Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Taskbar Freezes occasionally, copy and paste does not work at times.

Started by jrodfoo , Sep 12 2011 04:15 PM

  • This topic is locked This topic is locked

#1
jrodfoo
Posted 12 September 2011 - 04:15 PM

jrodfoo

    Member

  • Member
  • PipPip
  • 19 posts
Hi all,

First I would like to thank everyone is this forum. This site is very very good.

I am experiencing a weird issue with the Taskbar freezing at times and sometimes I cannot copy and paste files from a folder to the desktop, another folder, ect.

When I hit Ctrl+alt+del this "releases" the freeze of the taskbar is gone and you can click on various things and bring them up from the taskbar. This works for a a little while and then it happens again and I repeat the steps. It's really getting annoying and I'd like to try to fix it.

I will paste my OTL file below. if you need anymore information. Please let me know! I've used Hijackthis and I have have Symantec Norton Antivirus installed.

Thanks,
Jerrod

OTL logfile created on: 9/12/2011 6:00:14 PM - Run 2
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Jerrod\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 204.42 Mb Available Physical Memory | 19.97% Memory free
2.41 Gb Paging File | 1.61 Gb Available in Paging File | 66.69% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 64.17 Gb Free Space | 57.40% Space Free | Partition Type: NTFS
Drive E: | 111.79 Gb Total Space | 55.29 Gb Free Space | 49.46% Space Free | Partition Type: NTFS

Computer Name: JERROD | User Name: Jerrod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/12 17:57:08 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerrod\My Documents\Downloads\OTL.exe
PRC - [2011/08/31 19:18:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 00:31:37 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/08/31 00:31:36 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2011/05/27 00:07:15 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
PRC - [2010/03/17 16:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/12/17 18:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2009/09/07 08:14:34 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/21 18:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/07/25 12:44:27 | 000,331,776 | ---- | M] (Western Digital Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\WDBtnMgr.exe
PRC - [2003/12/11 06:09:34 | 000,046,592 | R--- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect\wdsvc.exe
PRC - [2003/11/12 13:46:34 | 000,049,152 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect\retrorun.exe
PRC - [2002/11/08 06:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/08/31 19:18:55 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/08/31 00:31:46 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2011/08/31 00:31:44 | 000,589,184 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011/08/31 00:29:38 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011/08/27 16:08:58 | 006,277,280 | ---- | M] () -- C:\WINDOWS\SYSTEM32\MACROMED\FLASH\NPSWF32.dll
MOD - [2011/08/19 09:36:58 | 004,425,040 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\vcore.dll
MOD - [2011/08/19 09:36:43 | 000,316,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\remediation.dll
MOD - [2011/08/19 09:36:34 | 000,263,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libZip.dll
MOD - [2011/08/19 09:36:33 | 000,394,576 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libVvs.dll
MOD - [2011/08/19 09:36:33 | 000,185,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libtd.dll
MOD - [2011/08/19 09:36:32 | 000,185,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libRTF.dll
MOD - [2011/08/19 09:36:31 | 000,349,520 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libOleA.dll
MOD - [2011/08/19 09:36:31 | 000,300,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libRar.dll
MOD - [2011/08/19 09:36:30 | 000,210,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libNSIS.dll
MOD - [2011/08/19 09:36:29 | 000,443,728 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMsCab.dll
MOD - [2011/08/19 09:36:29 | 000,185,680 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMsi.dll
MOD - [2011/08/19 09:36:28 | 000,193,872 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2011/08/19 09:36:27 | 000,292,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libEmail.dll
MOD - [2011/08/19 09:36:26 | 000,210,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2011/08/19 09:36:25 | 000,963,920 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\lgpl.dll
MOD - [2011/08/19 09:36:25 | 000,202,064 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\lib7zip.dll
MOD - [2011/08/18 15:25:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2011/08/10 03:30:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/10 03:26:55 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/10 03:22:13 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/10 03:15:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/10 03:13:39 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/08/01 16:05:51 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll
MOD - [2011/06/28 08:00:31 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
MOD - [2011/06/28 07:46:35 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
MOD - [2010/11/24 16:36:30 | 000,731,136 | ---- | M] () -- C:\Program Files\TVersity\Media Server\X11.dll
MOD - [2010/11/24 16:36:30 | 000,714,752 | ---- | M] () -- C:\Program Files\TVersity\Media Server\log4cxx.dll
MOD - [2010/11/24 16:36:30 | 000,507,888 | ---- | M] () -- C:\Program Files\TVersity\Media Server\sqlite3.dll
MOD - [2010/11/24 16:36:30 | 000,346,112 | ---- | M] () -- C:\Program Files\TVersity\Media Server\taglib.dll
MOD - [2010/11/24 16:36:30 | 000,329,728 | ---- | M] () -- C:\Program Files\TVersity\Media Server\libcurl.dll
MOD - [2010/11/24 16:36:30 | 000,311,808 | ---- | M] () -- C:\Program Files\TVersity\Media Server\libmp3lame-0.dll
MOD - [2010/11/24 16:36:30 | 000,201,232 | ---- | M] () -- C:\Program Files\TVersity\Media Server\swscale-0.dll
MOD - [2010/11/24 16:36:28 | 000,165,888 | ---- | M] () -- C:\Program Files\TVersity\Media Server\CORE_RL_lcms_.dll
MOD - [2010/11/24 16:36:22 | 004,532,240 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avcodec-52.dll
MOD - [2010/11/24 16:36:22 | 000,793,616 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avformat-52.dll
MOD - [2010/11/24 16:36:22 | 000,081,936 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avutil-50.dll
MOD - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
MOD - [2010/02/05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\SYSTEM32\quartz.dll
MOD - [2009/09/07 08:14:34 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
MOD - [2009/09/07 08:14:34 | 000,357,768 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
MOD - [2008/03/25 00:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msjetoledb40.dll
MOD - [2006/09/16 01:03:02 | 000,007,680 | ---- | M] () -- C:\Program Files\TVersity\Media Server\ImageMagickCoders\IM_MOD_RL_gray_.dll
MOD - [2006/06/01 17:22:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\SYSTEM32\nview.dll
MOD - [2006/06/01 17:22:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\SYSTEM32\nvshell.dll
MOD - [2006/01/02 18:23:16 | 000,003,584 | ---- | M] () -- C:\WINDOWS\SYSTEM32\wmfhotfix.dll
MOD - [2003/05/15 15:43:24 | 000,119,808 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (WinPPPoverEthernet)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/31 00:31:36 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/08/01 16:05:51 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () [Auto | Running] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2009/12/17 18:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/09/07 08:14:34 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/02/21 18:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/09 12:30:08 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/08/22 04:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/06/20 11:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/05/14 13:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/02/26 02:18:00 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/12/11 06:09:34 | 000,046,592 | R--- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect\wdsvc.exe -- (RetroWDSvc)
SRV - [2003/11/12 13:46:34 | 000,049,152 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect\retrorun.exe -- (RetroLauncher)


========== Driver Services (SafeList) ==========

DRV - [2011/08/18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/08/18 15:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/08/03 04:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110912.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/03 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110912.003\NAVENG.SYS -- (NAVENG)
DRV - [2011/07/27 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/27 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/22 15:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\taphss.sys -- (taphss)
DRV - [2010/09/15 14:07:08 | 000,270,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20110908.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/17 18:18:50 | 000,020,152 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\vpnva.sys -- (vpnva)
DRV - [2009/09/07 08:50:18 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/04/20 13:36:06 | 000,531,456 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\GPWADrv.sys -- (GPWADrv) Service for L6 GuitarPort Driver (WDM)
DRV - [2009/04/20 13:36:04 | 000,029,312 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\l6dp.sys -- (L6DP)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 13:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIM)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 13:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/01/31 21:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 21:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 21:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtspx.sys -- (SRTSPX)
DRV - [2007/11/29 02:18:04 | 000,078,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2007/11/29 02:17:34 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2007/11/29 02:17:28 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/08/08 20:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CO_Mon.sys -- (CO_Mon)
DRV - [2006/12/06 01:29:37 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\SVKP.sys -- (SVKP)
DRV - [2006/11/21 13:34:24 | 000,203,264 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bender.sys -- (BENDER)
DRV - [2006/04/07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\VNUSB.sys -- (VNUSB)
DRV - [2006/01/19 20:41:52 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2005/06/29 15:49:44 | 000,425,984 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinUsb.sys -- (PinnacleMarvinUsb)
DRV - [2005/06/02 19:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI)
DRV - [2004/05/14 11:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\npf.sys -- (NPF)
DRV - [2004/03/23 22:09:52 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2002/11/14 23:15:00 | 000,012,640 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\itchfltr.sys -- (itchfltr)
DRV - [2002/11/13 06:54:06 | 000,019,677 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\xlink.sys -- (xlink) XLink Driver (xlink.sys)
DRV - [2002/11/08 06:50:00 | 000,070,238 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2002/11/08 06:50:00 | 000,052,238 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys -- (L8042pr2)
DRV - [2002/08/29 01:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\an983.sys -- (AN983)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS -- (ASPI)
DRV - [2002/04/11 14:47:52 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipfilter.sys -- (IPFilter)
DRV - [2001/12/21 09:10:08 | 000,303,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mpad.sys -- (ati2mpad)
DRV - [2001/12/03 17:11:14 | 000,160,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Icam4USB.sys -- (Icam4USB)
DRV - [2001/10/02 16:06:30 | 001,757,928 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\e10kx2k.sys -- (emu10kx) Creative EMU10K1/EMU10K2 Audio Driver (WDM)
DRV - [2001/09/11 13:14:16 | 000,154,284 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\EMUPIA2K.SYS -- (emupia)
DRV - [2001/09/11 13:10:40 | 000,207,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2001/09/11 13:10:18 | 000,011,036 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2001/09/11 13:10:14 | 000,186,944 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2001/09/11 13:09:58 | 000,110,084 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CTAC32K.SYS -- (ctac32k)
DRV - [2001/08/17 14:28:26 | 000,113,762 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\USRpdA.sys -- (USRpdA)
DRV - [2001/08/17 13:49:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atimpae.sys -- (atirage3)
DRV - [2000/08/09 15:08:18 | 000,023,326 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [1999/12/17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PfModNT.sys -- (PfModNT)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASLM75.SYS -- (aslm75)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://wapp.verizon....&bm=ho_central"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}:0.7.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:4.5.0
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerrod\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerrod\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jerrod\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jerrod\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/27 00:09:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/31 19:19:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/07 19:39:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerrod\Application Data\Move Networks [2009/08/13 14:00:09 | 000,000,000 | ---D | M]

[2008/09/02 23:51:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Extensions
[2011/09/12 14:20:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions
[2010/04/27 17:36:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2006/08/04 21:48:04 | 000,000,000 | ---D | M] ("Silver Skin") -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}
[2008/04/07 15:02:37 | 000,000,000 | ---D | M] (Verizon Broadband Toolbar) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions\{3DD07E5D-2ADF-42ea-972E-2998FA5CE45A}
[2011/01/05 04:11:48 | 000,000,000 | ---D | M] (wmlbrowser) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}
[2011/09/12 14:20:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/05/13 23:47:31 | 000,002,042 | ---- | M] () -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\searchplugins\facebook.xml
[2007/06/27 16:22:28 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Firefox\Profiles\w3sg0eh9.default\searchplugins\verizonsearch.xml
[2011/06/23 19:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/28 17:58:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/28 18:32:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/28 17:57:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/30 17:49:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/28 18:54:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/23 19:06:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JERROD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W3SG0EH9.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JERROD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W3SG0EH9.DEFAULT\EXTENSIONS\{AD48108D-92A6-4EB9-87E4-978ACA1DBAE4}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JERROD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W3SG0EH9.DEFAULT\EXTENSIONS\[email protected]
[2010/04/28 17:58:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/08/31 19:18:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/06/30 13:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2004/11/12 23:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/02 17:33:45 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/04/21 00:17:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

Hosts file not found
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O3: - HKCU\..\Toolbar\ShellBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Configuration Loaded] wupdated.exe File not found
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [SystemTray] C:\WINDOWS\System32\systray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [WD Button Manager] C:\WINDOWS\System32\WDBtnMgr.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found
O4 - HKLM..\RunOnce: [0000 - C:\Documents and Settings\Jerrod\Start Menu\Programs\HP DeskJet 930C Series v2.3] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Jerrod\Start Menu\Programs\HP DeskJet 930C Series v2.3" File not found
O4 - HKLM..\RunOnce: [0003 - C:\Documents and Settings\Jerrod\Start Menu\Programs\HP Internet Connection Center] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Jerrod\Start Menu\Programs\HP Internet Connection Center" File not found
O4 - HKLM..\RunOnce: [0004 - C:\Documents and Settings\Jerrod\Start Menu\Programs\HP Internet Connection Center] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Jerrod\Start Menu\Programs\HP Internet Connection Center" File not found
O4 - HKLM..\RunServices: [Configuration Loaded] wupdated.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKCU\..Trusted Domains: bestbuy.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {00000075-0000-0010-8000-00AA00389B71} http://codecs.micros...86/voxmsdec.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.micros...i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsi.cab (Reg Error: Key error.)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.a...ad/tgctlins.cab (Reg Error: Key error.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfi...IOS/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...ector/swdir.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.micr...b?1092106100512 (MSSecurityAdvisor Class)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec....rl/LSSupCtl.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://download.yaho...talls/yinst.cab (YInstStarter Class)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv8dmo.cab (Reg Error: Key error.)
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} http://www.cdkeybonu...key/ITCDKey.cab (CDKey Class)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://apple.speeder...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://webvpn.aamc....ries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://software-dl.r...ip/RdxIE601.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120538235714 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1125770038228 (MUWebControl Class)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://208.158.118.1...sCamControl.ocx (CamImage Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7578.9259837963 (Reg Error: Key error.)
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} http://community.web...otoUploader.CAB (Webshots Photo Uploader)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft...ols/SassCln.CAB (SassCln Object)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} http://speedtest.ade...TESTACTIVEX.CAB (SpdTCtl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} http://www.instantac...ad/iaplayer.cab (InstantAction Game Launcher)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://www.driverage...driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F3870D-E6D6-496C-A620-DE877172437B}: NameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\wmfhotfix.dll) -C:\WINDOWS\SYSTEM32\wmfhotfix.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToMyPC: DllName - (C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll) - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21 - SSODL: Adobe SVG Viewer - {B7084DFF-32A8-6E0E-85CF-461F507A4D9C} - C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Plugins.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Jerrod\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerrod\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/11/20 15:32:22 | 000,000,194 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2006/07/07 22:58:44 | 000,000,279 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/12 16:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Coldplay - Paradise (Single)-AAC-(2011)
[2011/09/02 20:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Foo Fighters - 2011 08 26 - Rock en Seine, St-Cloud, France (FM Flac)
[2011/08/31 00:31:50 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/08/31 00:27:01 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/08/31 00:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/08/31 00:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/08/30 17:36:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jerrod\My Documents\OTL.exe
[2011/08/28 15:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Red_Hot_Chili_Peppers-Im_With_You-2011-BriBerY
[2011/08/27 17:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/08/27 17:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/23 00:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Grand_Atlantic-Constellations-2011-404
[2007/04/03 00:25:39 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\interop.simulationmanagerlib.dll
[2007/04/03 00:25:39 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\interop.windowsinstaller.dll
[2005/01/16 17:54:58 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2001/09/11 13:05:52 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[485 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/12 17:46:04 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004UA.job
[2011/09/12 14:07:28 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-436374069-1060284298-1004.job
[2011/09/12 14:06:58 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-436374069-1060284298-1004.job
[2011/09/12 14:06:54 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/12 14:06:26 | 000,063,253 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/12 14:06:16 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/09/12 14:03:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/12 14:03:56 | 1073,254,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/12 14:03:04 | 000,023,196 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/09/12 14:03:04 | 000,023,196 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/09/12 14:03:04 | 000,018,560 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/09/12 14:03:04 | 000,018,560 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/09/12 14:03:04 | 000,001,072 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/09/12 14:03:04 | 000,001,072 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/09/12 14:03:04 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2011/09/12 14:03:04 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2011/09/11 20:46:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004Core.job
[2011/09/10 17:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/10 00:31:46 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/09/10 00:31:46 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/08/31 00:31:48 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/08/31 00:31:47 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/08/30 17:36:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerrod\My Documents\OTL.exe
[2011/08/24 21:18:15 | 002,799,489 | ---- | M] () -- C:\Documents and Settings\Jerrod\Desktop\Foo_Fighters_Hot_Buns_TNp0aF6DPItd.128.mp3
[2011/08/24 17:44:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/08/14 15:56:07 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[485 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/31 07:50:20 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/08/31 00:29:39 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/08/31 00:29:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/08/31 00:28:37 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/08/24 21:18:09 | 002,799,489 | ---- | C] () -- C:\Documents and Settings\Jerrod\Desktop\Foo_Fighters_Hot_Buns_TNp0aF6DPItd.128.mp3
[2010/04/17 00:14:12 | 000,013,986 | -HS- | C] () -- C:\Documents and Settings\Jerrod\Application Data\jrNYi6G
[2010/04/17 00:14:12 | 000,013,986 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\jrNYi6G
[2009/09/17 15:41:27 | 000,022,820 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/04 20:00:26 | 000,000,372 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2008/09/28 23:49:04 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2008/09/28 23:49:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2008/07/27 19:42:30 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll
[2008/07/27 19:42:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll
[2008/07/23 12:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 12:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/02/04 22:36:26 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/26 21:18:13 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/04/03 00:25:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\swarmcastinstallwrapper.exe
[2007/04/03 00:25:44 | 000,270,336 | ---- | C] () -- C:\WINDOWS\mlbappstart.exe
[2007/04/03 00:25:44 | 000,002,497 | ---- | C] () -- C:\WINDOWS\mlbappstart.exe.config
[2007/04/03 00:25:43 | 000,217,088 | ---- | C] () -- C:\WINDOWS\mlbamplayer.exe
[2007/04/03 00:25:31 | 005,798,560 | ---- | C] () -- C:\WINDOWS\bammediaplayer.exe
[2007/03/28 22:36:17 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/13 22:08:56 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Ahead DVD Ripper.INI
[2007/01/05 22:34:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/12/25 11:53:57 | 000,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf
[2006/12/25 11:52:59 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/12/24 15:47:06 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/11/26 03:19:25 | 000,593,938 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2006/11/12 18:24:46 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/07/16 17:36:50 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/07/07 22:58:44 | 000,001,277 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2006/06/16 00:23:02 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/06/16 00:23:01 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/06/01 17:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 17:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/04/26 21:37:07 | 000,000,066 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2006/03/14 22:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/02 18:23:16 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wmfhotfix.dll
[2005/12/21 06:36:46 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/10/19 19:49:33 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2005/09/09 21:46:01 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/08/09 18:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 18:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/28 19:27:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ump.INI
[2005/04/28 20:26:09 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AudACM.ini
[2005/03/21 00:52:03 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2005/03/21 00:51:30 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/03/13 15:34:19 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/02/17 06:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/02/17 06:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/02/17 06:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/02/17 06:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/02/17 06:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 06:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/02/03 23:59:48 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\metaflac.exe
[2005/02/03 23:59:44 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\flac.exe
[2005/01/16 18:02:41 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin
[2005/01/07 01:11:11 | 000,086,470 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2004/12/25 01:10:03 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\fusioncache.dat
[2004/12/25 00:51:19 | 000,038,868 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2004/12/25 00:51:19 | 000,029,358 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2004/12/20 18:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/12/07 20:57:39 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2004/11/17 02:09:14 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2004/08/23 18:20:14 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/23 18:19:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/23 17:54:46 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 00:34:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\imageCache7.db
[2004/07/15 11:42:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2004/07/15 11:42:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2004/07/15 11:42:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2004/07/15 11:42:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2004/07/15 11:42:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2004/07/15 11:42:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2004/07/15 11:42:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2004/07/15 11:42:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2004/07/15 11:42:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/03/17 21:00:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2004/03/11 00:26:10 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2004/02/26 02:18:04 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2004/01/27 08:13:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2004/01/15 07:01:26 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2003/12/07 14:46:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Quicktools.INI
[2003/08/07 15:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/06/02 04:19:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\msc001.dat
[2003/05/30 00:20:46 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\VQfile.dll
[2003/05/27 01:08:36 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2003/04/22 00:44:42 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2003/04/10 00:12:26 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/04/06 04:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2003/02/14 05:12:30 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2002/12/30 13:34:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\support.exe
[2002/12/27 05:40:27 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2002/12/23 17:01:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\wpdsvr.exe
[2002/12/17 06:24:33 | 000,000,683 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2002/11/24 06:37:37 | 000,012,884 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2002/11/13 11:26:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\wh2robo.dll
[2002/10/15 01:55:33 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2002/08/20 05:37:50 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002/08/12 02:24:31 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2002/07/11 12:23:52 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ITCDKey.dll
[2002/04/11 14:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/04/03 05:08:22 | 001,086,624 | ---- | C] () -- C:\WINDOWS\MyFiles.dat.lst
[2002/04/03 05:08:22 | 000,000,528 | ---- | C] () -- C:\WINDOWS\Settings.ini
[2002/04/03 05:08:22 | 000,000,013 | ---- | C] () -- C:\WINDOWS\MyFiles.dat
[2002/03/20 03:31:37 | 000,000,070 | ---- | C] () -- C:\WINDOWS\System32\wmp32trm.dll
[2002/03/02 17:20:20 | 000,000,030 | ---- | C] () -- C:\WINDOWS\morpheusp.INI
[2002/02/27 19:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2001/12/26 09:31:25 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/12/25 19:04:48 | 000,000,173 | ---- | C] () -- C:\WINDOWS\System32\Setup.ini
[2001/12/25 19:04:35 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2001/12/25 17:49:58 | 000,005,824 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2001/12/25 16:51:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2001/12/25 16:51:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2001/12/25 16:36:48 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\sfman.dat
[2001/12/25 15:18:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2001/12/25 15:14:02 | 000,003,242 | ---- | C] () -- C:\WINDOWS\LnkStub.dat
[2001/12/25 15:11:08 | 000,172,955 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2001/12/25 15:11:08 | 000,012,484 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2001/12/25 15:11:08 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2001/12/25 15:11:08 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2001/12/25 15:11:08 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2001/12/25 15:11:08 | 000,002,742 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2001/12/25 15:11:08 | 000,001,125 | ---- | C] () -- C:\WINDOWS\WINAMP.INI
[2001/12/25 15:11:08 | 000,000,909 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/12/25 15:11:08 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2001/12/25 15:11:08 | 000,000,317 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2001/12/25 15:11:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2001/12/25 15:11:08 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2001/12/25 15:11:08 | 000,000,199 | ---- | C] () -- C:\WINDOWS\HPFSCHED.INI
[2001/12/25 15:11:08 | 000,000,120 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2001/12/25 15:11:08 | 000,000,099 | ---- | C] () -- C:\WINDOWS\CTREC.INI
[2001/12/25 15:11:08 | 000,000,087 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2001/12/25 15:11:08 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2001/12/25 15:11:08 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2001/12/25 15:11:08 | 000,000,045 | ---- | C] () -- C:\WINDOWS\UsrWiz.ini
[2001/12/25 15:11:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2001/12/25 15:11:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2001/12/25 15:11:08 | 000,000,009 | ---- | C] () -- C:\WINDOWS\WINHELP.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WINFILE.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROGMAN.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2001/12/25 15:07:42 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001/12/25 15:01:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/25 15:00:26 | 000,140,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/11/22 23:31:59 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\3CDPUMP.DLL
[2001/11/22 23:31:59 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\3CMLNKW.EXE
[2001/11/20 18:57:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2001/11/20 18:56:45 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\VP3CLEAN.EXE
[2001/11/20 18:56:38 | 000,795,548 | ---- | C] () -- C:\WINDOWS\System32\ica2.dll
[2001/11/20 18:55:22 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2001/11/20 18:55:22 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2001/11/20 15:54:51 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\HPZCIN01.EXE
[2001/11/20 13:34:02 | 000,397,344 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT
[2001/11/20 13:33:00 | 000,023,357 | -H-- | C] () -- C:\Program Files\folder.htt
[2001/11/20 13:29:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/11/20 11:23:01 | 000,001,020 | ---- | C] () -- C:\WINDOWS\TRUESOFT.DAT
[2001/11/20 11:19:19 | 000,042,448 | ---- | C] () -- C:\WINDOWS\PTDLL16.DLL
[2001/11/20 11:19:19 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PCTPTT.EXE
[2001/11/20 11:19:19 | 000,014,560 | ---- | C] () -- C:\WINDOWS\PTRTSYC.DLL
[2001/11/20 11:19:19 | 000,009,184 | ---- | C] () -- C:\WINDOWS\PTSNOOP.EXE
[2001/11/20 11:19:19 | 000,000,456 | ---- | C] () -- C:\WINDOWS\PTHSP.DAT
[2001/11/20 03:54:21 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\ALiUninst.exe
[2001/11/19 19:03:03 | 000,016,384 | ---- | C] () -- C:\WINDOWS\MSIMGSIZ.DAT
[2001/10/11 11:23:54 | 000,155,136 | ---- | C] () -- C:\WINDOWS\unsp1drv.exe
[2001/10/03 11:48:34 | 000,035,807 | ---- | C] () -- C:\WINDOWS\System32\WEBUPDATEOCT2001.INI
[2001/09/17 13:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/09/11 13:36:02 | 000,161,900 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2001/09/11 13:35:58 | 000,111,123 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2001/09/11 13:30:30 | 000,111,223 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2001/09/11 13:27:44 | 000,144,493 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2001/09/11 13:24:48 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2001/08/23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 13:00:00 | 000,435,266 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 13:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_006365_.tmp.dll
[2001/08/23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 13:00:00 | 000,069,256 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 13:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_006333_.