D4B4A}
    [2011/06/09 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CCC9D8C6-F1CA-4A9F-A7E2-3487930114EB}
    [2011/06/08 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{51496CD1-1A5F-446B-8B40-BC8796D66E55}
    [2011/06/08 09:17:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B7B284F0-D54A-42BF-BA26-9168D2B17A32}
    [2011/06/08 09:17:08 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{209626BC-CDF1-4A14-82A0-7D3977C20D8D}
    [2011/06/07 21:16:15 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B57FC191-C26A-47B8-BF8C-E70BE0DB9652}
    [2011/06/07 21:16:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{50FB5BFC-369E-4C14-ABEC-B52158C8D996}
    [2011/06/07 09:15:06 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{A08F840A-B51B-49B2-B1B3-5BCEE8ACA713}
    [2011/06/07 09:14:55 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D59B9151-2510-46B4-AFB5-03EB40C118A8}
    [2011/06/06 21:14:07 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{8B3507FF-535E-48A4-A313-27777B6A5614}
    [2011/06/06 21:13:56 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{37619C89-A371-433C-AFA5-1812C5BE29FB}
    [2011/06/06 09:13:12 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{B5EB47E8-2F60-469F-A6CC-E3DE52D8D8A1}
    [2011/06/06 09:13:02 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{CEB9B8BC-9510-4125-946B-EBA2A879C41C}
    [2011/06/05 21:12:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D3E0CD66-53D4-4FA8-9F1C-268479943183}
    [2011/06/05 09:11:41 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{0A11161F-3C2B-4F7C-84DA-FF0CF01A4137}
    [2011/06/05 09:11:31 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{0F2E5491-0D5F-437C-B0E5-DC31881A92B7}
    [2011/06/14 11:18:20 | 000,001,854 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\GhostObjGAFix.xml
    
    :Files
    C:\Users\The Reeve Family\AppData\Local\[j000*.bmp
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Step #2


  • Re-open MalwareBytes and click the Update tab
  • Update it
  • Click the scanner Tab and perform a Full Scan
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like to see OTL.txt and the MBAM report
  • 0

#9
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts


Weird thing . . . I rebooted and could not use my mouse. So, I rebooted again and it seems okay now. But, while replying to this thread, I no longer can see where my cursor is. I am having to trust that when I click someplace, that that is where I'm going to type.

Running MBam now.

OTL.txt


OTL logfile created on: 7/7/2011 1:17:58 PM - Run 8
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\The Reeve Family\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.29 Gb Available Physical Memory | 74.54% Memory free
17.47 Gb Paging File | 15.81 Gb Available in Paging File | 90.54% Paging File free
Paging file location(s): c:\pagefile.sys 12000 18000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 154.19 Gb Free Space | 26.40% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.86 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
Drive E: | 638.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FAMILYCOMPUTER | User Name: The Reeve Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
PRC - [2011/06/22 13:49:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/11/18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/02/27 19:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2006/06/10 02:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE


========== Modules (SafeList) ==========

MOD - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 05:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/07/13 18:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/13 18:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009/07/13 18:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/12/03 20:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Disabled | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/11/23 15:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 15:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/07 20:07:04 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/08 13:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/14 09:33:14 | 002,746,624 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV:64bit: - [2010/01/26 17:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010/01/24 22:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/01/18 16:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/14 10:02:20 | 000,027,304 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/07/31 00:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/12 09:03:34 | 000,651,776 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/09/12 09:03:34 | 000,539,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/02/16 10:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 53 42 69 02 3F 6C 5B 47 A4 F6 3F 80 3B A0 8A 10 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:11.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57131
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF:64bit: - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF:64bit: - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]

[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions
[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions
[2010/10/26 07:37:55 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2011/06/21 12:57:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/06/21 12:22:23 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\[email protected]
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\staged-xpis
[2010/09/22 10:01:11 | 000,002,160 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage-https.xml
[2010/09/22 10:00:52 | 000,002,152 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage.xml
[2011/06/06 07:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/27 08:40:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\THE REEVE FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5OIDU41J.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2011/06/22 13:49:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/27 08:40:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/06/03 09:50:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [L07AXLRD_2063144] C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - Startup: C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: grillflame.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/05 14:49:18 | 000,000,038 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 14:40:32 | 000,383,760 | R--- | M] (Hewlett-Packard Development Company, L.P.) - E:\autorun.exe -- [ CDFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/07 13:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/07 12:03:15 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E85CC538-A8B5-4622-930F-F10FCAF03B93}
[2011/07/06 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9EFAC25E-B872-4E4D-9E2A-71FC08A14B00}
[2011/07/05 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{02D52A9B-68E2-4381-9FCF-51113F4A5747}
[2011/07/05 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Photography
[2011/07/05 09:48:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{152FDEF7-6DF2-42A0-88F9-E16E54781D77}
[2011/07/04 22:36:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/03 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Tessera
[2011/06/21 13:57:12 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/21 13:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/21 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/20 23:37:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2011/06/20 23:30:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\CANON_INC
[2011/06/20 21:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2011/06/20 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/06/20 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/06/20 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2011/06/19 18:56:07 | 099,204,560 | ---- | C] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/11 21:16:09 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

========== Files - Modified Within 30 Days ==========

[2011/07/07 13:22:49 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/07 13:22:49 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/07 13:15:40 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/07/07 13:15:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/07 13:15:16 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/06 14:41:36 | 000,293,977 | ---- | M] () -- C:\Users\The Reeve Family\Desktop\gmer.zip
[2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 22:12:27 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForThe Reeve Family.job
[2011/07/04 21:56:57 | 000,006,102 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/04 21:46:59 | 000,000,106 | ---- | M] () -- C:\Windows\SysWow64\573779942
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/06/29 11:24:46 | 000,001,092 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2011/06/29 08:23:03 | 000,377,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/24 08:21:44 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 08:21:44 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 08:21:44 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/23 18:00:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\file.ext
[2011/06/21 13:57:12 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/19 18:57:18 | 099,204,560 | ---- | M] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/16 17:04:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/11 21:16:22 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/07 22:52:07 | 000,479,438 | ---- | M] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf

========== Files Created - No Company Name ==========

[2011/07/06 14:42:03 | 000,302,592 | ---- | C] () -- C:\Users\The Reeve Family\Desktop\gmer.exe
[2011/07/06 14:41:30 | 000,293,977 | ---- | C] () -- C:\Users\The Reeve Family\Desktop\gmer.zip
[2011/07/02 22:32:56 | 000,006,102 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/01 22:30:14 | 000,000,106 | ---- | C] () -- C:\Windows\SysWow64\573779942
[2011/06/22 10:22:41 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/21 13:57:12 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/10 09:40:44 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/07 22:52:07 | 000,479,438 | ---- | C] () -- C:\Users\The Reeve Family\Documents\LReev01Pa.rtf
[2010/07/15 18:07:36 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat.temp
[2010/07/15 17:46:54 | 000,171,932 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/06/30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/27 13:29:20 | 000,000,070 | ---- | C] () -- C:\Windows\FSaver.ini
[2010/06/27 13:29:19 | 000,000,103 | ---- | C] () -- C:\Windows\Wingmakers.ini
[2010/06/06 08:18:23 | 000,003,235 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp11.html
[2010/06/06 08:18:08 | 000,000,778 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp1.html
[2010/04/30 22:34:58 | 000,000,036 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\housecall.guid.cache
[2010/04/30 06:37:02 | 000,003,276 | ---- | C] () -- C:\Windows\SysWow64\NVTBM.ini
[2010/04/08 10:53:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/22 08:00:15 | 000,007,605 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Resmon.ResmonCfg
[2010/02/02 13:05:58 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/12/21 10:06:32 | 000,002,325 | ---- | C] () -- C:\Windows\checkip.dat
[2009/12/12 09:01:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/07 14:41:31 | 000,000,022 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/11/27 09:05:23 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/11/26 10:12:08 | 000,001,092 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/09/05 17:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2007/08/23 09:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2000/06/28 03:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

========== LOP Check ==========

[2009/11/28 18:05:33 | 000,000,000 | -HSD | M] -- C:\Users\The Reeve Family\AppData\Roaming\.#
[2011/03/24 13:22:25 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Amazon
[2010/01/20 09:15:56 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Audio Recorder for Free
[2010/05/28 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Barnes & Noble
[2009/11/27 07:32:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\BNeReader
[2010/05/29 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\calibre
[2011/06/20 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2010/11/04 07:37:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Digiarty
[2011/06/07 07:12:03 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Dropbox
[2009/12/02 09:14:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit
[2010/01/07 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit Software
[2011/03/19 11:53:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Jasc
[2010/03/26 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Leadertech
[2010/08/24 15:32:49 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\muvee Technologies
[2010/07/15 06:30:48 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OpenDNS Updater
[2010/01/09 18:27:12 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OverDrive
[2009/11/25 20:14:55 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\PictureMover
[2010/11/27 14:49:57 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\QuickScan
[2010/02/23 15:48:31 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SecondLife
[2010/03/24 21:27:43 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SystemRequirementsLab
[2009/11/26 10:12:30 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Template
[2011/05/07 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Thunderbird
[2011/02/02 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Visan
[2009/12/18 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WildTangent
[2009/11/26 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WinBatch
[2010/08/07 18:35:16 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Windows Live Writer
[2010/07/03 07:49:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WTouch
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/05/26 11:17:36 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 985 bytes -> C:\Users\The Reeve Family\Documents\Lezli, welcome to www_realmindpowersecrets_com !.eml:OECustomProperty
@Alternate Data Stream - 1719 bytes -> C:\Users\The Reeve Family\Documents\Nieuwjaar 2010.eml:OECustomProperty

< End of report >
  • 0

#10
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts

My cursor and mouse seem okay right now. Odd that that was happening.

Mbam log:


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7044

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7/7/2011 4:39:34 PM
mbam-log-2011-07-07 (16-39-34).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 614252
Time elapsed: 3 hour(s), 7 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements


#11
Cold Titanium

Cold Titanium

    Trusted Helper

  • Malware Removal
  • 1,735 posts
I apologize for the delay, I had trouble accessing the Geekstogo website.

Know what this is?

C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe


Something made the proxy come back. Let's run a deeper scan.


Step #1


Download aswMBR.exe ( 1.8MB ) to your desktop.

Double click the aswMBR.exe to run it

It will ask you if you want to download the avast definitions database. This file is around 40 MB in size. If your internet is tightly restricted in download limits you may want to click No here.

Otherwise please click Yes. Depending on your connection speed it may take a while to download.

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please post the aswMBR log...
  • 0

#12
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Thanks so much for getting back. I know. . . I had the same trouble with the site today. I appreciate your help.

Know what this is?

C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe


It is a Kaspersky Virus Removal Tool.

On to aswmbr. Will post the log when finished.

  • 0

#13
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
aswMBR log:

aswMBR version 0.9.7.705 Copyright© 2011 AVAST Software
Run date: 2011-07-08 23:12:48
-----------------------------
23:12:48.164 OS Version: Windows x64 6.1.7601 Service Pack 1
23:12:48.164 Number of processors: 4 586 0x502
23:12:48.165 ComputerName: FAMILYCOMPUTER UserName:
23:12:49.728 Initialize success
23:15:20.672 AVAST engine defs: 11070801
23:15:36.255 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
23:15:36.257 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
23:15:38.272 Disk 0 MBR read successfully
23:15:38.277 Disk 0 MBR scan
23:15:38.283 Disk 0 Windows 7 default MBR code
23:15:38.290 Service scanning
23:15:39.327 Disk 0 trace - called modules:
23:15:39.338 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
23:15:39.347 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005b70060]
23:15:39.356 3 CLASSPNP.SYS[fffff8800198943f] -> nt!IofCallDriver -> [0xfffffa8004ebee40]
23:15:39.365 5 ACPI.sys[fffff88000e1d7a1] -> nt!IofCallDriver -> \Device\00000061[0xfffffa80058c5060]
23:15:40.595 AVAST engine scan C:\Windows
23:46:46.380 File: C:\Windows\System32\drivers\en-US\bfe.dll.mui **SUSPICIOUS**
23:46:47.082 File: C:\Windows\System32\drivers\en-US\ndiscap.sys.mui **SUSPICIOUS**
23:46:47.253 File: C:\Windows\System32\drivers\en-US\pacer.sys.mui **SUSPICIOUS**
23:46:47.441 File: C:\Windows\System32\drivers\en-US\qwavedrv.sys.mui **SUSPICIOUS**
23:46:47.690 File: C:\Windows\System32\drivers\en-US\scfilter.sys.mui **SUSPICIOUS**
23:46:47.893 File: C:\Windows\System32\drivers\en-US\tcpip.sys.mui **SUSPICIOUS**
23:47:04.819 File: C:\Windows\System32\drivers\wimmount.sys **SUSPICIOUS**
00:44:42.746 AVAST engine scan C:\Users\The Reeve Family
03:53:08.175 AVAST engine scan C:\ProgramData
04:03:40.521 Scan finished successfully
04:15:03.895 Disk 0 MBR has been saved successfully to "C:\Users\The Reeve Family\Desktop\MBR.dat"
04:15:03.895 The log file has been saved successfully to "C:\Users\The Reeve Family\Desktop\aswMBR.txt"
  • 0

#14
Cold Titanium

Cold Titanium

    Trusted Helper

  • Malware Removal
  • 1,735 posts
What problems are you currently having?



Step #1

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 57131
    FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
    FF - prefs.js..network.proxy.type: 4
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Step #2

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like to see the OTL.txt, and the TDSSKiller report...also tell me how the system is behaving.
  • 0

#15
AZCMer

AZCMer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
In many ways my computer is running fine. I am able to open multiple photoediting programs and work in each one as well as get on the internet.

However, when I restart the machine it takes forever for the welcome screen to finish after logging on and then it takes a long time, once my desktop comes up to get access to the cursor.

Isn't it weird though that my cursor is acting oddly as I am replying to this thread. Once I pasted in my otl log, my cursor went away and I am typing blindly once again. Is that a particular quirk of this forum or is it me?

Will report back once Kaspersky has run.

Here is my latest OTL quick scan:


OTL logfile created on: 7/9/2011 1:20:25 PM - Run 9
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\The Reeve Family\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.26 Gb Available Physical Memory | 74.04% Memory free
17.47 Gb Paging File | 15.87 Gb Available in Paging File | 90.89% Paging File free
Paging file location(s): c:\pagefile.sys 12000 18000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 149.21 Gb Free Space | 25.55% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.86 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
Drive E: | 638.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FAMILYCOMPUTER | User Name: The Reeve Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
PRC - [2010/11/20 05:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/11/18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/02/27 19:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2006/06/10 02:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE


========== Modules (SafeList) ==========

MOD - [2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 05:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/07/13 18:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/13 18:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009/07/13 18:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/12/03 20:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Disabled | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/11/23 15:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 15:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/07 20:07:04 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/08 13:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/14 09:33:14 | 002,746,624 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV:64bit: - [2010/01/26 17:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010/01/24 22:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/01/18 16:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/10/14 10:02:20 | 000,027,304 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/07/31 00:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/12 09:03:34 | 000,651,776 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/09/12 09:03:34 | 000,539,520 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/02/16 10:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 53 42 69 02 3F 6C 5B 47 A4 F6 3F 80 3B A0 8A 10 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:11.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57131
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF:64bit: - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF:64bit: - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\The Reeve Family\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\The Reeve Family\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/15 17:51:54 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/07 01:03:33 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 07:39:34 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 13:49:03 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 17:04:38 | 000,000,000 | ---D | M]

[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions
[2011/05/07 18:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions
[2010/10/26 07:37:55 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2011/06/21 12:57:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/06/21 12:22:23 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\extensions\[email protected]
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions
[2011/07/01 22:30:14 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{4bca5683-57cf-48b1-821c-6d66d3434164}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/29 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\8vfszevh.default\extensions\staged-xpis
[2010/09/22 10:01:11 | 000,002,160 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage-https.xml
[2010/09/22 10:00:52 | 000,002,152 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\Mozilla\Firefox\Profiles\5oidu41j.default\searchplugins\startpage.xml
[2011/06/06 07:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/27 08:40:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\THE REEVE FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5OIDU41J.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2011/06/22 13:49:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/27 08:40:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/06/03 09:50:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110601092809.dll (McAfee, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [L07AXLRD_2063144] C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - Startup: C:\Users\The Reeve Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: grillflame.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/05 14:49:18 | 000,000,038 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 14:40:32 | 000,383,760 | R--- | M] (Hewlett-Packard Development Company, L.P.) - E:\autorun.exe -- [ CDFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/09 13:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/09 08:37:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{D78AA17E-C1AE-4A03-A1E0-EFE804A80412}
[2011/07/08 23:09:36 | 001,925,512 | ---- | C] (AVAST Software) -- C:\Users\The Reeve Family\Desktop\aswMBR.exe
[2011/07/08 13:43:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/07/08 13:11:24 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{C37D2A75-0ACA-4BA4-B813-852E172DE875}
[2011/07/08 13:10:54 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{2C411667-EE6F-41DD-A08D-A59E2D7F885B}
[2011/07/08 00:04:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{1BA57C1F-805C-4C0A-AA48-3C062D1EED45}
[2011/07/08 00:04:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{68A82311-8337-4565-82BB-EF91BDF1AD0D}
[2011/07/07 17:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoStitch
[2011/07/07 16:57:45 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Roaming\ZoomBrowser EX
[2011/07/07 12:03:15 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{E85CC538-A8B5-4622-930F-F10FCAF03B93}
[2011/07/06 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{9EFAC25E-B872-4E4D-9E2A-71FC08A14B00}
[2011/07/05 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{02D52A9B-68E2-4381-9FCF-51113F4A5747}
[2011/07/05 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Photography
[2011/07/05 09:48:00 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\{152FDEF7-6DF2-42A0-88F9-E16E54781D77}
[2011/07/04 22:36:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/03 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\Documents\Tessera
[2011/06/21 13:57:12 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/21 13:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/21 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/20 23:37:11 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2011/06/20 23:30:25 | 000,000,000 | ---D | C] -- C:\Users\The Reeve Family\AppData\Local\CANON_INC
[2011/06/20 21:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2011/06/20 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/06/20 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/06/20 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
[2011/06/19 18:56:07 | 099,204,560 | ---- | C] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/11 21:16:09 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/10 09:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

========== Files - Modified Within 30 Days ==========

[2011/07/09 13:25:57 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/09 13:25:57 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/09 13:18:50 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/07/09 13:18:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/09 13:18:21 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/09 04:15:03 | 000,000,512 | ---- | M] () -- C:\Users\The Reeve Family\Desktop\MBR.dat
[2011/07/08 23:09:50 | 001,925,512 | ---- | M] (AVAST Software) -- C:\Users\The Reeve Family\Desktop\aswMBR.exe
[2011/07/06 14:41:36 | 000,293,977 | ---- | M] () -- C:\Users\The Reeve Family\Desktop\gmer.zip
[2011/07/04 22:36:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\The Reeve Family\Desktop\OTL.exe
[2011/07/04 22:12:27 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForThe Reeve Family.job
[2011/07/04 21:56:57 | 000,006,102 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/04 21:46:59 | 000,000,106 | ---- | M] () -- C:\Windows\SysWow64\573779942
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/06/29 11:24:46 | 000,001,092 | ---- | M] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2011/06/29 08:23:03 | 000,377,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/24 08:21:44 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 08:21:44 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 08:21:44 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/23 18:00:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\file.ext
[2011/06/21 13:57:12 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/19 18:57:18 | 099,204,560 | ---- | M] ( ) -- C:\Users\The Reeve Family\Desktop\setup_9.0.0.722_20.06.2011_04-57.exe
[2011/06/16 17:04:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/11 21:16:22 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Reeve Family\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/10 09:40:44 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2011/07/09 04:15:03 | 000,000,512 | ---- | C] () -- C:\Users\The Reeve Family\Desktop\MBR.dat
[2011/07/06 14:42:03 | 000,302,592 | ---- | C] () -- C:\Users\The Reeve Family\Desktop\gmer.exe
[2011/07/06 14:41:30 | 000,293,977 | ---- | C] () -- C:\Users\The Reeve Family\Desktop\gmer.zip
[2011/07/02 22:32:56 | 000,006,102 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\B1C6.454
[2011/07/01 22:30:14 | 000,000,106 | ---- | C] () -- C:\Windows\SysWow64\573779942
[2011/06/22 10:22:41 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/21 13:57:12 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 21:21:41 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2011/06/20 21:21:14 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Picture Style Editor.lnk
[2011/06/20 21:21:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk
[2011/06/20 21:20:58 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2011/06/10 09:40:44 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/15 18:07:36 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat.temp
[2010/07/15 17:46:54 | 000,171,932 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/06/30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/27 13:29:20 | 000,000,070 | ---- | C] () -- C:\Windows\FSaver.ini
[2010/06/27 13:29:19 | 000,000,103 | ---- | C] () -- C:\Windows\Wingmakers.ini
[2010/06/06 08:18:23 | 000,003,235 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp11.html
[2010/06/06 08:18:08 | 000,000,778 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Temp1.html
[2010/04/30 22:34:58 | 000,000,036 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\housecall.guid.cache
[2010/04/30 06:37:02 | 000,003,276 | ---- | C] () -- C:\Windows\SysWow64\NVTBM.ini
[2010/04/08 10:53:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/22 08:00:15 | 000,007,605 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Local\Resmon.ResmonCfg
[2010/02/02 13:05:58 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/12/21 10:06:32 | 000,002,325 | ---- | C] () -- C:\Windows\checkip.dat
[2009/12/12 09:01:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/07 14:41:31 | 000,000,022 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/11/27 09:05:23 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/11/26 10:12:08 | 000,001,092 | ---- | C] () -- C:\Users\The Reeve Family\AppData\Roaming\wklnhst.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/09/05 17:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2007/08/23 09:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2000/06/28 03:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

========== LOP Check ==========

[2009/11/28 18:05:33 | 000,000,000 | -HSD | M] -- C:\Users\The Reeve Family\AppData\Roaming\.#
[2011/03/24 13:22:25 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Amazon
[2010/01/20 09:15:56 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Audio Recorder for Free
[2010/05/28 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Barnes & Noble
[2009/11/27 07:32:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\BNeReader
[2010/05/29 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\calibre
[2011/06/20 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Canon
[2010/11/04 07:37:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Digiarty
[2011/06/07 07:12:03 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Dropbox
[2009/12/02 09:14:06 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit
[2010/01/07 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Foxit Software
[2011/03/19 11:53:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Jasc
[2010/03/26 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Leadertech
[2010/08/24 15:32:49 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\muvee Technologies
[2010/07/15 06:30:48 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OpenDNS Updater
[2010/01/09 18:27:12 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\OverDrive
[2009/11/25 20:14:55 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\PictureMover
[2010/11/27 14:49:57 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\QuickScan
[2010/02/23 15:48:31 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SecondLife
[2010/03/24 21:27:43 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\SystemRequirementsLab
[2009/11/26 10:12:30 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Template
[2011/05/07 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Thunderbird
[2011/02/02 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Visan
[2009/12/18 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WildTangent
[2009/11/26 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WinBatch
[2010/08/07 18:35:16 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\Windows Live Writer
[2010/07/03 07:49:54 | 000,000,000 | ---D | M] -- C:\Users\The Reeve Family\AppData\Roaming\WTouch
[2011/06/30 10:24:40 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/05/26 11:17:36 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 985 bytes -> C:\Users\The Reeve Family\Documents\Lezli, welcome to www_realmindpowersecrets_com !.eml:OECustomProperty
@Alternate Data Stream - 1719 bytes -> C:\Users\The Reeve Family\Documents\Nieuwjaar 2010.eml:OECustomProperty

< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP