Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer runs slow, slow to start and will not power down


  • This topic is locked This topic is locked

#1
newmantjn

newmantjn

    Member

  • Member
  • PipPip
  • 21 posts
Hi, I am having trouble with my computer and suspect a possible virus, spyware or malware infection. The computer takes a very long time to start and will not shut down using the "start menu", even when left overnight. It just hangs. In order to power off, I need to press and hold the power button.

It also takes a very long time to start and when it does, sometimes the colors on the desktop etc. are "off" from what they should be. The CPU sometimes uses upwards of 90%. According to the windows task manager, svchost.exe is the culprit, using up all the resources.

I ran malwarebytes scan and it found nothing.

I currently have Norton security suite installed and it doesn't seem to have a problem, but reported some "attacks" from the internet that it blocked in the last few days.

Per the Malware and Spyware Cleaning Guide, I ran OTL. I don't know what the log means. The "extra" log pointed out a lot of errors though. Results of both are posted below. So perhaps it is not malware at all, but some sort of conflict? I am not saavy enough to tell. Anyway, I need to start somewhere and it really is acting like an infected computer I had a couple of year back.

Any help you can give is very appreciated. School is starting and my kids are looking for computer time.

Thanks in advance.

Todd

OTL logfile created on: 9/6/2011 6:57:09 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Todd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 48.92% Memory free
4.34 Gb Paging File | 3.15 Gb Available in Paging File | 72.64% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2247 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 13.63 Gb Free Space | 19.25% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 25.65 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive G: | 74.53 Gb Total Space | 3.30 Gb Free Space | 4.43% Space Free | Partition Type: NTFS

Computer Name: DELL8400 | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/03/21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004/03/23 13:16:16 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2004/01/07 02:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/11 03:14:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/11 03:14:21 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011/08/11 03:14:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011/08/11 03:12:50 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/08/11 03:12:36 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/08/11 03:11:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 03:11:40 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/11 03:11:34 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/11 03:10:07 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/08/11 03:10:06 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/08/11 03:10:05 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/08/11 03:10:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/08/11 03:09:59 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/08/11 03:09:59 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/08/11 03:09:57 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/08/11 03:09:57 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2011/08/11 03:09:52 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/08/11 03:09:44 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/06/28 03:12:13 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2011/06/28 03:10:21 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/03/19 10:09:07 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2011/03/19 10:09:04 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2011/03/19 10:09:03 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/03/19 10:09:02 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/03/19 10:08:56 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/03/19 10:08:56 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/03/19 10:08:56 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/03/19 10:08:56 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/03/19 10:08:56 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/03/19 10:08:56 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/03/19 10:08:55 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/03/19 10:08:55 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/03/19 10:08:55 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/10/08 03:03:13 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bf8f4d41\mscorlib.dll
MOD - [2010/10/08 03:03:08 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_d87d5825\system.drawing.dll
MOD - [2010/10/08 03:03:02 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ecde231c\system.xml.dll
MOD - [2010/10/08 03:02:55 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ff91f7c1\system.windows.forms.dll
MOD - [2010/10/08 03:02:46 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_dcd3f482\system.dll
MOD - [2010/10/08 03:02:37 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2009/12/26 01:11:43 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3559.38265__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3559.38292__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:43 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3559.38285__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:43 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009/12/26 01:11:43 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009/12/26 01:11:43 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3559.38424__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009/12/26 01:11:43 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009/12/26 01:11:42 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3559.38290__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:42 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3559.38359__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3559.38378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3559.38372__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3559.38325__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3559.38276__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3559.38397__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:41 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3559.38275__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3559.38344__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3559.38399__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:40 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3559.38291__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3559.38290__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:39 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3559.38351__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3559.38352__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:39 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3559.38350__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:36 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3559.38328__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:36 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3559.38364__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/12/26 01:11:35 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3559.38292__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:35 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3559.38340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:35 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3559.38327__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:35 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3559.38340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:34 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3559.38373__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:34 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3559.38278__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:34 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3559.38293__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3559.38298__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:33 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3559.38346__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:33 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3559.38321__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:33 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3559.38326__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:33 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3559.38342__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:32 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3559.38326__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/12/26 01:11:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3559.38327__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/12/26 01:11:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/12/26 01:11:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/12/26 01:11:31 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/12/26 01:11:31 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/12/26 01:11:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009/12/26 01:11:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/12/26 01:11:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/12/26 01:11:30 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/12/26 01:11:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/12/26 01:11:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/12/26 01:11:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009/12/26 01:11:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/12/26 01:11:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009/12/26 01:11:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/12/26 01:11:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/12/26 01:11:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/12/26 01:11:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/12/26 01:11:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/12/26 01:11:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/12/26 01:11:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/12/26 01:11:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/12/26 01:11:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/12/26 01:11:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/12/26 01:11:25 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/12/26 01:11:25 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/12/26 01:11:25 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/12/26 01:11:24 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/12/26 01:11:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/12/26 01:11:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009/12/26 01:11:22 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/12/26 01:11:22 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/12/26 01:11:22 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/12/26 01:11:22 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/12/26 01:11:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/12/26 01:11:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/12/26 01:11:20 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3559.38437__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009/12/26 01:11:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009/12/26 01:11:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/12/26 01:11:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/12/26 01:11:19 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3559.38409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/12/26 01:11:19 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009/12/26 01:11:19 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009/12/26 01:11:19 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3559.38259__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/12/26 01:11:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3559.38390__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/12/26 01:11:18 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/12/26 01:11:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009/12/26 01:11:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/12/26 01:11:17 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3559.38383__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/12/26 01:11:17 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3559.38284__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/12/26 01:11:17 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3559.38388__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/12/26 01:11:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/12/26 01:11:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/12/26 01:11:16 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3559.38262__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/12/26 01:11:16 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3559.38264__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/12/26 01:11:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/12/26 01:11:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/12/26 01:11:14 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3559.38271__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/12/26 01:11:13 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/12/26 01:11:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/12/26 01:11:11 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3559.38262__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009/12/26 01:11:11 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/12/26 01:11:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3559.38390__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/12/26 01:11:10 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3559.38261__90ba9c70f846762e\APM.Server.dll
MOD - [2009/12/26 01:11:09 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3559.38260__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/10/01 17:45:50 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/07/30 21:44:14 | 000,176,235 | ---- | M] () -- C:\WINDOWS\SYSTEM32\Primomonnt.dll
MOD - [2009/04/27 17:49:26 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/04/13 20:12:08 | 000,377,344 | ---- | M] () -- C:\WINDOWS\itenatuqicacepe.dll
MOD - [2006/09/05 22:18:36 | 000,051,716 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pdf995mon.dll
MOD - [2005/10/22 18:08:49 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2005/10/22 18:08:46 | 000,798,720 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2005/10/22 18:08:45 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2005/10/22 18:08:24 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2005/10/22 18:08:08 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2005/10/22 18:08:08 | 000,049,152 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2005/10/22 18:08:05 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2005/10/22 18:08:04 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.89__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2005/10/22 18:08:04 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2005/10/22 18:08:04 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.89__9cf889f53ea9b907\lead.drawing.dll
MOD - [2005/10/22 18:08:04 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.89__9cf889f53ea9b907\lead.dll
MOD - [2005/10/22 18:08:04 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2005/10/22 18:08:04 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2005/10/22 18:08:04 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2005/10/22 18:08:03 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2005/10/22 18:08:03 | 000,167,936 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2005/10/22 18:08:03 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2005/10/22 18:08:03 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2005/10/22 18:08:03 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2005/10/22 18:08:03 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2005/10/22 18:08:03 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2005/10/22 18:06:58 | 000,196,608 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2005/10/22 18:06:58 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2005/10/22 18:06:58 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2005/10/22 18:06:58 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2005/10/22 18:06:58 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2005/10/22 18:06:58 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpdarc\1.0.0.0__19565c63d39c2842\interop.hpdarc.dll
MOD - [2005/10/22 18:06:58 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2005/10/22 18:06:57 | 000,475,136 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2004/08/10 14:11:10 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2004/08/10 14:11:10 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2004/08/10 14:11:10 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2004/08/10 14:09:42 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2004/06/10 12:51:00 | 000,060,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\P17.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 22:20:15 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110906.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/31 22:20:15 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/31 22:20:15 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110906.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/23 00:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110903.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/07/27 19:59:10 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/22 20:27:23 | 000,815,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110812.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/28 20:33:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/09/30 00:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/07/17 10:37:48 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 13:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys -- (P17)
DRV - [2004/05/29 18:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 09:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 09:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys -- (PfModNT)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...com/index.html"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/21 02:11:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/09/06 18:19:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A953325C-A81A-4E6E-96B7-89C648CEC3E9}: C:\Documents and Settings\Eric\Local Settings\Application Data\{A953325C-A81A-4E6E-96B7-89C648CEC3E9}\ [2011/06/28 12:47:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0773A4E4-D8AA-47DE-8965-95C11CA3C683}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{0773A4E4-D8AA-47DE-8965-95C11CA3C683}\ [2011/06/28 16:02:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{03906C38-1D5E-4141-A51F-DD671FD06EAC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{03906C38-1D5E-4141-A51F-DD671FD06EAC}\ [2011/06/29 07:14:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{40CBC949-9CC5-4B24-B4EF-03F565BE5C9B}: C:\Documents and Settings\Eric\Local Settings\Application Data\{40CBC949-9CC5-4B24-B4EF-03F565BE5C9B}\ [2011/06/29 13:22:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{537EC386-92AB-45E2-818C-1F494B2B0B06}: C:\Documents and Settings\Eric\Local Settings\Application Data\{537EC386-92AB-45E2-818C-1F494B2B0B06}\ [2011/06/30 00:36:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{102A0E26-8A17-4BDA-B068-B463A0EF5095}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{102A0E26-8A17-4BDA-B068-B463A0EF5095} [2011/06/30 00:45:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B80B7E91-1B11-4A6A-A0E1-91E199644319}: C:\Documents and Settings\Eric\Local Settings\Application Data\{B80B7E91-1B11-4A6A-A0E1-91E199644319}\ [2011/06/30 01:23:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DEC87CCE-2D61-49AB-A988-1DDAD29396F5}: C:\Documents and Settings\Todd\Local Settings\Application Data\{DEC87CCE-2D61-49AB-A988-1DDAD29396F5}\ [2011/06/30 10:07:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D6BE176-7C02-44B8-857F-9CEFC675D517}: C:\Documents and Settings\Eric\Local Settings\Application Data\{2D6BE176-7C02-44B8-857F-9CEFC675D517} [2011/07/10 15:08:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1317FB61-47C9-4371-8D70-142EE92531CD}: C:\Documents and Settings\Todd\Local Settings\Application Data\{1317FB61-47C9-4371-8D70-142EE92531CD}\ [2011/07/10 15:52:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0848921B-37A7-402D-B816-F35F548D96BC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{0848921B-37A7-402D-B816-F35F548D96BC}\ [2011/07/10 15:59:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{057AC97D-5BAC-4B7D-A272-8638FF25CA6A}: C:\Documents and Settings\Kelly\Local Settings\Application Data\{057AC97D-5BAC-4B7D-A272-8638FF25CA6A}\ [2011/07/11 22:42:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{57282DC1-CBB3-4E5F-BE0B-5510D745DF4E}: C:\Documents and Settings\Todd\Local Settings\Application Data\{57282DC1-CBB3-4E5F-BE0B-5510D745DF4E}\ [2011/07/12 07:04:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23DB38AE-F3A9-4AF4-A593-5D36D6C1A563}: C:\Documents and Settings\Todd\Local Settings\Application Data\{23DB38AE-F3A9-4AF4-A593-5D36D6C1A563}\ [2011/07/12 23:34:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A92D4AB1-8E15-4B66-AB0A-B756278FA9A2}: C:\Documents and Settings\Todd\Local Settings\Application Data\{A92D4AB1-8E15-4B66-AB0A-B756278FA9A2}\ [2011/07/13 16:17:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E22B482-2E6C-4895-ADCB-9199273C3F4F}: C:\Documents and Settings\Todd\Local Settings\Application Data\{1E22B482-2E6C-4895-ADCB-9199273C3F4F}\ [2011/07/14 11:19:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{45FA57C4-88F6-4A80-AD78-8E9F55F9D1F8}: C:\Documents and Settings\Todd\Local Settings\Application Data\{45FA57C4-88F6-4A80-AD78-8E9F55F9D1F8} [2011/07/15 09:55:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7E861940-90DB-425B-8FA5-461B416A73BA}: C:\Documents and Settings\Todd\Local Settings\Application Data\{7E861940-90DB-425B-8FA5-461B416A73BA}\ [2011/07/16 15:01:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{54C4A5E6-62E4-4F9C-9652-30B69767708F}: C:\Documents and Settings\Todd\Local Settings\Application Data\{54C4A5E6-62E4-4F9C-9652-30B69767708F}\ [2011/07/17 17:07:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{03BB0082-F5EB-4B7B-9B90-C11065BD168D}: C:\Documents and Settings\Eric\Local Settings\Application Data\{03BB0082-F5EB-4B7B-9B90-C11065BD168D}\ [2011/07/18 02:48:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0671E008-EACE-496F-A1B1-4B5C6B7480BE}: C:\Documents and Settings\Todd\Local Settings\Application Data\{0671E008-EACE-496F-A1B1-4B5C6B7480BE}\ [2011/07/18 06:42:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D11C6602-9A16-4935-B7BB-27C2C76C98B6}: C:\Documents and Settings\Eric\Local Settings\Application Data\{D11C6602-9A16-4935-B7BB-27C2C76C98B6}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D1DBB716-7F5A-44B0-9DB7-4DFB04ADEEF4}: C:\Documents and Settings\Eric\Local Settings\Application Data\{D1DBB716-7F5A-44B0-9DB7-4DFB04ADEEF4}\ [2011/07/18 13:02:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3AAC82F7-B4A2-4830-8113-085D4AA8F5AC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{3AAC82F7-B4A2-4830-8113-085D4AA8F5AC}\ [2011/07/18 18:10:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6920EC05-F79A-45A8-BF4C-C0095F4F33FA}: C:\Documents and Settings\Todd\Local Settings\Application Data\{6920EC05-F79A-45A8-BF4C-C0095F4F33FA} [2011/07/19 09:09:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{E6970E9E-6A21-497A-BBDD-29FEA64E3BB1}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{E6970E9E-6A21-497A-BBDD-29FEA64E3BB1}\ [2011/07/19 14:46:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DA2655F0-78B2-4585-96CA-9E52F93880C5}: C:\Documents and Settings\Eric\Local Settings\Application Data\{DA2655F0-78B2-4585-96CA-9E52F93880C5}\ [2011/07/20 00:38:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{65FBD8BE-F543-4574-B03C-6C3836AC6B29}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{65FBD8BE-F543-4574-B03C-6C3836AC6B29}\ [2011/07/20 20:16:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABD8F9CF-1C70-4421-B580-4EB7918C0077}: C:\Documents and Settings\Eric\Local Settings\Application Data\{ABD8F9CF-1C70-4421-B580-4EB7918C0077}\ [2011/07/20 22:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A1FE74F7-09FE-4B86-A52A-D7E788439E68}: C:\Documents and Settings\Eric\Local Settings\Application Data\{A1FE74F7-09FE-4B86-A52A-D7E788439E68}\ [2011/07/21 13:50:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{418031C1-8B58-49EA-836E-CB3D98DAFF55}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{418031C1-8B58-49EA-836E-CB3D98DAFF55}\ [2011/07/22 00:13:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0271A1A2-B74E-4041-82D6-FEA2581A8645}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{0271A1A2-B74E-4041-82D6-FEA2581A8645}\ [2011/07/23 00:39:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{05E80E45-DA62-457E-824D-4A34122E90E9}: C:\Documents and Settings\Eric\Local Settings\Application Data\{05E80E45-DA62-457E-824D-4A34122E90E9}\ [2011/07/24 00:06:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{61BE6457-E8C6-4A7A-B19C-4FDBB65ACE42}: C:\Documents and Settings\Eric\Local Settings\Application Data\{61BE6457-E8C6-4A7A-B19C-4FDBB65ACE42}\ [2011/07/25 23:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{929228A3-961E-4326-B503-78C78517B35B}: C:\Documents and Settings\Todd\Local Settings\Application Data\{929228A3-961E-4326-B503-78C78517B35B}\ [2011/07/26 08:32:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2BD69083-DECB-4C54-93E0-EAE70325541E}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{2BD69083-DECB-4C54-93E0-EAE70325541E}\ [2011/07/26 17:01:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1BF3E2FB-DEC8-4FB1-AE27-CACEB7300ADC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{1BF3E2FB-DEC8-4FB1-AE27-CACEB7300ADC}\ [2011/07/29 11:31:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22155615-7136-470E-8AE0-E44BCACCABC9}: C:\Documents and Settings\Eric\Local Settings\Application Data\{22155615-7136-470E-8AE0-E44BCACCABC9}\ [2011/07/29 12:13:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{12EF9AE4-D2E5-4509-A433-1C086DC12715}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{12EF9AE4-D2E5-4509-A433-1C086DC12715}\ [2011/07/30 13:08:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E7612C4-D82F-49E2-A577-E9BC00ED9B8D}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{1E7612C4-D82F-49E2-A577-E9BC00ED9B8D}\ [2011/07/30 19:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{671F0D07-B4AE-4152-BA42-E460E6598FB8}: C:\Documents and Settings\Eric\Local Settings\Application Data\{671F0D07-B4AE-4152-BA42-E460E6598FB8}\ [2011/07/31 00:18:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2C773C02-64CA-44F0-8791-4D61AC7A26D9}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{2C773C02-64CA-44F0-8791-4D61AC7A26D9}\ [2011/07/31 19:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FC34578C-2FD5-4A9B-8BD7-EB6398EA8811}: C:\Documents and Settings\Todd\Local Settings\Application Data\{FC34578C-2FD5-4A9B-8BD7-EB6398EA8811}\ [2011/07/31 21:26:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A0CEAAEA-05CB-445B-A032-43553E19A4AA}: C:\Documents and Settings\Eric\Local Settings\Application Data\{A0CEAAEA-05CB-445B-A032-43553E19A4AA} [2011/07/31 22:28:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7713A671-D20E-47E5-9F30-87A1A4B01195}: C:\Documents and Settings\Todd\Local Settings\Application Data\{7713A671-D20E-47E5-9F30-87A1A4B01195}\ [2011/08/01 17:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7F8EF0EF-7694-40F0-96F6-F103311A51DD}: C:\Documents and Settings\Todd\Local Settings\Application Data\{7F8EF0EF-7694-40F0-96F6-F103311A51DD}\ [2011/08/02 07:42:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2B893E64-1610-4F1E-885F-1745E134259F}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{2B893E64-1610-4F1E-885F-1745E134259F}\ [2011/08/02 16:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{5066D716-3F81-45B8-9F3D-2575A67B2E2A}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{5066D716-3F81-45B8-9F3D-2575A67B2E2A}\ [2011/08/03 15:05:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{49D0B7F6-49C7-485E-9584-501C94BD9BCA}: C:\Documents and Settings\Todd\Local Settings\Application Data\{49D0B7F6-49C7-485E-9584-501C94BD9BCA}\ [2011/08/04 08:03:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{869C5B78-21DB-457F-BCB2-241064C34377}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{869C5B78-21DB-457F-BCB2-241064C34377}\ [2011/08/04 10:43:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{AE9AC993-3919-4B9A-ACB8-60188F6F4FC6}: C:\Documents and Settings\Kelly\Local Settings\Application Data\{AE9AC993-3919-4B9A-ACB8-60188F6F4FC6}\ [2011/08/04 17:44:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C5575B97-EB3C-4156-BF6F-84A62B2C69E0}: C:\Documents and Settings\Todd\Local Settings\Application Data\{C5575B97-EB3C-4156-BF6F-84A62B2C69E0}\ [2011/08/05 07:53:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{9061DB3E-99B4-4600-8D81-3408F644DDBC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{9061DB3E-99B4-4600-8D81-3408F644DDBC}\ [2011/08/08 14:59:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{51AE06A4-E746-49EE-99FD-E289404BC53E}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{51AE06A4-E746-49EE-99FD-E289404BC53E}\ [2011/08/08 15:33:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{93B619E1-A813-42D3-BFCF-D5B098F1B676}: C:\Documents and Settings\Todd\Local Settings\Application Data\{93B619E1-A813-42D3-BFCF-D5B098F1B676}\ [2011/08/10 14:50:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F}: C:\Documents and Settings\Todd\Local Settings\Application Data\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F}\ [2011/08/11 08:00:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1EC4B7AC-9AE7-4D9F-B0B5-614AA1C6B33D}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{1EC4B7AC-9AE7-4D9F-B0B5-614AA1C6B33D}\ [2011/08/11 15:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{694F11F0-AA38-4790-9F04-F539485A6D77}: C:\Documents and Settings\Todd\Local Settings\Application Data\{694F11F0-AA38-4790-9F04-F539485A6D77}\ [2011/08/12 17:18:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{74D6A197-659E-4A82-AA5C-784884614CCD}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{74D6A197-659E-4A82-AA5C-784884614CCD}\ [2011/08/13 22:00:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{717B0DA9-2B76-485F-A1E4-49453273E8C0}: C:\Documents and Settings\Todd\Local Settings\Application Data\{717B0DA9-2B76-485F-A1E4-49453273E8C0}\ [2011/08/17 05:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C2ED4199-0455-491C-8128-8E97EEB5014D}: C:\Documents and Settings\Kelly\Local Settings\Application Data\{C2ED4199-0455-491C-8128-8E97EEB5014D}\ [2011/08/20 10:44:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7498F4AD-EEED-42E2-ABD3-9A7891CEE9C8}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{7498F4AD-EEED-42E2-ABD3-9A7891CEE9C8}\ [2011/08/25 17:16:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F713C410-F6DC-4361-BA4C-6DCA859D19D8}: C:\Documents and Settings\Todd\Local Settings\Application Data\{F713C410-F6DC-4361-BA4C-6DCA859D19D8}\ [2011/08/31 07:03:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8A077F73-7EF4-424E-B1EE-013D2FABD78D}: C:\Documents and Settings\Todd\Local Settings\Application Data\{8A077F73-7EF4-424E-B1EE-013D2FABD78D}\ [2011/08/31 18:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{726744A8-D63F-4047-B18F-F2E0DB09CBBF}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{726744A8-D63F-4047-B18F-F2E0DB09CBBF}\ [2011/09/01 15:18:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C3D3800D-1563-437E-9265-928F53E1E92F}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{C3D3800D-1563-437E-9265-928F53E1E92F}\ [2011/09/01 15:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB}: C:\Documents and Settings\Todd\Local Settings\Application Data\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB}\ [2011/09/01 18:07:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860}: C:\Documents and Settings\Todd\Local Settings\Application Data\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860}\ [2011/09/02 10:36:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4D4DF449-383C-49D8-B90B-7B295A45BD66}: C:\Documents and Settings\Todd\Local Settings\Application Data\{4D4DF449-383C-49D8-B90B-7B295A45BD66}\ [2011/09/02 15:13:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0D73340C-D9AE-463A-B064-8F4F7639EB30}: C:\Documents and Settings\Todd\Local Settings\Application Data\{0D73340C-D9AE-463A-B064-8F4F7639EB30}\ [2011/09/03 09:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0627063D-43D5-4772-9DC8-BE7BAE1928D8}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{0627063D-43D5-4772-9DC8-BE7BAE1928D8}\ [2011/09/03 11:27:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B0257E3F-D456-4D40-B42F-B4D5DFCA243D}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{B0257E3F-D456-4D40-B42F-B4D5DFCA243D}\ [2011/09/03 11:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{28DEE206-2E09-4463-9881-5E30A842FC49}: C:\Documents and Settings\Todd\Local Settings\Application Data\{28DEE206-2E09-4463-9881-5E30A842FC49}\ [2011/09/03 19:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D2C952E7-C8C7-47FD-94D3-7CF19A68CD2E}: C:\Documents and Settings\Todd\Local Settings\Application Data\{D2C952E7-C8C7-47FD-94D3-7CF19A68CD2E}\ [2011/09/03 19:50:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{883AE02B-7174-4C9C-BDA7-599B920A97DC}: C:\Documents and Settings\Todd\Local Settings\Application Data\{883AE02B-7174-4C9C-BDA7-599B920A97DC}\ [2011/09/04 22:10:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7867D7A1-342F-4A28-8DED-BFB024A79C74}: C:\Documents and Settings\Melissa\Local Settings\Application Data\{7867D7A1-342F-4A28-8DED-BFB024A79C74}\ [2011/09/04 23:11:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{53ED3723-1B50-44F6-A193-F920259C041F}: C:\Documents and Settings\Todd\Local Settings\Application Data\{53ED3723-1B50-44F6-A193-F920259C041F}\ [2011/09/04 23:18:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4}: C:\Documents and Settings\Todd\Local Settings\Application Data\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4}\ [2011/09/05 13:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CB33D84E-DE4E-4B92-8C90-782011DDAC21}: C:\Documents and Settings\Todd\Local Settings\Application Data\{CB33D84E-DE4E-4B92-8C90-782011DDAC21}\ [2011/09/05 17:22:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4}: C:\Documents and Settings\Todd\Local Settings\Application Data\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4}\ [2011/09/05 17:37:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ECCBEFE6-4F84-4BE1-A7E8-6429CBCA0485}: C:\Documents and Settings\Todd\Local Settings\Application Data\{ECCBEFE6-4F84-4BE1-A7E8-6429CBCA0485}\ [2011/09/06 06:30:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6A5E1737-DE9D-457D-9353-C6416FF6106E}: C:\Documents and Settings\Todd\Local Settings\Application Data\{6A5E1737-DE9D-457D-9353-C6416FF6106E}\ [2011/09/06 07:29:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20C74F2C-DE28-4907-804C-1CE21C50B888}: C:\Documents and Settings\Todd\Local Settings\Application Data\{20C74F2C-DE28-4907-804C-1CE21C50B888}\ [2011/09/06 18:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/31 12:18:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/01 02:07:34 | 000,000,000 | ---D | M]

[2008/09/04 20:17:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Extensions
[2011/05/08 07:32:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions
[2010/04/26 21:30:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/14 20:02:04 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/12/13 21:50:48 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\[email protected]
[2011/09/01 00:18:26 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\searchplugins\ipdb.xml
[2011/05/08 10:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/06 23:47:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/21 02:11:49 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011/07/18 02:48:15 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{03BB0082-F5EB-4B7B-9B90-C11065BD168D}
[2011/07/24 00:06:53 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{05E80E45-DA62-457E-824D-4A34122E90E9}
[2011/07/29 12:13:28 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{22155615-7136-470E-8AE0-E44BCACCABC9}
[2011/07/10 15:08:57 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{2D6BE176-7C02-44B8-857F-9CEFC675D517}
[2011/06/29 13:22:09 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{40CBC949-9CC5-4B24-B4EF-03F565BE5C9B}
[2011/06/30 00:36:38 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{537EC386-92AB-45E2-818C-1F494B2B0B06}
[2011/07/25 23:55:08 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{61BE6457-E8C6-4A7A-B19C-4FDBB65ACE42}
[2011/07/31 00:18:40 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{671F0D07-B4AE-4152-BA42-E460E6598FB8}
[2011/07/31 22:28:51 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{A0CEAAEA-05CB-445B-A032-43553E19A4AA}
[2011/07/21 13:50:47 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{A1FE74F7-09FE-4B86-A52A-D7E788439E68}
[2011/06/28 12:47:53 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{A953325C-A81A-4E6E-96B7-89C648CEC3E9}
[2011/07/20 22:55:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{ABD8F9CF-1C70-4421-B580-4EB7918C0077}
[2011/06/30 01:23:21 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{B80B7E91-1B11-4A6A-A0E1-91E199644319}
[2011/07/18 13:02:07 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{D1DBB716-7F5A-44B0-9DB7-4DFB04ADEEF4}
[2011/07/20 00:38:38 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ERIC\LOCAL SETTINGS\APPLICATION DATA\{DA2655F0-78B2-4585-96CA-9E52F93880C5}
[2011/07/11 22:42:58 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\KELLY\LOCAL SETTINGS\APPLICATION DATA\{057AC97D-5BAC-4B7D-A272-8638FF25CA6A}
[2011/08/04 17:44:25 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\KELLY\LOCAL SETTINGS\APPLICATION DATA\{AE9AC993-3919-4B9A-ACB8-60188F6F4FC6}
[2011/08/20 10:44:38 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\KELLY\LOCAL SETTINGS\APPLICATION DATA\{C2ED4199-0455-491C-8128-8E97EEB5014D}
[2011/07/23 00:39:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{0271A1A2-B74E-4041-82D6-FEA2581A8645}
[2011/09/03 11:27:52 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{0627063D-43D5-4772-9DC8-BE7BAE1928D8}
[2011/06/28 16:02:06 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{0773A4E4-D8AA-47DE-8965-95C11CA3C683}
[2011/06/30 00:45:34 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{102A0E26-8A17-4BDA-B068-B463A0EF5095}
[2011/07/30 13:08:40 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{12EF9AE4-D2E5-4509-A433-1C086DC12715}
[2011/07/30 19:37:05 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{1E7612C4-D82F-49E2-A577-E9BC00ED9B8D}
[2011/08/11 15:50:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{1EC4B7AC-9AE7-4D9F-B0B5-614AA1C6B33D}
[2011/08/02 16:40:17 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{2B893E64-1610-4F1E-885F-1745E134259F}
[2011/07/26 17:01:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{2BD69083-DECB-4C54-93E0-EAE70325541E}
[2011/07/31 19:44:32 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{2C773C02-64CA-44F0-8791-4D61AC7A26D9}
[2011/07/22 00:13:26 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{418031C1-8B58-49EA-836E-CB3D98DAFF55}
[2011/08/03 15:05:47 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{5066D716-3F81-45B8-9F3D-2575A67B2E2A}
[2011/08/08 15:33:18 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{51AE06A4-E746-49EE-99FD-E289404BC53E}
[2011/07/20 20:16:24 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{65FBD8BE-F543-4574-B03C-6C3836AC6B29}
[2011/09/01 15:18:00 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{726744A8-D63F-4047-B18F-F2E0DB09CBBF}
[2011/08/25 17:16:43 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{7498F4AD-EEED-42E2-ABD3-9A7891CEE9C8}
[2011/08/13 22:00:51 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{74D6A197-659E-4A82-AA5C-784884614CCD}
[2011/09/04 23:11:32 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{7867D7A1-342F-4A28-8DED-BFB024A79C74}
[2011/08/04 10:43:20 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{869C5B78-21DB-457F-BCB2-241064C34377}
[2011/09/03 11:55:39 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{B0257E3F-D456-4D40-B42F-B4D5DFCA243D}
[2011/07/19 14:46:55 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MELISSA\LOCAL SETTINGS\APPLICATION DATA\{E6970E9E-6A21-497A-BBDD-29FEA64E3BB1}
[2011/06/29 07:14:25 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{03906C38-1D5E-4141-A51F-DD671FD06EAC}
[2011/07/18 06:42:26 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{0671E008-EACE-496F-A1B1-4B5C6B7480BE}
[2011/09/03 09:45:20 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{0D73340C-D9AE-463A-B064-8F4F7639EB30}
[2011/07/10 15:52:26 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{1317FB61-47C9-4371-8D70-142EE92531CD}
[2011/07/29 11:31:11 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{1BF3E2FB-DEC8-4FB1-AE27-CACEB7300ADC}
[2011/07/14 11:19:53 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{1E22B482-2E6C-4895-ADCB-9199273C3F4F}
[2011/07/12 23:34:23 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{23DB38AE-F3A9-4AF4-A593-5D36D6C1A563}
[2011/09/01 18:07:59 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB}
[2011/09/03 19:34:48 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{28DEE206-2E09-4463-9881-5E30A842FC49}
[2011/09/05 17:37:00 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4}
[2011/07/18 18:10:00 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{3AAC82F7-B4A2-4830-8113-085D4AA8F5AC}
[2011/07/15 09:55:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{45FA57C4-88F6-4A80-AD78-8E9F55F9D1F8}
[2011/08/04 08:03:53 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{49D0B7F6-49C7-485E-9584-501C94BD9BCA}
[2011/09/02 15:13:59 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{4D4DF449-383C-49D8-B90B-7B295A45BD66}
[2011/07/17 17:07:22 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{54C4A5E6-62E4-4F9C-9652-30B69767708F}
[2011/07/12 07:04:19 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{57282DC1-CBB3-4E5F-BE0B-5510D745DF4E}
[2011/07/19 09:09:19 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{6920EC05-F79A-45A8-BF4C-C0095F4F33FA}
[2011/08/12 17:18:52 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{694F11F0-AA38-4790-9F04-F539485A6D77}
[2011/08/17 05:13:07 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{717B0DA9-2B76-485F-A1E4-49453273E8C0}
[2011/08/01 17:27:06 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{7713A671-D20E-47E5-9F30-87A1A4B01195}
[2011/07/16 15:01:36 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{7E861940-90DB-425B-8FA5-461B416A73BA}
[2011/09/04 22:10:27 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{883AE02B-7174-4C9C-BDA7-599B920A97DC}
[2011/08/31 18:08:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{8A077F73-7EF4-424E-B1EE-013D2FABD78D}
[2011/08/08 14:59:30 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{9061DB3E-99B4-4600-8D81-3408F644DDBC}
[2011/07/26 08:32:45 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{929228A3-961E-4326-B503-78C78517B35B}
[2011/08/10 14:50:38 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{93B619E1-A813-42D3-BFCF-D5B098F1B676}
[2011/09/05 13:54:41 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4}
[2011/07/13 16:17:49 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{A92D4AB1-8E15-4B66-AB0A-B756278FA9A2}
[2011/08/11 08:00:26 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F}
[2011/08/05 07:53:11 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{C5575B97-EB3C-4156-BF6F-84A62B2C69E0}
[2011/09/05 17:22:51 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{CB33D84E-DE4E-4B92-8C90-782011DDAC21}
[2011/06/30 10:07:18 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{DEC87CCE-2D61-49AB-A988-1DDAD29396F5}
[2011/09/02 10:36:39 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860}
[2011/08/31 07:03:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{F713C410-F6DC-4361-BA4C-6DCA859D19D8}
[2011/07/31 21:26:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{FC34578C-2FD5-4A9B-8BD7-EB6398EA8811}
[2008/12/04 21:17:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/08/31 12:18:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/08 13:33:20 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Bvopuligizoyo] C:\WINDOWS\itenatuqicacepe.dll ()
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: comcast.net ([publish] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([myvpn] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([owana] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([vpn] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.micr...0367/wmavax.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0683FC48-7E08-488F-9FCD-4AE58EA14CF6} http://www.playlinc....LincManager.ocx (PlayLinc™ Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.co...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...90/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {7F245E01-651F-48E5-8A85-4752EC65E4ED} http://69.133.88.65:...co210Viewer.cab (Cisco210Viewer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.globalga...ffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,23/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://myvpn.ford.c...perSetupSP1.cab (JuniperSetupSP1 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{321DB9CD-B38B-4246-A9ED-8DB9B9531022}: DhcpNameServer = 68.87.77.134 68.87.72.134
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/06 18:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{20C74F2C-DE28-4907-804C-1CE21C50B888}
[2011/09/06 17:59:03 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/06 07:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{6A5E1737-DE9D-457D-9353-C6416FF6106E}
[2011/09/06 06:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{ECCBEFE6-4F84-4BE1-A7E8-6429CBCA0485}
[2011/09/05 17:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4}
[2011/09/05 17:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{CB33D84E-DE4E-4B92-8C90-782011DDAC21}
[2011/09/05 13:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4}
[2011/09/05 13:39:05 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/09/05 01:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/09/04 23:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{53ED3723-1B50-44F6-A193-F920259C041F}
[2011/09/04 22:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{FFF4852F-5D9B-41FF-B89A-E3F800F224EF}
[2011/09/04 22:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{883AE02B-7174-4C9C-BDA7-599B920A97DC}
[2011/09/03 19:50:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{D2C952E7-C8C7-47FD-94D3-7CF19A68CD2E}
[2011/09/03 19:34:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{28DEE206-2E09-4463-9881-5E30A842FC49}
[2011/09/03 09:45:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{0D73340C-D9AE-463A-B064-8F4F7639EB30}
[2011/09/02 15:13:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{4D4DF449-383C-49D8-B90B-7B295A45BD66}
[2011/09/02 10:36:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860}
[2011/09/01 18:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB}
[2011/08/31 18:08:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{8A077F73-7EF4-424E-B1EE-013D2FABD78D}
[2011/08/31 13:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/08/31 13:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/08/31 13:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/08/31 12:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/08/31 12:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/08/31 07:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{F713C410-F6DC-4361-BA4C-6DCA859D19D8}
[2011/08/20 23:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\out west
[2011/08/20 23:21:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\newproffff
[2011/08/18 23:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\SoccerTeam2011
[2011/08/17 05:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{717B0DA9-2B76-485F-A1E4-49453273E8C0}
[2011/08/16 13:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/08/12 17:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{694F11F0-AA38-4790-9F04-F539485A6D77}
[2011/08/11 08:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F}
[2011/08/10 14:50:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{93B619E1-A813-42D3-BFCF-D5B098F1B676}
[2011/08/08 14:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{9061DB3E-99B4-4600-8D81-3408F644DDBC}
[2009/12/10 22:33:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Todd\Application Data\pcouffin.sys
[2005/12/13 23:15:38 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2004/08/25 15:22:08 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 01:00:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/06 19:11:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job
[2011/09/06 18:55:04 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Kxazo.dat
[2011/09/06 18:54:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/06 18:53:59 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/06 18:33:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/06 18:18:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/06 18:18:25 | 2682,425,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/06 13:46:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/06 13:19:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010UA.job
[2011/09/06 06:30:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Dhoyabuleze.bin
[2011/09/05 16:19:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010Core.job
[2011/09/05 08:10:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/03 20:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/02 18:30:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (DELL8400-Todd).job
[2011/08/28 21:08:21 | 004,015,880 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\IMG_5206.JPG
[2011/08/28 21:08:21 | 002,330,082 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\IMG_5141.JPG
[2011/08/26 10:33:54 | 000,020,802 | ---- | M] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:23 | 000,744,403 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/25 12:05:11 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/08/23 23:05:40 | 000,110,050 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/20 23:19:08 | 001,634,224 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\photo.JPG
[2011/08/20 11:10:10 | 002,529,666 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\more9.JPG
[2011/08/20 11:10:00 | 002,431,369 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\more8.JPG
[2011/08/20 11:09:48 | 002,159,645 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\more7.JPG
[2011/08/18 18:15:23 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/08/18 18:15:16 | 000,445,836 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/08/18 18:15:16 | 000,073,042 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/08/17 03:38:27 | 000,423,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/16 21:15:51 | 000,154,275 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf
[2011/08/11 03:06:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/06 07:23:25 | 2682,425,344 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/28 21:08:21 | 004,015,880 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\IMG_5206.JPG
[2011/08/28 21:08:21 | 002,330,082 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\IMG_5141.JPG
[2011/08/26 10:33:54 | 000,020,802 | ---- | C] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:06 | 000,744,403 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/23 23:05:39 | 000,110,050 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/20 23:19:07 | 001,634,224 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\photo.JPG
[2011/08/20 11:10:09 | 002,529,666 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\more9.JPG
[2011/08/20 11:10:00 | 002,431,369 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\more8.JPG
[2011/08/20 11:09:48 | 002,159,645 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\more7.JPG
[2011/08/16 21:15:44 | 000,154,275 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf
[2011/06/28 12:47:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kxazo.dat
[2011/06/28 12:47:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dhoyabuleze.bin
[2011/05/12 15:22:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/22 19:37:09 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/06/17 23:21:13 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/06/04 16:29:34 | 000,094,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/10 22:33:53 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\inst.exe
[2009/12/10 22:33:53 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.cat
[2009/12/10 22:33:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.inf
[2009/07/30 21:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/12/24 01:42:49 | 000,000,441 | ---- | C] () -- C:\WINDOWS\System32\TDSSbeat.dat
[2008/10/28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/07/12 11:00:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/06/09 23:03:54 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/29 21:23:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/02/04 23:52:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\gl.dll
[2008/02/04 23:52:03 | 000,006,138 | ---- | C] () -- C:\WINDOWS\System32\e1.ini
[2008/01/18 23:13:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/01/18 23:10:41 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/12/20 22:35:44 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/11/27 15:34:14 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/11/23 00:38:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2007/10/12 21:24:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/04/07 22:49:18 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007/04/07 22:48:32 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2007/03/14 23:35:01 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2007/01/10 23:28:41 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/01/08 20:39:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/09/05 22:22:45 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2006/09/05 22:21:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2006/09/05 22:18:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/09/05 22:18:36 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/06/04 20:50:34 | 000,000,545 | ---- | C] () -- C:\WINDOWS\Jelly.ini
[2006/05/13 12:40:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/04/27 20:28:30 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\FixVTS.ini
[2006/04/23 14:14:22 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/19 17:49:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/02/04 00:14:06 | 000,000,246 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2006/01/04 22:06:30 | 000,004,830 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/30 13:59:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/12/18 18:32:17 | 000,001,581 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/26 20:38:47 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005/10/22 17:58:54 | 000,068,938 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2005/10/22 17:58:54 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2005/10/17 20:58:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/17 20:49:29 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/10 20:56:12 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/09/07 19:49:27 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/07/14 19:46:11 | 000,000,096 | ---- | C] () -- C:\WINDOWS\ImgTool.INI
[2005/07/13 22:19:25 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/02 19:48:40 | 000,001,090 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/06/02 19:43:17 | 000,001,293 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/05/30 20:56:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JPR.{PB
[2005/05/30 20:56:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JCM.{PB
[2005/05/30 15:48:40 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\fusioncache.dat
[2005/05/28 16:06:53 | 000,000,519 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/05/25 12:04:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/25 12:00:11 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/25 11:57:25 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/25 11:51:34 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2005/05/25 11:51:34 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/05/25 11:51:26 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2005/05/25 11:51:26 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/05/25 11:51:21 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/05/25 11:42:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/05/25 11:40:54 | 000,445,836 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/05/25 11:40:54 | 000,073,042 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/05/25 11:22:34 | 000,000,367 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:08:08 | 000,423,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:02:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:08:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/10 11:08:26 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,377,344 | ---- | C] () -- C:\WINDOWS\itenatuqicacepe.dll
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996/12/04 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/04 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1980/01/01 01:00:00 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[1980/01/01 01:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== LOP Check ==========

[2005/09/07 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2007/01/10 23:23:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/20 01:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2010/05/08 14:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Euchre
[2006/08/13 10:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2005/12/17 16:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/08/25 12:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/01/10 23:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/12/08 12:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/06/27 07:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008/12/24 05:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/06 00:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/12/30 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/06 21:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2006/06/16 12:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/04/01 23:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/17 22:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/02/04 19:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Amazon
[2011/04/11 23:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\BitTorrent
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canneverbe Limited
[2007/01/20 17:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canon
[2011/01/02 16:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\FileZilla
[2009/07/26 12:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GARMIN
[2010/06/02 21:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GrabPro
[2011/08/22 19:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\gtk-2.0
[2008/09/02 22:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\IEPro
[2005/08/24 16:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Image Zone Express
[2008/02/06 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Inkscape
[2008/07/20 20:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Juniper Networks
[2005/10/08 10:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\K9
[2005/07/13 19:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Leadertech
[2006/02/25 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\LucasArts
[2005/10/08 10:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MailWasherPro
[2008/08/20 19:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MiniDm
[2010/07/20 07:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MSNInstaller
[2006/01/16 18:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Musicmatch
[2005/11/26 16:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\NCH Swift Sound
[2006/09/05 22:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\pdf995
[2006/02/25 19:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Petroglyph
[2011/04/17 10:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\PrimoPDF
[2005/11/26 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\RecordPad
[2007/01/10 23:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\ScanSoft
[2005/06/11 18:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Simple Star
[2006/09/21 22:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Snapfish
[2011/03/19 11:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Tific
[2010/12/23 14:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\vShare
[2010/11/25 15:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Vso
[2011/09/06 19:11:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >



OTL Extras logfile created on: 9/6/2011 6:57:09 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Todd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 48.92% Memory free
4.34 Gb Paging File | 3.15 Gb Available in Paging File | 72.64% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2247 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 13.63 Gb Free Space | 19.25% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 25.65 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive G: | 74.53 Gb Total Space | 3.30 Gb Free Space | 4.43% Space Free | Partition Type: NTFS

Computer Name: DELL8400 | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Valve\Steam\Steam.exe" = C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL
"C:\Program Files\Conference\Conference.dll" = C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Program Files\Common Files\AOL\1153246099\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1153246099\ee\aolsoftware.exe:*:Enabled:AOL Services
"C:\Program Files\Common Files\AOL\1153246099\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1153246099\ee\aim6.exe:*:Enabled:AIM
"C:\Program Files\PlayLinc Web Services\PLWS.exe" = C:\Program Files\PlayLinc Web Services\PLWS.exe:*:Enabled:PlayLinc™ Web Services
"E:\Program Files\IEPro\MiniDM.exe" = E:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"E:\Program Files\steamapps\common\alien swarm\srcds.exe" = E:\Program Files\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server
"C:\Documents and Settings\Melissa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Melissa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek
"{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean
"{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing
"{266F34CA-580F-4615-80FE-BDFBD56B748F}" = School Tycoon
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 20
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{29D851C2-048C-4B5E-8D1F-25D473342BB5}" = ScanSoft OmniPage SE 4.0
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility
"{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3538E004-D991-471A-954A-C474321BCD18}" = Visual Install Pack
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3E175C63-14BA-4A53-A491-963A457AB5B0}" = CD Key Generator
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All
"{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French
"{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = PageRage 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish
"{A1BC8E02-6B5B-4B4A-A75F-B27A16918C2B}" = DiscWizard for Windows
"{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish
"{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C14201FD-245D-4CA9-A582-47D842C6AC59}" = TurboTax 2010 wmiiper
"{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB481CC-F57C-4397-81A0-DADD22257047}" = Sound Blaster Live! 24-bit
"{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish
"{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian
"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Pod to PC 3.245
"{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai
"{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English
"42 Bit Scanner" = 42 Bit Scanner
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"ATI Display Driver" = ATI Display Driver
"AveryWiz10" = Avery Wizard 1.0
"BitTorrent" = BitTorrent
"Canon MP160 User Registration" = Canon MP160 User Registration
"CanonMyPrinter" = Canon My Printer
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"Driver Sweeper_is1" = Driver Sweeper 1.0
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 6_is1" = DVDFab 6.2.1.8 (31/12/2009)
"DVDFab 7_is1" = DVDFab 7.0.4.0 (15/04/2010)
"dvdSanta 4.00 - Create Your Own DVD Movies!_is1" = dvdSanta 4.00
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"FileZilla Client" = FileZilla Client 3.2.4.1
"GIMPshop" = GIMPshop 2.2.8
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7Pro" = IE7Pro
"ie8" = Windows Internet Explorer 8
"Inkscape" = Inkscape 0.45.1
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"InstallShield_{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"JellyFish Light 3.5" = JellyFish Light 3.5
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton Security Suite
"Neffy" = Neffy 1,2,0,12
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pdf995" = Pdf995
"Picasa 3" = Picasa 3
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"ST6UNST #1" = Euchre
"Steam App 440" = Team Fortress 2
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SystemRequirementsLab" = System Requirements Lab
"TurboTax 2010" = TurboTax 2010
"TurboTax Basic 2005" = TurboTax Basic 2005
"Veetle TV" = Veetle TV 0.9.18
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"vShare" = vShare Plugin
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Networks_Cache_Cleaner 5.5.0" = Juniper Networks Cache Cleaner 5.5.0
"Neoteris_Cache_Cleaner 4.2.0" = Cache Cleaner 4.2.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/4/2011 11:11:15 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 9/4/2011 11:17:31 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 9/5/2011 12:27:41 AM | Computer Name = DELL8400 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module mshtml.dll, version 8.0.6001.19120, fault address 0x001097fc.

Error - 9/5/2011 8:05:02 AM | Computer Name = DELL8400 | Source = Application Error | ID = 1001
Description = Fault bucket -1739048612.

Error - 9/5/2011 5:24:27 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module itenatuqicacepe.dll, version 0.0.0.0, fault address 0x00025e4b.

Error - 9/5/2011 5:27:19 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1000
Description = Faulting application DRWTSN32.EXE, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 9/5/2011 5:46:14 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00019af2.

Error - 9/6/2011 6:49:26 AM | Computer Name = DELL8400 | Source = Application Hang | ID = 1002
Description = Hanging application TeaTimer.exe, version 1.6.4.26, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 9/6/2011 8:22:06 AM | Computer Name = DELL8400 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module Flash10c.ocx, version 10.0.32.18, fault address 0x0007696a.

Error - 9/6/2011 5:31:02 PM | Computer Name = DELL8400 | Source = Application Error | ID = 1001
Description = Fault bucket 1676069427.

[ System Events ]
Error - 9/6/2011 7:19:12 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7001
Description = The Simple TCP/IP Services service depends on the AFD service which
failed to start because of the following error: %%31

Error - 9/6/2011 7:19:12 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSP SRTSPX SymIRON
SYMTDI
Tcpip
WS2IFSL

Error - 9/6/2011 7:22:10 AM | Computer Name = DELL8400 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9/6/2011 7:22:11 AM | Computer Name = DELL8400 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/6/2011 7:25:27 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 9/6/2011 7:26:11 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.

Error - 9/6/2011 7:30:51 AM | Computer Name = DELL8400 | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service iPod Service
with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error - 9/6/2011 7:30:58 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the iPod Service service
to connect.

Error - 9/6/2011 7:30:58 AM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7000
Description = The iPod Service service failed to start due to the following error:
%%1053

Error - 9/6/2011 6:20:17 PM | Computer Name = DELL8400 | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3


< End of report >
  • 0

Advertisements


#2
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

Step 1

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.

  • 0

#3
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
Thank you for the help.

It still is acting a bit off, but it is running better. I ran the program you suggested and it pointed out some items. I did NOT hit the clean button, since you didn't tell me to do that. Results are posted below:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-07 20:49:37
-----------------------------
20:49:37.796 OS Version: Windows 5.1.2600 Service Pack 3
20:49:37.796 Number of processors: 2 586 0x403
20:49:37.796 ComputerName: DELL8400 UserName: Todd
20:49:38.578 Initialize success
20:51:01.765 AVAST engine defs: 11090800
20:52:39.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:52:39.484 Disk 0 Vendor: Maxtor_6 YAR5 Size: 76293MB BusType: 3
20:52:39.484 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:52:39.484 Disk 1 Vendor: ST316082 3.42 Size: 152627MB BusType: 3
20:52:39.484 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2
20:52:39.500 Disk 2 Vendor: ST380817 3.42 Size: 76318MB BusType: 3
20:52:39.500 Disk 0 MBR read successfully
20:52:39.500 Disk 0 MBR scan
20:52:39.562 Disk 0 MBR:Pihar [Rtk]
20:52:39.562 Disk 0 MBR hidden
20:52:39.562 Disk 0 MBR [possible unknown [email protected]] **ROOTKIT**
20:52:39.562 Disk 0 trace - called modules:
20:52:39.562 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a5ce4c0]<<
20:52:39.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0c72b0]
20:52:39.562 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> [0x8a673c10]
20:52:39.562 \Driver\iaStor[0x8a41a880] -> IRP_MJ_CREATE -> 0x8a5ce4c0
20:52:39.937 AVAST engine scan C:\
21:02:02.343 File: C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll **INFECTED** Win32:Adware-gen [Adw]
21:02:50.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd\Desktop\MBR.dat"
21:02:50.640 The log file has been saved successfully to "C:\Documents and Settings\Todd\Desktop\aswMBR.txt"
  • 0

#4
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

Please proceed with following steps:

Step 1

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image
  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 2

  • Double click the aswMBR.exe to re-run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select No.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.

When completed the above, please post back the following in the order asked for:
  • TDSSKiller log
  • aswMBR log

  • 0

#5
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
Thank you for the help. I have done as you instructed and here are the results. The MBR program still seems unhappy.

2011/09/08 19:49:49.0984 1832 TDSS rootkit removing tool 2.5.20.0 Sep 7 2011 16:44:34
2011/09/08 19:49:52.0000 1832 ================================================================================
2011/09/08 19:49:52.0000 1832 SystemInfo:
2011/09/08 19:49:52.0000 1832
2011/09/08 19:49:52.0000 1832 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/08 19:49:52.0000 1832 Product type: Workstation
2011/09/08 19:49:52.0000 1832 ComputerName: DELL8400
2011/09/08 19:49:52.0000 1832 UserName: Todd
2011/09/08 19:49:52.0000 1832 Windows directory: C:\WINDOWS
2011/09/08 19:49:52.0000 1832 System windows directory: C:\WINDOWS
2011/09/08 19:49:52.0000 1832 Processor architecture: Intel x86
2011/09/08 19:49:52.0000 1832 Number of processors: 2
2011/09/08 19:49:52.0000 1832 Page size: 0x1000
2011/09/08 19:49:52.0000 1832 Boot type: Normal boot
2011/09/08 19:49:52.0000 1832 ================================================================================
2011/09/08 19:49:53.0093 1832 Initialize success
2011/09/08 19:49:56.0718 1796 ================================================================================
2011/09/08 19:49:56.0718 1796 Scan started
2011/09/08 19:49:56.0718 1796 Mode: Manual;
2011/09/08 19:49:56.0718 1796 ================================================================================
2011/09/08 19:49:57.0546 1796 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/09/08 19:49:57.0687 1796 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/08 19:49:57.0781 1796 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/08 19:49:57.0890 1796 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/09/08 19:49:58.0000 1796 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/08 19:49:58.0109 1796 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/08 19:49:58.0187 1796 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/09/08 19:49:58.0250 1796 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/09/08 19:49:58.0296 1796 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/09/08 19:49:58.0359 1796 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/09/08 19:49:58.0406 1796 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/09/08 19:49:58.0484 1796 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/09/08 19:49:58.0546 1796 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/09/08 19:49:58.0625 1796 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/09/08 19:49:58.0656 1796 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/09/08 19:49:58.0687 1796 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/09/08 19:49:58.0718 1796 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/09/08 19:49:58.0734 1796 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/09/08 19:49:58.0828 1796 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/08 19:49:58.0921 1796 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/08 19:49:59.0125 1796 ati2mtag (c51608bba3248be2f6d21b132910752a) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/08 19:49:59.0312 1796 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/08 19:49:59.0375 1796 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/08 19:49:59.0421 1796 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/09/08 19:49:59.0500 1796 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/08 19:49:59.0718 1796 BHDrvx86 (f7ff24bb7714247f27b615b3a7d8b132) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110812.001\BHDrvx86.sys
2011/09/08 19:49:59.0812 1796 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/09/08 19:49:59.0843 1796 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/08 19:49:59.0968 1796 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys
2011/09/08 19:50:00.0015 1796 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/09/08 19:50:00.0062 1796 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/08 19:50:00.0140 1796 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/08 19:50:00.0187 1796 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/08 19:50:00.0265 1796 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/09/08 19:50:00.0312 1796 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/09/08 19:50:00.0500 1796 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2011/09/08 19:50:00.0593 1796 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/09/08 19:50:00.0609 1796 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/09/08 19:50:00.0687 1796 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/08 19:50:00.0750 1796 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/08 19:50:00.0843 1796 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/08 19:50:00.0890 1796 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/08 19:50:00.0953 1796 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/08 19:50:01.0015 1796 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/09/08 19:50:01.0078 1796 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/08 19:50:01.0250 1796 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/09/08 19:50:01.0328 1796 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2011/09/08 19:50:01.0390 1796 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/09/08 19:50:01.0484 1796 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/09/08 19:50:01.0562 1796 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/09/08 19:50:01.0625 1796 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/08 19:50:01.0734 1796 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/08 19:50:01.0828 1796 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/08 19:50:01.0875 1796 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/08 19:50:01.0937 1796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/08 19:50:01.0984 1796 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/08 19:50:02.0000 1796 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/08 19:50:02.0062 1796 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/09/08 19:50:02.0125 1796 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/08 19:50:02.0218 1796 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/08 19:50:02.0265 1796 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/09/08 19:50:02.0343 1796 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/08 19:50:02.0406 1796 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/08 19:50:02.0484 1796 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/08 19:50:02.0562 1796 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/08 19:50:02.0640 1796 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/09/08 19:50:02.0734 1796 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/09/08 19:50:02.0953 1796 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/08 19:50:03.0062 1796 iaStor (f26bfd48b1c314e0f23bf77acfa75940) C:\WINDOWS\system32\drivers\iaStor.sys
2011/09/08 19:50:03.0265 1796 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110907.030\IDSxpx86.sys
2011/09/08 19:50:03.0312 1796 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/08 19:50:03.0703 1796 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/09/08 19:50:03.0781 1796 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
2011/09/08 19:50:03.0906 1796 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
2011/09/08 19:50:03.0968 1796 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
2011/09/08 19:50:04.0015 1796 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/08 19:50:04.0062 1796 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/08 19:50:04.0156 1796 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/08 19:50:04.0218 1796 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/08 19:50:04.0265 1796 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/08 19:50:04.0375 1796 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/08 19:50:04.0453 1796 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/08 19:50:04.0531 1796 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/08 19:50:04.0625 1796 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/08 19:50:04.0687 1796 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/08 19:50:04.0765 1796 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/08 19:50:04.0796 1796 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/08 19:50:04.0906 1796 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
2011/09/08 19:50:04.0953 1796 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/08 19:50:05.0015 1796 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/08 19:50:05.0062 1796 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/08 19:50:05.0093 1796 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
2011/09/08 19:50:05.0140 1796 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/08 19:50:05.0203 1796 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/08 19:50:05.0250 1796 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/08 19:50:05.0328 1796 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/09/08 19:50:05.0390 1796 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/08 19:50:05.0468 1796 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/08 19:50:05.0546 1796 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/08 19:50:05.0625 1796 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/08 19:50:05.0703 1796 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/08 19:50:05.0812 1796 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/08 19:50:05.0890 1796 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/08 19:50:05.0953 1796 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/08 19:50:06.0125 1796 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110908.001\NAVENG.SYS
2011/09/08 19:50:06.0218 1796 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110908.001\NAVEX15.SYS
2011/09/08 19:50:06.0328 1796 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/08 19:50:06.0375 1796 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/08 19:50:06.0421 1796 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/08 19:50:06.0515 1796 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/08 19:50:06.0578 1796 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/08 19:50:06.0625 1796 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/08 19:50:06.0687 1796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/08 19:50:06.0812 1796 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/08 19:50:06.0937 1796 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/08 19:50:07.0078 1796 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/08 19:50:07.0171 1796 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/08 19:50:07.0296 1796 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/08 19:50:07.0343 1796 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/08 19:50:07.0406 1796 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
2011/09/08 19:50:07.0500 1796 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2011/09/08 19:50:07.0578 1796 P17 (3a7290f2c423b80ba95becae015b9b1b) C:\WINDOWS\system32\drivers\P17.sys
2011/09/08 19:50:07.0671 1796 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/08 19:50:07.0750 1796 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/08 19:50:07.0796 1796 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/08 19:50:07.0859 1796 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/08 19:50:07.0937 1796 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/08 19:50:08.0000 1796 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/08 19:50:08.0093 1796 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/09/08 19:50:08.0203 1796 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/09/08 19:50:08.0234 1796 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/09/08 19:50:08.0312 1796 PfModNT (c8a2d6ff660ac601b7bb9a9b16a5c25e) C:\WINDOWS\system32\drivers\PfModNT.sys
2011/09/08 19:50:08.0406 1796 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/08 19:50:08.0484 1796 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/08 19:50:08.0562 1796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/08 19:50:08.0609 1796 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/08 19:50:08.0656 1796 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/09/08 19:50:08.0671 1796 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/09/08 19:50:08.0703 1796 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/09/08 19:50:08.0734 1796 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/09/08 19:50:08.0765 1796 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/09/08 19:50:08.0796 1796 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/08 19:50:08.0828 1796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/08 19:50:08.0890 1796 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/08 19:50:08.0906 1796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/08 19:50:08.0968 1796 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/08 19:50:09.0000 1796 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/08 19:50:09.0062 1796 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/08 19:50:09.0140 1796 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/08 19:50:09.0203 1796 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/08 19:50:09.0328 1796 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/08 19:50:09.0390 1796 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/08 19:50:09.0468 1796 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/08 19:50:09.0531 1796 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/08 19:50:09.0640 1796 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/09/08 19:50:09.0687 1796 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/09/08 19:50:09.0750 1796 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/08 19:50:09.0843 1796 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/08 19:50:09.0937 1796 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS
2011/09/08 19:50:09.0984 1796 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS
2011/09/08 19:50:10.0078 1796 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/08 19:50:10.0515 1796 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/09/08 19:50:10.0640 1796 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/08 19:50:11.0015 1796 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/08 19:50:11.0187 1796 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/09/08 19:50:11.0218 1796 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/09/08 19:50:11.0437 1796 SymDS (56890bf9d9204b93042089d4b45ae671) C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS
2011/09/08 19:50:11.0500 1796 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS
2011/09/08 19:50:11.0593 1796 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2011/09/08 19:50:11.0656 1796 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS
2011/09/08 19:50:11.0718 1796 SYMTDI (41aad61f87ca8e3b5d0f7fe7fba0797d) C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS
2011/09/08 19:50:11.0765 1796 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/09/08 19:50:11.0781 1796 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/09/08 19:50:11.0859 1796 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/08 19:50:11.0937 1796 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/08 19:50:12.0015 1796 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/08 19:50:12.0078 1796 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/08 19:50:12.0140 1796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/08 19:50:12.0203 1796 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/09/08 19:50:12.0281 1796 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/08 19:50:12.0328 1796 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/09/08 19:50:12.0375 1796 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/08 19:50:12.0484 1796 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/09/08 19:50:12.0546 1796 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/08 19:50:12.0609 1796 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/08 19:50:12.0671 1796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/08 19:50:12.0734 1796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/08 19:50:12.0796 1796 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/08 19:50:12.0875 1796 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/08 19:50:12.0968 1796 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/08 19:50:13.0031 1796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/08 19:50:13.0125 1796 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/08 19:50:13.0171 1796 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/09/08 19:50:13.0218 1796 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/09/08 19:50:13.0265 1796 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/08 19:50:13.0343 1796 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/08 19:50:13.0468 1796 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/08 19:50:13.0640 1796 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/09/08 19:50:13.0703 1796 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/08 19:50:13.0765 1796 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/08 19:50:13.0828 1796 MBR (0x1B8) (7c813d1ed418f46302a154e14cf3bdc5) \Device\Harddisk0\DR0
2011/09/08 19:50:13.0828 1796 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.a (0)
2011/09/08 19:50:13.0859 1796 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
2011/09/08 19:50:15.0531 1796 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/09/08 19:50:15.0562 1796 Boot (0x1200) (a61169d0f73b4036507e859e841c3fae) \Device\Harddisk0\DR0\Partition0
2011/09/08 19:50:15.0578 1796 Boot (0x1200) (c2256164a814fc435752b4f1f20f742a) \Device\Harddisk1\DR1\Partition0
2011/09/08 19:50:15.0593 1796 Boot (0x1200) (1832d1ca1eb07c279a90879250643482) \Device\Harddisk2\DR2\Partition0
2011/09/08 19:50:15.0609 1796 ================================================================================
2011/09/08 19:50:15.0609 1796 Scan finished
2011/09/08 19:50:15.0609 1796 ================================================================================
2011/09/08 19:50:15.0625 2800 Detected object count: 1
2011/09/08 19:50:15.0625 2800 Actual detected object count: 1
2011/09/08 19:50:32.0687 2800 \Device\Harddisk0\DR0 (Rootkit.Boot.Pihar.a) - will be cured after reboot
2011/09/08 19:50:32.0687 2800 \Device\Harddisk0\DR0 - ok
2011/09/08 19:50:32.0687 2800 Rootkit.Boot.Pihar.a(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/08 19:51:06.0531 1884 Deinitialize success






aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-07 20:49:37
-----------------------------
20:49:37.796 OS Version: Windows 5.1.2600 Service Pack 3
20:49:37.796 Number of processors: 2 586 0x403
20:49:37.796 ComputerName: DELL8400 UserName: Todd
20:49:38.578 Initialize success
20:51:01.765 AVAST engine defs: 11090800
20:52:39.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:52:39.484 Disk 0 Vendor: Maxtor_6 YAR5 Size: 76293MB BusType: 3
20:52:39.484 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:52:39.484 Disk 1 Vendor: ST316082 3.42 Size: 152627MB BusType: 3
20:52:39.484 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2
20:52:39.500 Disk 2 Vendor: ST380817 3.42 Size: 76318MB BusType: 3
20:52:39.500 Disk 0 MBR read successfully
20:52:39.500 Disk 0 MBR scan
20:52:39.562 Disk 0 MBR:Pihar [Rtk]
20:52:39.562 Disk 0 MBR hidden
20:52:39.562 Disk 0 MBR [possible unknown [email protected]] **ROOTKIT**
20:52:39.562 Disk 0 trace - called modules:
20:52:39.562 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a5ce4c0]<<
20:52:39.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0c72b0]
20:52:39.562 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> [0x8a673c10]
20:52:39.562 \Driver\iaStor[0x8a41a880] -> IRP_MJ_CREATE -> 0x8a5ce4c0
20:52:39.937 AVAST engine scan C:\
21:02:02.343 File: C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll **INFECTED** Win32:Adware-gen [Adw]
21:02:50.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd\Desktop\MBR.dat"
21:02:50.640 The log file has been saved successfully to "C:\Documents and Settings\Todd\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-08 20:01:40
-----------------------------
20:01:40.718 OS Version: Windows 5.1.2600 Service Pack 3
20:01:40.718 Number of processors: 2 586 0x403
20:01:40.718 ComputerName: DELL8400 UserName: Todd
20:01:43.187 Initialize success
20:02:04.390 AVAST engine defs: 11090800
20:06:27.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:06:27.203 Disk 0 Vendor: Maxtor_6 YAR5 Size: 76293MB BusType: 3
20:06:27.203 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:06:27.218 Disk 1 Vendor: ST316082 3.42 Size: 152627MB BusType: 3
20:06:27.218 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2
20:06:27.218 Disk 2 Vendor: ST380817 3.42 Size: 76318MB BusType: 3
20:06:27.234 Disk 0 MBR read successfully
20:06:27.234 Disk 0 MBR scan
20:06:27.296 Disk 0 unknown MBR code
20:06:27.296 Disk 0 scanning sectors +156232125
20:06:27.375 Disk 0 scanning C:\WINDOWS\system32\drivers
20:06:49.937 Service scanning
20:06:51.296 Modules scanning
20:06:59.031 Disk 0 trace - called modules:
20:06:59.062 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:06:59.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0b3030]
20:06:59.062 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8b0ca030]
20:06:59.453 AVAST engine scan C:\WINDOWS
20:07:08.140 File: C:\WINDOWS\ivesegefimif.dll **INFECTED** Win32:Renosator [Cryp]
20:07:30.187 AVAST engine scan C:\WINDOWS\system32
20:10:34.828 AVAST engine scan C:\WINDOWS\system32\drivers
20:10:56.312 AVAST engine scan C:\Documents and Settings\Todd
20:13:47.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd\Desktop\MBR.dat"
20:13:47.671 The log file has been saved successfully to "C:\Documents and Settings\Todd\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-08 20:01:40
-----------------------------
20:01:40.718 OS Version: Windows 5.1.2600 Service Pack 3
20:01:40.718 Number of processors: 2 586 0x403
20:01:40.718 ComputerName: DELL8400 UserName: Todd
20:01:43.187 Initialize success
20:02:04.390 AVAST engine defs: 11090800
20:06:27.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:06:27.203 Disk 0 Vendor: Maxtor_6 YAR5 Size: 76293MB BusType: 3
20:06:27.203 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:06:27.218 Disk 1 Vendor: ST316082 3.42 Size: 152627MB BusType: 3
20:06:27.218 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2
20:06:27.218 Disk 2 Vendor: ST380817 3.42 Size: 76318MB BusType: 3
20:06:27.234 Disk 0 MBR read successfully
20:06:27.234 Disk 0 MBR scan
20:06:27.296 Disk 0 unknown MBR code
20:06:27.296 Disk 0 scanning sectors +156232125
20:06:27.375 Disk 0 scanning C:\WINDOWS\system32\drivers
20:06:49.937 Service scanning
20:06:51.296 Modules scanning
20:06:59.031 Disk 0 trace - called modules:
20:06:59.062 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:06:59.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0b3030]
20:06:59.062 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8b0ca030]
20:06:59.453 AVAST engine scan C:\WINDOWS
20:07:08.140 File: C:\WINDOWS\ivesegefimif.dll **INFECTED** Win32:Renosator [Cryp]
20:07:30.187 AVAST engine scan C:\WINDOWS\system32
20:10:34.828 AVAST engine scan C:\WINDOWS\system32\drivers
20:10:56.312 AVAST engine scan C:\Documents and Settings\Todd
20:13:47.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd\Desktop\MBR.dat"
20:13:47.671 The log file has been saved successfully to "C:\Documents and Settings\Todd\Desktop\aswMBR.txt"
20:28:52.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Todd\Desktop\MBR.dat"
20:28:52.890 The log file has been saved successfully to "C:\Documents and Settings\Todd\Desktop\aswMBR.txt"
  • 0

#6
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

Looks like rootkit has been successfully removed. Please proceed with these steps:

Step 1

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista, 7).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Step 2

Posted Image Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware.
  • Select the Update tab.
  • Click on Check for Updates button.
  • Click on OK.
  • Select the Scanner tab.
  • Select Perform quick scan, then click on Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

Posted Image OTL Custom Scan

  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

When completed the above, please post back the following in the order asked for:
  • GooredFix.txt log
  • MBAM log
  • OTL scan log

  • 0

#7
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
Thank you for taking the time to see me through this. I have completed the step you outlined and here are the results:

ooredFix by jpshortstuff (03.07.10.1)
Log created at 23:40 on 09/09/2011 (Todd)
Firefox version 6.0.2 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{A953325C-A81A-4E6E-96B7-89C648CEC3E9} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{A953325C-A81A-4E6E-96B7-89C648CEC3E9} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0773A4E4-D8AA-47DE-8965-95C11CA3C683} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{0773A4E4-D8AA-47DE-8965-95C11CA3C683} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{03906C38-1D5E-4141-A51F-DD671FD06EAC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{03906C38-1D5E-4141-A51F-DD671FD06EAC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{40CBC949-9CC5-4B24-B4EF-03F565BE5C9B} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{40CBC949-9CC5-4B24-B4EF-03F565BE5C9B} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{537EC386-92AB-45E2-818C-1F494B2B0B06} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{537EC386-92AB-45E2-818C-1F494B2B0B06} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{102A0E26-8A17-4BDA-B068-B463A0EF5095} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{102A0E26-8A17-4BDA-B068-B463A0EF5095} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{B80B7E91-1B11-4A6A-A0E1-91E199644319} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{B80B7E91-1B11-4A6A-A0E1-91E199644319} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{DEC87CCE-2D61-49AB-A988-1DDAD29396F5} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{DEC87CCE-2D61-49AB-A988-1DDAD29396F5} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{2D6BE176-7C02-44B8-857F-9CEFC675D517} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{2D6BE176-7C02-44B8-857F-9CEFC675D517} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1317FB61-47C9-4371-8D70-142EE92531CD} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{1317FB61-47C9-4371-8D70-142EE92531CD} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0848921B-37A7-402D-B816-F35F548D96BC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{0848921B-37A7-402D-B816-F35F548D96BC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{057AC97D-5BAC-4B7D-A272-8638FF25CA6A} -> Success!
Deleting C:\Documents and Settings\Kelly\Local Settings\Application Data\{057AC97D-5BAC-4B7D-A272-8638FF25CA6A} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{57282DC1-CBB3-4E5F-BE0B-5510D745DF4E} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{57282DC1-CBB3-4E5F-BE0B-5510D745DF4E} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{23DB38AE-F3A9-4AF4-A593-5D36D6C1A563} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{23DB38AE-F3A9-4AF4-A593-5D36D6C1A563} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{A92D4AB1-8E15-4B66-AB0A-B756278FA9A2} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{A92D4AB1-8E15-4B66-AB0A-B756278FA9A2} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1E22B482-2E6C-4895-ADCB-9199273C3F4F} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{1E22B482-2E6C-4895-ADCB-9199273C3F4F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{45FA57C4-88F6-4A80-AD78-8E9F55F9D1F8} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{45FA57C4-88F6-4A80-AD78-8E9F55F9D1F8} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7E861940-90DB-425B-8FA5-461B416A73BA} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{7E861940-90DB-425B-8FA5-461B416A73BA} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{54C4A5E6-62E4-4F9C-9652-30B69767708F} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{54C4A5E6-62E4-4F9C-9652-30B69767708F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{03BB0082-F5EB-4B7B-9B90-C11065BD168D} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{03BB0082-F5EB-4B7B-9B90-C11065BD168D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0671E008-EACE-496F-A1B1-4B5C6B7480BE} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{0671E008-EACE-496F-A1B1-4B5C6B7480BE} -> Success!
Removing Orphan:
"{D11C6602-9A16-4935-B7BB-27C2C76C98B6}"="C:\Documents and Settings\Eric\Local Settings\Application Data\{D11C6602-9A16-4935-B7BB-27C2C76C98B6}\" -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{D1DBB716-7F5A-44B0-9DB7-4DFB04ADEEF4} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{D1DBB716-7F5A-44B0-9DB7-4DFB04ADEEF4} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{3AAC82F7-B4A2-4830-8113-085D4AA8F5AC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{3AAC82F7-B4A2-4830-8113-085D4AA8F5AC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{6920EC05-F79A-45A8-BF4C-C0095F4F33FA} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{6920EC05-F79A-45A8-BF4C-C0095F4F33FA} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{E6970E9E-6A21-497A-BBDD-29FEA64E3BB1} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{E6970E9E-6A21-497A-BBDD-29FEA64E3BB1} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{DA2655F0-78B2-4585-96CA-9E52F93880C5} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{DA2655F0-78B2-4585-96CA-9E52F93880C5} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{65FBD8BE-F543-4574-B03C-6C3836AC6B29} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{65FBD8BE-F543-4574-B03C-6C3836AC6B29} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{ABD8F9CF-1C70-4421-B580-4EB7918C0077} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{ABD8F9CF-1C70-4421-B580-4EB7918C0077} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{A1FE74F7-09FE-4B86-A52A-D7E788439E68} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{A1FE74F7-09FE-4B86-A52A-D7E788439E68} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{418031C1-8B58-49EA-836E-CB3D98DAFF55} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{418031C1-8B58-49EA-836E-CB3D98DAFF55} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0271A1A2-B74E-4041-82D6-FEA2581A8645} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{0271A1A2-B74E-4041-82D6-FEA2581A8645} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{05E80E45-DA62-457E-824D-4A34122E90E9} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{05E80E45-DA62-457E-824D-4A34122E90E9} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{61BE6457-E8C6-4A7A-B19C-4FDBB65ACE42} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{61BE6457-E8C6-4A7A-B19C-4FDBB65ACE42} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{929228A3-961E-4326-B503-78C78517B35B} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{929228A3-961E-4326-B503-78C78517B35B} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{2BD69083-DECB-4C54-93E0-EAE70325541E} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{2BD69083-DECB-4C54-93E0-EAE70325541E} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1BF3E2FB-DEC8-4FB1-AE27-CACEB7300ADC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{1BF3E2FB-DEC8-4FB1-AE27-CACEB7300ADC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{22155615-7136-470E-8AE0-E44BCACCABC9} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{22155615-7136-470E-8AE0-E44BCACCABC9} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{12EF9AE4-D2E5-4509-A433-1C086DC12715} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{12EF9AE4-D2E5-4509-A433-1C086DC12715} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1E7612C4-D82F-49E2-A577-E9BC00ED9B8D} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{1E7612C4-D82F-49E2-A577-E9BC00ED9B8D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{671F0D07-B4AE-4152-BA42-E460E6598FB8} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{671F0D07-B4AE-4152-BA42-E460E6598FB8} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{2C773C02-64CA-44F0-8791-4D61AC7A26D9} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{2C773C02-64CA-44F0-8791-4D61AC7A26D9} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{FC34578C-2FD5-4A9B-8BD7-EB6398EA8811} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{FC34578C-2FD5-4A9B-8BD7-EB6398EA8811} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{A0CEAAEA-05CB-445B-A032-43553E19A4AA} -> Success!
Deleting C:\Documents and Settings\Eric\Local Settings\Application Data\{A0CEAAEA-05CB-445B-A032-43553E19A4AA} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7713A671-D20E-47E5-9F30-87A1A4B01195} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{7713A671-D20E-47E5-9F30-87A1A4B01195} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7F8EF0EF-7694-40F0-96F6-F103311A51DD} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{7F8EF0EF-7694-40F0-96F6-F103311A51DD} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{2B893E64-1610-4F1E-885F-1745E134259F} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{2B893E64-1610-4F1E-885F-1745E134259F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{5066D716-3F81-45B8-9F3D-2575A67B2E2A} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{5066D716-3F81-45B8-9F3D-2575A67B2E2A} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{49D0B7F6-49C7-485E-9584-501C94BD9BCA} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{49D0B7F6-49C7-485E-9584-501C94BD9BCA} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{869C5B78-21DB-457F-BCB2-241064C34377} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{869C5B78-21DB-457F-BCB2-241064C34377} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{AE9AC993-3919-4B9A-ACB8-60188F6F4FC6} -> Success!
Deleting C:\Documents and Settings\Kelly\Local Settings\Application Data\{AE9AC993-3919-4B9A-ACB8-60188F6F4FC6} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C5575B97-EB3C-4156-BF6F-84A62B2C69E0} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{C5575B97-EB3C-4156-BF6F-84A62B2C69E0} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{9061DB3E-99B4-4600-8D81-3408F644DDBC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{9061DB3E-99B4-4600-8D81-3408F644DDBC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{51AE06A4-E746-49EE-99FD-E289404BC53E} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{51AE06A4-E746-49EE-99FD-E289404BC53E} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{93B619E1-A813-42D3-BFCF-D5B098F1B676} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{93B619E1-A813-42D3-BFCF-D5B098F1B676} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{B4646BF8-FA4A-451F-B381-0A5F16E0E54F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1EC4B7AC-9AE7-4D9F-B0B5-614AA1C6B33D} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{1EC4B7AC-9AE7-4D9F-B0B5-614AA1C6B33D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{694F11F0-AA38-4790-9F04-F539485A6D77} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{694F11F0-AA38-4790-9F04-F539485A6D77} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{74D6A197-659E-4A82-AA5C-784884614CCD} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{74D6A197-659E-4A82-AA5C-784884614CCD} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{717B0DA9-2B76-485F-A1E4-49453273E8C0} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{717B0DA9-2B76-485F-A1E4-49453273E8C0} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C2ED4199-0455-491C-8128-8E97EEB5014D} -> Success!
Deleting C:\Documents and Settings\Kelly\Local Settings\Application Data\{C2ED4199-0455-491C-8128-8E97EEB5014D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7498F4AD-EEED-42E2-ABD3-9A7891CEE9C8} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{7498F4AD-EEED-42E2-ABD3-9A7891CEE9C8} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{F713C410-F6DC-4361-BA4C-6DCA859D19D8} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{F713C410-F6DC-4361-BA4C-6DCA859D19D8} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{8A077F73-7EF4-424E-B1EE-013D2FABD78D} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{8A077F73-7EF4-424E-B1EE-013D2FABD78D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{726744A8-D63F-4047-B18F-F2E0DB09CBBF} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{726744A8-D63F-4047-B18F-F2E0DB09CBBF} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C3D3800D-1563-437E-9265-928F53E1E92F} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{C3D3800D-1563-437E-9265-928F53E1E92F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{24A9FF14-0A04-44BE-A10A-3BB7012EAEBB} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{E97F1FEF-C5CA-4AA2-A9A8-AC5CC9473860} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{4D4DF449-383C-49D8-B90B-7B295A45BD66} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{4D4DF449-383C-49D8-B90B-7B295A45BD66} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0D73340C-D9AE-463A-B064-8F4F7639EB30} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{0D73340C-D9AE-463A-B064-8F4F7639EB30} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0627063D-43D5-4772-9DC8-BE7BAE1928D8} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{0627063D-43D5-4772-9DC8-BE7BAE1928D8} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{B0257E3F-D456-4D40-B42F-B4D5DFCA243D} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{B0257E3F-D456-4D40-B42F-B4D5DFCA243D} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{28DEE206-2E09-4463-9881-5E30A842FC49} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{28DEE206-2E09-4463-9881-5E30A842FC49} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{D2C952E7-C8C7-47FD-94D3-7CF19A68CD2E} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{D2C952E7-C8C7-47FD-94D3-7CF19A68CD2E} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{883AE02B-7174-4C9C-BDA7-599B920A97DC} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{883AE02B-7174-4C9C-BDA7-599B920A97DC} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7867D7A1-342F-4A28-8DED-BFB024A79C74} -> Success!
Deleting C:\Documents and Settings\Melissa\Local Settings\Application Data\{7867D7A1-342F-4A28-8DED-BFB024A79C74} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{53ED3723-1B50-44F6-A193-F920259C041F} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{53ED3723-1B50-44F6-A193-F920259C041F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{9BAA1B32-A77C-4840-8AB0-86E54CBB66B4} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{CB33D84E-DE4E-4B92-8C90-782011DDAC21} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{CB33D84E-DE4E-4B92-8C90-782011DDAC21} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{3291F481-2BA1-4345-B1BF-DAF496D4B6A4} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{ECCBEFE6-4F84-4BE1-A7E8-6429CBCA0485} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{ECCBEFE6-4F84-4BE1-A7E8-6429CBCA0485} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{6A5E1737-DE9D-457D-9353-C6416FF6106E} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{6A5E1737-DE9D-457D-9353-C6416FF6106E} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{20C74F2C-DE28-4907-804C-1CE21C50B888} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{20C74F2C-DE28-4907-804C-1CE21C50B888} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{772A7CED-E149-41A7-95F1-05277738D0FF} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{772A7CED-E149-41A7-95F1-05277738D0FF} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{B5A2A193-1D9E-4DD2-A81F-427096016F24} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{B5A2A193-1D9E-4DD2-A81F-427096016F24} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{6BBE25E0-12A8-46D2-9D75-8B25BD944F2F} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{6BBE25E0-12A8-46D2-9D75-8B25BD944F2F} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C8091C52-115C-45A2-A438-91D5BBF7E1C1} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{C8091C52-115C-45A2-A438-91D5BBF7E1C1} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{90019422-C5DD-4F0B-95E2-57343B5D3739} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{90019422-C5DD-4F0B-95E2-57343B5D3739} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{9B1A0193-539D-4C82-9ED4-DE72D9516906} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{9B1A0193-539D-4C82-9ED4-DE72D9516906} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0541DFBE-D226-4AC2-AE95-217549D752A0} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{0541DFBE-D226-4AC2-AE95-217549D752A0} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{66D6C76B-DA69-41EA-B18E-E995B5886AD4} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{66D6C76B-DA69-41EA-B18E-E995B5886AD4} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{58D1B9F9-CFA9-4CC8-89E3-BFE826CC38E0} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{58D1B9F9-CFA9-4CC8-89E3-BFE826CC38E0} -> Success!
Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{40581A03-F910-4E13-BF31-602802A5FB2B} -> Success!
Deleting C:\Documents and Settings\Todd\Local Settings\Application Data\{40581A03-F910-4E13-BF31-602802A5FB2B} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [03:39 16/03/2008]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [02:37 04/04/2008]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [00:33 06/08/2008]
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [01:17 05/12/2008]
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [02:41 11/08/2009]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [03:47 07/05/2010]

C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\
[email protected] [01:50 14/12/2010]
{20a82645-c095-46ed-80e3-08825760534b} [01:30 27/04/2010]
{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [00:01 15/08/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [04:24 07/05/2009]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\" [00:35 29/03/2010]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6" [03:26 10/09/2011]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [01:17 05/12/2008]

-=E.O.F=-


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7688

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/10/2011 12:07:51 AM
mbam-log-2011-09-10 (00-07-51).txt

Scan type: Quick scan
Objects scanned: 286513
Time elapsed: 24 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



OTL logfile created on: 9/10/2011 12:15:15 AM - Run 2
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Todd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 72.94% Memory free
4.34 Gb Paging File | 3.82 Gb Available in Paging File | 87.96% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2247 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 15.70 Gb Free Space | 22.17% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 25.65 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive G: | 74.53 Gb Total Space | 3.30 Gb Free Space | 4.43% Space Free | Partition Type: NTFS

Computer Name: DELL8400 | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/03/21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004/03/23 13:16:16 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/11 03:14:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/11 03:11:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 03:11:34 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/11 03:10:07 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/08/11 03:10:06 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/08/11 03:10:05 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/08/11 03:10:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/08/11 03:09:59 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/08/11 03:09:59 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/08/11 03:09:57 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/08/11 03:09:57 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2011/08/11 03:09:52 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/08/11 03:09:44 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/06/28 03:10:21 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/03/19 10:09:07 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2011/03/19 10:09:04 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2011/03/19 10:09:03 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/03/19 10:09:02 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/03/19 10:08:56 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/03/19 10:08:56 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/03/19 10:08:56 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/03/19 10:08:56 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/03/19 10:08:56 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/03/19 10:08:56 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/03/19 10:08:55 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/03/19 10:08:55 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/03/19 10:08:55 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/07/30 21:44:14 | 000,176,235 | ---- | M] () -- C:\WINDOWS\SYSTEM32\Primomonnt.dll
MOD - [2009/04/27 17:49:26 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/04/13 20:12:08 | 000,377,344 | ---- | M] () -- C:\WINDOWS\itenatuqicacepe.dll
MOD - [2006/09/05 22:18:36 | 000,051,716 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pdf995mon.dll
MOD - [2004/06/10 12:51:00 | 000,060,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\P17.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 22:20:15 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110909.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/31 22:20:15 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/31 22:20:15 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110909.016\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/23 00:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110909.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/07/27 19:59:10 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/22 20:27:23 | 000,815,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110812.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/28 20:33:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/09/30 00:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/07/17 10:37:48 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 13:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys -- (P17)
DRV - [2004/05/29 18:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 09:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 09:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys -- (PfModNT)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/ [binary data]
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-233194558-870154993-683978915-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...com/index.html"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/21 02:11:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/09/09 23:26:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/06 22:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/01 02:07:34 | 000,000,000 | ---D | M]

[2008/09/04 20:17:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Extensions
[2011/05/08 07:32:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions
[2010/04/26 21:30:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/14 20:02:04 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/12/13 21:50:48 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\[email protected]
[2011/09/08 19:44:29 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\searchplugins\ipdb.xml
[2011/05/08 10:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/06 23:47:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/21 02:11:49 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2008/12/04 21:17:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/06 22:17:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/08 13:33:20 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Bvopuligizoyo] C:\WINDOWS\itenatuqicacepe.dll ()
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\.DEFAULT..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\Kelly\Start Menu\Programs\Startup\Launch K9.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-233194558-870154993-683978915-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..Trusted Domains: comcast.net ([publish] https in Trusted sites)
O15 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..Trusted Domains: ford.com ([myvpn] https in Trusted sites)
O15 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..Trusted Domains: ford.com ([owana] https in Trusted sites)
O15 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..Trusted Domains: ford.com ([vpn] https in Trusted sites)
O15 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.micr...0367/wmavax.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0683FC48-7E08-488F-9FCD-4AE58EA14CF6} http://www.playlinc....LincManager.ocx (PlayLinc™ Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.co...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...90/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {7F245E01-651F-48E5-8A85-4752EC65E4ED} http://69.133.88.65:...co210Viewer.cab (Cisco210Viewer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.globalga...ffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,23/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://myvpn.ford.c...perSetupSP1.cab (JuniperSetupSP1 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{321DB9CD-B38B-4246-A9ED-8DB9B9531022}: DhcpNameServer = 68.87.77.134 68.87.72.134
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/09 23:40:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\GooredFix Backups
[2011/09/09 23:37:09 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Todd\Desktop\GooredFix.exe
[2011/09/07 20:24:11 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Todd\Desktop\aswMBR.exe
[2011/09/07 17:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/09/07 16:45:54 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Todd\Desktop\TDSSKiller.exe
[2011/09/06 17:59:03 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/05 13:39:05 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/09/05 01:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/09/04 22:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{FFF4852F-5D9B-41FF-B89A-E3F800F224EF}
[2011/09/03 06:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/31 13:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/08/31 13:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/08/31 13:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/08/31 12:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/08/31 12:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/08/20 23:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\out west
[2011/08/20 23:21:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\newproffff
[2011/08/18 23:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\SoccerTeam2011
[2011/08/16 23:16:44 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/08/16 23:16:44 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/08/16 13:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2009/12/10 22:33:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Todd\Application Data\pcouffin.sys
[2005/12/13 23:15:38 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2004/08/25 15:22:08 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 01:00:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/10 00:19:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010UA.job
[2011/09/10 00:17:18 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job
[2011/09/09 23:37:09 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Todd\Desktop\GooredFix.exe
[2011/09/09 23:33:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/09 23:27:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/09 23:27:20 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/09 23:25:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/09 23:25:24 | 2682,425,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/08 20:28:52 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\MBR.dat
[2011/09/08 19:59:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Dhoyabuleze.bin
[2011/09/08 19:46:46 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Todd\Desktop\TDSSKiller.exe
[2011/09/08 19:45:33 | 001,386,304 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\tdsskiller.zip
[2011/09/07 20:37:30 | 000,194,756 | ---- | M] () -- C:\Documents and Settings\Todd\My Documents\IMG_5141.JPG
[2011/09/07 20:24:42 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Todd\Desktop\aswMBR.exe
[2011/09/07 20:12:20 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Kxazo.dat
[2011/09/07 18:23:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/05 16:19:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010Core.job
[2011/09/05 08:10:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/03 20:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/02 18:30:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (DELL8400-Todd).job
[2011/08/26 10:33:54 | 000,020,802 | ---- | M] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:23 | 000,744,403 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/25 12:05:11 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/08/25 03:01:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/23 23:05:40 | 000,110,050 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/21 15:41:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/08/18 18:15:23 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/08/18 18:15:16 | 000,445,836 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/08/18 18:15:16 | 000,073,042 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/08/17 03:38:27 | 000,423,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/16 21:15:51 | 000,154,275 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/08 19:46:07 | 001,386,304 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\tdsskiller.zip
[2011/09/07 21:02:50 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\MBR.dat
[2011/09/07 20:37:30 | 000,194,756 | ---- | C] () -- C:\Documents and Settings\Todd\My Documents\IMG_5141.JPG
[2011/09/06 07:23:25 | 2682,425,344 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/26 10:33:54 | 000,020,802 | ---- | C] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:06 | 000,744,403 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/23 23:05:39 | 000,110,050 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/16 21:15:44 | 000,154,275 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf
[2011/06/28 12:47:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kxazo.dat
[2011/06/28 12:47:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dhoyabuleze.bin
[2011/05/12 15:22:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/22 19:37:09 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/06/17 23:21:13 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/06/04 16:29:34 | 000,094,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/10 22:33:53 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\inst.exe
[2009/12/10 22:33:53 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.cat
[2009/12/10 22:33:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.inf
[2009/07/30 21:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/12/24 01:42:49 | 000,000,441 | ---- | C] () -- C:\WINDOWS\System32\TDSSbeat.dat
[2008/10/28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/07/12 11:00:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/06/09 23:03:54 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/29 21:23:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/02/04 23:52:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\gl.dll
[2008/02/04 23:52:03 | 000,006,138 | ---- | C] () -- C:\WINDOWS\System32\e1.ini
[2008/01/18 23:13:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/01/18 23:10:41 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/12/20 22:35:44 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/11/27 15:34:14 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/11/23 00:38:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2007/10/12 21:24:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/04/07 22:49:18 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007/04/07 22:48:32 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2007/03/14 23:35:01 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2007/01/10 23:28:41 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/01/08 20:39:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/09/05 22:22:45 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2006/09/05 22:21:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2006/09/05 22:18:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/09/05 22:18:36 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/06/04 20:50:34 | 000,000,545 | ---- | C] () -- C:\WINDOWS\Jelly.ini
[2006/05/13 12:40:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/04/27 20:28:30 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\FixVTS.ini
[2006/04/23 14:14:22 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/19 17:49:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/02/04 00:14:06 | 000,000,246 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2006/01/04 22:06:30 | 000,004,830 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/30 13:59:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/12/18 18:32:17 | 000,001,581 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/26 20:38:47 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005/10/22 17:58:54 | 000,068,938 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2005/10/22 17:58:54 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2005/10/17 20:58:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/17 20:49:29 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/10 20:56:12 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/09/07 19:49:27 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/07/14 19:46:11 | 000,000,096 | ---- | C] () -- C:\WINDOWS\ImgTool.INI
[2005/07/13 22:19:25 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/02 19:48:40 | 000,001,090 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/06/02 19:43:17 | 000,001,293 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/05/30 20:56:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JPR.{PB
[2005/05/30 20:56:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JCM.{PB
[2005/05/30 15:48:40 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\fusioncache.dat
[2005/05/28 16:06:53 | 000,000,519 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/05/25 12:04:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/25 12:00:11 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/25 11:57:25 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/25 11:51:34 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2005/05/25 11:51:34 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/05/25 11:51:26 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2005/05/25 11:51:26 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/05/25 11:51:21 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/05/25 11:42:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/05/25 11:40:54 | 000,445,836 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/05/25 11:40:54 | 000,073,042 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/05/25 11:22:34 | 000,000,367 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:08:08 | 000,423,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:02:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:08:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/10 11:08:26 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,377,344 | ---- | C] () -- C:\WINDOWS\itenatuqicacepe.dll
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996/12/04 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/04 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1980/01/01 01:00:00 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[1980/01/01 01:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== LOP Check ==========

[2005/09/07 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2007/01/10 23:23:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/20 01:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2010/05/08 14:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Euchre
[2006/08/13 10:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2005/12/17 16:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/08/25 12:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/01/10 23:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/12/08 12:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/06/27 07:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008/12/24 05:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/06 00:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/12/30 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/06 21:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2006/06/16 12:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/04/01 23:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/17 22:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/06/02 22:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\.minecraft
[2011/05/27 21:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\BitTorrent
[2007/01/23 21:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Canon
[2010/06/13 16:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\FileZilla
[2011/08/17 23:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\gtk-2.0
[2008/08/19 21:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\IEPro
[2010/09/05 01:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Inkscape
[2006/11/11 22:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\JAMS
[2007/02/27 17:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Leadertech
[2006/02/27 18:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\LucasArts
[2008/08/29 00:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\MiniDm
[2006/08/31 00:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\My Battle for Middle-earth™ II Demo Files
[2010/06/03 14:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\ProgSense
[2007/09/10 15:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\ScanSoft
[2010/12/08 18:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\SystemRequirementsLab
[2010/12/14 20:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\vShare
[2009/08/06 21:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\WindSolutions
[2008/09/14 07:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heidi\Application Data\IEPro
[2011/01/16 09:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heidi\Application Data\vShare
[2007/12/19 23:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\Canon
[2008/08/19 19:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\IEPro
[2008/07/20 21:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\Juniper Networks
[2005/10/09 12:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\K9
[2008/08/22 16:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\MiniDm
[2009/02/16 19:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\pdf995
[2007/11/26 23:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\Snapfish
[2008/11/02 17:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\Viewpoint
[2011/06/06 22:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kelly\Application Data\vShare
[2008/07/20 21:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Juniper Networks
[2008/01/05 22:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Canon
[2008/08/20 10:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\IEPro
[2009/01/01 00:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\MiniDm
[2009/11/12 22:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\pdf995
[2010/07/27 12:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\SystemRequirementsLab
[2010/12/14 16:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\vShare
[2011/02/04 19:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Amazon
[2011/04/11 23:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\BitTorrent
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canneverbe Limited
[2007/01/20 17:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canon
[2011/01/02 16:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\FileZilla
[2009/07/26 12:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GARMIN
[2010/06/02 21:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GrabPro
[2011/08/22 19:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\gtk-2.0
[2008/09/02 22:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\IEPro
[2005/08/24 16:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Image Zone Express
[2008/02/06 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Inkscape
[2008/07/20 20:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Juniper Networks
[2005/10/08 10:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\K9
[2005/07/13 19:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Leadertech
[2006/02/25 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\LucasArts
[2005/10/08 10:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MailWasherPro
[2008/08/20 19:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MiniDm
[2010/07/20 07:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MSNInstaller
[2006/01/16 18:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Musicmatch
[2005/11/26 16:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\NCH Swift Sound
[2006/09/05 22:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\pdf995
[2006/02/25 19:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Petroglyph
[2011/04/17 10:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\PrimoPDF
[2005/11/26 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\RecordPad
[2007/01/10 23:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\ScanSoft
[2005/06/11 18:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Simple Star
[2006/09/21 22:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Snapfish
[2011/03/19 11:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Tific
[2010/12/23 14:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\vShare
[2010/11/25 15:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Vso
[2011/09/10 00:17:18 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2010/12/30 17:30:59 | 081,876,264 | ---- | M] (Apple Inc.) -- C:\iTunesSetup(5).exe


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\I386\SVCHOST.EXE
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\USERINIT.EXE
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\WINLOGON.EXE
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/06 22:16:24 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 08:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

#8
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

We need to run an OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

  • Please right click on Posted Image on your desktop and click on Run as administrator.
  • Under the Custom Scans/Fixes box copy and paste this in:

    :OTL
    O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
    O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
    O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
    O3 - HKU\S-1-5-21-233194558-870154993-683978915-1006\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Bvopuligizoyo] C:\WINDOWS\itenatuqicacepe.dll ()
    O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
    O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell - "" = AutoRun
    O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
    O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell - "" = AutoRun
    O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
    O33 - MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe
    O33 - MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe
    [2011/09/08 19:59:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Dhoyabuleze.bin
    [2011/09/07 20:12:20 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Kxazo.dat
      	
    :Files
    C:\WINDOWS\itenatuqicacepe.dll
     C:\Program Files\vShare\vshare_toolbar.dll
    ipconfig /flushdns /c
    
    :Reg
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Click on Posted Image button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click on Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

When completed the above, please post back the following in the order asked for:
  • OTL fix log
  • OTL scan log

  • 0

#9
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
Thank you for the ongoing support. I did as requested. I got the following error on re-boot, which may or may not be good?

Error Loading C:\WINDOWS\itenatuqicacepe.dll
The specified module could not be found.

The logs you requested are below:

Thanks,
Todd

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files\PageRage\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-233194558-870154993-683978915-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bvopuligizoyo deleted successfully.
C:\WINDOWS\itenatuqicacepe.dll moved successfully.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ deleted successfully.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
File H:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df62c306-d48f-11d9-b430-00038a000015}\ not found.
File G:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd508cf4-845a-11de-98ed-00132018f2f9}\ not found.
File F:\wd_windows_tools\setup.exe not found.
C:\WINDOWS\Dhoyabuleze.bin moved successfully.
C:\WINDOWS\Kxazo.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\itenatuqicacepe.dll not found.
File\Folder C:\Program Files\vShare\vshare_toolbar.dll not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Todd\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Todd\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 524 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Eric
->Temp folder emptied: 11940639 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 53383195 bytes
->FireFox cache emptied: 47745562 bytes
->Flash cache emptied: 1810806 bytes

User: Heidi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Java cache emptied: 25493522 bytes
->Flash cache emptied: 2105 bytes

User: Kelly
->Temp folder emptied: 448 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Java cache emptied: 39821898 bytes
->FireFox cache emptied: 6714999 bytes
->Flash cache emptied: 88547 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 466711535 bytes
->Java cache emptied: 3075 bytes
->Flash cache emptied: 37151 bytes

User: Melissa
->Temp folder emptied: 335 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Java cache emptied: 46632770 bytes
->FireFox cache emptied: 320856337 bytes
->Flash cache emptied: 410714 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 655819014 bytes
->Java cache emptied: 16924 bytes
->Flash cache emptied: 31024 bytes

User: Todd
->Temp folder emptied: 31296705 bytes
->Temporary Internet Files folder emptied: 4937445 bytes
->Java cache emptied: 47000773 bytes
->FireFox cache emptied: 228408186 bytes
->Flash cache emptied: 1550266 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 109681 bytes
%systemroot%\System32 .tmp files removed: 3658257 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2376576 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 175105011 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 87488 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,072.00 mb


[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: Administrator

User: All Users

User: Default User

User: Eric
->Flash cache emptied: 0 bytes

User: Heidi
->Flash cache emptied: 0 bytes

User: Kelly
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: Melissa
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Todd
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.27.0 log created on 09102011_121734

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_4a0.dat not found!

Registry entries deleted on Reboot...








OTL logfile created on: 9/10/2011 12:51:17 PM - Run 3
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Todd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 71.62% Memory free
4.34 Gb Paging File | 3.67 Gb Available in Paging File | 84.60% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2247 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 17.59 Gb Free Space | 24.84% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 25.65 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive G: | 74.53 Gb Total Space | 3.30 Gb Free Space | 4.43% Space Free | Partition Type: NTFS

Computer Name: DELL8400 | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/03/21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004/03/23 13:16:16 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/11 03:14:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/11 03:11:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 03:11:34 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/11 03:10:07 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2011/08/11 03:10:06 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/08/11 03:10:05 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/08/11 03:10:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/08/11 03:09:59 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/08/11 03:09:59 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/08/11 03:09:57 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/08/11 03:09:57 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2011/08/11 03:09:52 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/08/11 03:09:44 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/06/28 03:10:21 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/03/19 10:09:07 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2011/03/19 10:09:04 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2011/03/19 10:09:03 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/03/19 10:09:02 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/03/19 10:08:56 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/03/19 10:08:56 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/03/19 10:08:56 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/03/19 10:08:56 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/03/19 10:08:56 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/03/19 10:08:56 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/03/19 10:08:55 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/03/19 10:08:55 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/03/19 10:08:55 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/07/30 21:44:14 | 000,176,235 | ---- | M] () -- C:\WINDOWS\SYSTEM32\Primomonnt.dll
MOD - [2009/04/27 17:49:26 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2006/09/05 22:18:36 | 000,051,716 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pdf995mon.dll
MOD - [2004/06/10 12:51:00 | 000,060,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\P17.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 22:20:15 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110909.024\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/31 22:20:15 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/31 22:20:15 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110909.024\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/23 00:17:32 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110909.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/07/27 19:59:10 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/22 20:27:23 | 000,815,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110812.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/05/06 00:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/28 20:33:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/09/30 00:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/07/17 10:37:48 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 13:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys -- (P17)
DRV - [2004/05/29 18:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 09:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 09:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys -- (PfModNT)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...com/index.html"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/21 02:11:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/09/10 12:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C7D6F417-E4BF-4CFA-9DAA-552FF588EDC0}: C:\Documents and Settings\Todd\Local Settings\Application Data\{C7D6F417-E4BF-4CFA-9DAA-552FF588EDC0}\ [2011/09/10 11:11:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/06 22:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/01 02:07:34 | 000,000,000 | ---D | M]

[2008/09/04 20:17:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Extensions
[2011/05/08 07:32:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions
[2010/04/26 21:30:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/14 20:02:04 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/12/13 21:50:48 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\extensions\[email protected]
[2011/09/08 19:44:29 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Mozilla\Firefox\Profiles\dre3wiv4.default\searchplugins\ipdb.xml
[2011/05/08 10:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/06 23:47:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/21 02:11:49 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011/09/10 11:11:42 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\TODD\LOCAL SETTINGS\APPLICATION DATA\{C7D6F417-E4BF-4CFA-9DAA-552FF588EDC0}
[2008/12/04 21:17:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/06 22:17:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/08 13:33:20 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/10 12:17:46 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [Bvopuligizoyo] File not found
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: comcast.net ([publish] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([myvpn] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([owana] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ford.com ([vpn] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} http://download.micr...0367/wmavax.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0683FC48-7E08-488F-9FCD-4AE58EA14CF6} http://www.playlinc....LincManager.ocx (PlayLinc™ Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.co...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...90/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {7F245E01-651F-48E5-8A85-4752EC65E4ED} http://69.133.88.65:...co210Viewer.cab (Cisco210Viewer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.globalga...ffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,23/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://myvpn.ford.c...perSetupSP1.cab (JuniperSetupSP1 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{321DB9CD-B38B-4246-A9ED-8DB9B9531022}: DhcpNameServer = 68.87.77.134 68.87.72.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Todd\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell - "" = AutoRun
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/10 12:17:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/10 11:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{C7D6F417-E4BF-4CFA-9DAA-552FF588EDC0}
[2011/09/09 23:40:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\GooredFix Backups
[2011/09/09 23:37:09 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Todd\Desktop\GooredFix.exe
[2011/09/07 20:24:11 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Todd\Desktop\aswMBR.exe
[2011/09/07 17:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/09/07 16:45:54 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Todd\Desktop\TDSSKiller.exe
[2011/09/06 17:59:03 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/05 13:39:05 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/09/05 01:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/09/04 22:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Local Settings\Application Data\{FFF4852F-5D9B-41FF-B89A-E3F800F224EF}
[2011/08/31 13:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/08/31 13:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/08/31 13:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/08/31 12:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/08/31 12:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/08/20 23:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\out west
[2011/08/20 23:21:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\newproffff
[2011/08/18 23:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Todd\Desktop\SoccerTeam2011
[2011/08/16 13:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2009/12/10 22:33:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Todd\Application Data\pcouffin.sys
[2005/12/13 23:15:38 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2004/08/25 15:22:08 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 01:00:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

========== Files - Modified Within 30 Days ==========

[2011/09/10 12:58:47 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job
[2011/09/10 12:38:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/10 12:37:51 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/10 12:36:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/10 12:36:03 | 2682,425,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/10 12:33:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/10 12:19:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010UA.job
[2011/09/10 12:17:46 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2011/09/09 23:37:09 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Todd\Desktop\GooredFix.exe
[2011/09/08 20:28:52 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\MBR.dat
[2011/09/08 19:46:46 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Todd\Desktop\TDSSKiller.exe
[2011/09/08 19:45:33 | 001,386,304 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\tdsskiller.zip
[2011/09/07 20:37:30 | 000,194,756 | ---- | M] () -- C:\Documents and Settings\Todd\My Documents\IMG_5141.JPG
[2011/09/07 20:24:42 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Todd\Desktop\aswMBR.exe
[2011/09/07 18:23:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
[2011/09/05 16:19:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-233194558-870154993-683978915-1010Core.job
[2011/09/05 08:10:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/03 20:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/02 18:30:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (DELL8400-Todd).job
[2011/08/26 10:33:54 | 000,020,802 | ---- | M] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:23 | 000,744,403 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/25 12:05:11 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/08/25 03:01:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/23 23:05:40 | 000,110,050 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/18 18:15:23 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Todd\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/08/18 18:15:16 | 000,445,836 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/08/18 18:15:16 | 000,073,042 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/08/17 03:38:27 | 000,423,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/16 21:15:51 | 000,154,275 | ---- | M] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf

========== Files Created - No Company Name ==========

[2011/09/08 19:46:07 | 001,386,304 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\tdsskiller.zip
[2011/09/07 21:02:50 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\MBR.dat
[2011/09/07 20:37:30 | 000,194,756 | ---- | C] () -- C:\Documents and Settings\Todd\My Documents\IMG_5141.JPG
[2011/09/06 07:23:25 | 2682,425,344 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/26 10:33:54 | 000,020,802 | ---- | C] () -- C:\Documents and Settings\Todd\.recently-used.xbel
[2011/08/25 12:05:06 | 000,744,403 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Driving Directions from 3593 Frederick Dr Ann Arbor, Michigan to 17325 Beechwood Ave Beverly Hills, Michigan.pdf
[2011/08/23 23:05:39 | 000,110,050 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\2011_spring_sasa_sandra_richardson_fields.pdf
[2011/08/16 21:15:44 | 000,154,275 | ---- | C] () -- C:\Documents and Settings\Todd\Desktop\Stores - Promotions - BLICK art materials.pdf
[2011/05/12 15:22:02 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/22 19:37:09 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/06/17 23:21:13 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/06/04 16:29:34 | 000,094,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/10 22:33:53 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\inst.exe
[2009/12/10 22:33:53 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.cat
[2009/12/10 22:33:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\pcouffin.inf
[2009/07/30 21:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/12/24 01:42:49 | 000,000,441 | ---- | C] () -- C:\WINDOWS\System32\TDSSbeat.dat
[2008/10/28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/07/12 11:00:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/06/09 23:03:54 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/29 21:23:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/02/04 23:52:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\gl.dll
[2008/02/04 23:52:03 | 000,006,138 | ---- | C] () -- C:\WINDOWS\System32\e1.ini
[2008/01/18 23:13:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/01/18 23:10:41 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/12/20 22:35:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/12/20 22:35:44 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/11/27 15:34:14 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/11/23 00:38:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2007/10/12 21:24:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/04/07 22:49:18 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007/04/07 22:48:32 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2007/03/14 23:35:01 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2007/01/10 23:28:41 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/01/08 20:39:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/09/05 22:22:45 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2006/09/05 22:21:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2006/09/05 22:18:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/09/05 22:18:36 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/06/04 20:50:34 | 000,000,545 | ---- | C] () -- C:\WINDOWS\Jelly.ini
[2006/05/13 12:40:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/04/27 20:28:30 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\FixVTS.ini
[2006/04/23 14:14:22 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/19 17:49:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/02/04 00:14:06 | 000,000,246 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2006/01/04 22:06:30 | 000,004,830 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/30 13:59:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/12/18 18:32:17 | 000,001,581 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/26 20:38:47 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005/10/22 17:58:54 | 000,068,938 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2005/10/22 17:58:54 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2005/10/17 20:58:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/17 20:49:29 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/10 20:56:12 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/09/07 19:49:27 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/07/14 19:46:11 | 000,000,096 | ---- | C] () -- C:\WINDOWS\ImgTool.INI
[2005/07/13 22:19:25 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/02 19:48:40 | 000,001,090 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/06/02 19:43:17 | 000,001,293 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/05/30 20:56:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JPR.{PB
[2005/05/30 20:56:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Todd\Application Data\PFP120JCM.{PB
[2005/05/30 15:48:40 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Todd\Local Settings\Application Data\fusioncache.dat
[2005/05/28 16:06:53 | 000,000,519 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/05/25 12:04:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/25 12:00:11 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/25 11:57:25 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/25 11:51:34 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2005/05/25 11:51:34 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/05/25 11:51:26 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2005/05/25 11:51:26 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/05/25 11:51:21 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/05/25 11:42:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/05/25 11:40:54 | 000,445,836 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/05/25 11:40:54 | 000,073,042 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/05/25 11:22:34 | 000,000,367 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:08:08 | 000,423,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:02:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:08:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/10 11:08:26 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996/12/04 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/04 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1980/01/01 01:00:00 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[1980/01/01 01:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== LOP Check ==========

[2005/09/07 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2007/01/10 23:23:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/20 01:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2010/05/08 14:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Euchre
[2006/08/13 10:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2005/12/17 16:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/08/25 12:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/01/10 23:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/12/08 12:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/06/27 07:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008/12/24 05:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/06 00:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/12/30 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/06 21:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2006/06/16 12:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/04/01 23:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/17 22:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/02/04 19:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Amazon
[2011/04/11 23:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\BitTorrent
[2010/06/17 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canneverbe Limited
[2007/01/20 17:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Canon
[2011/01/02 16:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\FileZilla
[2009/07/26 12:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GARMIN
[2010/06/02 21:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\GrabPro
[2011/08/22 19:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\gtk-2.0
[2008/09/02 22:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\IEPro
[2005/08/24 16:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Image Zone Express
[2008/02/06 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Inkscape
[2008/07/20 20:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Juniper Networks
[2005/10/08 10:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\K9
[2005/07/13 19:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Leadertech
[2006/02/25 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\LucasArts
[2005/10/08 10:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MailWasherPro
[2008/08/20 19:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MiniDm
[2010/07/20 07:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\MSNInstaller
[2006/01/16 18:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Musicmatch
[2005/11/26 16:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\NCH Swift Sound
[2006/09/05 22:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\pdf995
[2006/02/25 19:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Petroglyph
[2011/04/17 10:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\PrimoPDF
[2005/11/26 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\RecordPad
[2007/01/10 23:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\ScanSoft
[2005/06/11 18:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Simple Star
[2006/09/21 22:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Snapfish
[2011/03/19 11:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Tific
[2010/12/23 14:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\vShare
[2010/11/25 15:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Todd\Application Data\Vso
[2011/09/10 12:58:47 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{586D26A5-6B2E-4769-8A0F-58E479BF083B}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

#10
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

How is your computer running now? Any improvement in performance?

We need to run an OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

  • Please right click on Posted Image on your desktop and click on Run as administrator.
  • Under the Custom Scans/Fixes box copy and paste this in:

    :OTL
    O4 - HKLM..\Run: [Bvopuligizoyo] File not found
      	
    :Files
    ipconfig /flushdns /c
    
    :Reg
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Click on Posted Image button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click on Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements


#11
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
The computer seems to be turning off faster and it will reboot without issue. Thank you for your help with this.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files\PageRage\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-233194558-870154993-683978915-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bvopuligizoyo deleted successfully.
C:\WINDOWS\itenatuqicacepe.dll moved successfully.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ deleted successfully.
File C:\Program Files\vShare\vshare_toolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eef9d6c-a26c-11de-9921-00132018f2f9}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{831e421b-90ad-11dc-9678-00132018f2f9}\ not found.
File H:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df62c306-d48f-11d9-b430-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df62c306-d48f-11d9-b430-00038a000015}\ not found.
File G:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd508cf4-845a-11de-98ed-00132018f2f9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd508cf4-845a-11de-98ed-00132018f2f9}\ not found.
File F:\wd_windows_tools\setup.exe not found.
C:\WINDOWS\Dhoyabuleze.bin moved successfully.
C:\WINDOWS\Kxazo.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\itenatuqicacepe.dll not found.
File\Folder C:\Program Files\vShare\vshare_toolbar.dll not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Todd\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Todd\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 524 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Eric
->Temp folder emptied: 11940639 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 53383195 bytes
->FireFox cache emptied: 47745562 bytes
->Flash cache emptied: 1810806 bytes

User: Heidi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Java cache emptied: 25493522 bytes
->Flash cache emptied: 2105 bytes

User: Kelly
->Temp folder emptied: 448 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Java cache emptied: 39821898 bytes
->FireFox cache emptied: 6714999 bytes
->Flash cache emptied: 88547 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 466711535 bytes
->Java cache emptied: 3075 bytes
->Flash cache emptied: 37151 bytes

User: Melissa
->Temp folder emptied: 335 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Java cache emptied: 46632770 bytes
->FireFox cache emptied: 320856337 bytes
->Flash cache emptied: 410714 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 655819014 bytes
->Java cache emptied: 16924 bytes
->Flash cache emptied: 31024 bytes

User: Todd
->Temp folder emptied: 31296705 bytes
->Temporary Internet Files folder emptied: 4937445 bytes
->Java cache emptied: 47000773 bytes
->FireFox cache emptied: 228408186 bytes
->Flash cache emptied: 1550266 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 109681 bytes
%systemroot%\System32 .tmp files removed: 3658257 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2376576 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 175105011 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 87488 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,072.00 mb


[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: Administrator

User: All Users

User: Default User

User: Eric
->Flash cache emptied: 0 bytes

User: Heidi
->Flash cache emptied: 0 bytes

User: Kelly
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: Melissa
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Todd
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.27.0 log created on 09102011_121734

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_4a0.dat not found!

Registry entries deleted on Reboot...


OTL logfile created on: 9/11/2011 3:14:12 PM - Run 4
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Todd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 67.14% Memory free
4.34 Gb Paging File | 3.52 Gb Available in Paging File | 81.10% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2247 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 17.51 Gb Free Space | 24.72% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 25.65 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive G: | 74.53 Gb Total Space | 3.30 Gb Free Space | 4.43% Space Free | Partition Type: NTFS

Computer Name: DELL8400 | User Name: Todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/06 22:17:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 17:54:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Todd\Desktop\OTL.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/03/21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004/03/23 13:16:16 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/03/23 13:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
  • 0

#12
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#13
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
I am sorry, but I am having a hard time finishing the scan. It estimates scan times of over 8 hours, which is fine, since I could just start it and go to bed or work. But the problem is that it stops scanning when it hits a threat until you delete the threat. I am currently at 38% done after about 24 hours. I'll keep going, but I hope I don't go on the "inactive" list. Thanks.
  • 0

#14
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
No problem. I will be here. :)
  • 0

#15
newmantjn

newmantjn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi;
Thanks for staying with me for so long. I fumbled on the virus scan a bit and it might not be complete. This happened because after 5 hours I thought it was over once I hit "delete" for the virus it found, but as I found out, it stops for each virus. So, I might be missing one or two. Other than that, the logs you requested are below.

Status: Deleted (events: 4)
9/12/2011 7:17:52 AM Deleted virus HEUR:Packed.Win32.Generic C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP2089\A0590007.dll High
9/12/2011 7:17:52 AM Deleted virus HEUR:Packed.Win32.Generic C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP2089\A0590007.dll High
9/12/2011 7:17:52 AM Deleted virus HEUR:Packed.Win32.Generic C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP2089\A0590006.dll High
9/12/2011 7:17:52 AM Deleted virus HEUR:Packed.Win32.Generic C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP2089\A0590006.dll High
Status: Disinfected (events: 4)
9/12/2011 5:40:47 PM Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\Archive Folders\Top of Personal Folders\OldCrap\[From:[email protected] ][Subject:Attention! Your PayPal account has been violated!][Time:2006/09/29 11:01:56]/HTMLBody High
9/12/2011 6:56:20 PM Disinfected Trojan program Trojan-Spy.HTML.Paylap.ev Outlook\Archive Folders\Top of Personal Folders\OldCrap\[From:PayPal][Subject:New Security Requirements][Time:2005/06/24 16:39:43]/HTMLBody High
9/12/2011 8:27:36 PM Disinfected Trojan program Trojan-Spy.HTML.Fraud.gen Outlook\zPinball2007\Top of Personal Folders\Pinball20072008\[From:Postcards.com][Subject:You have received an e-card !][Time:2008/05/13 12:02:29]/HTMLBody High
9/12/2011 8:29:10 PM Disinfected Trojan program Trojan-Spy.HTML.Paylap.ev Todd Newman\Local Folders\Deleted Items\[From:"PayPal" <[email protected]>][Subject:New Security Requirements][Time:2005/06/24 16:39:43]/text/html High

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP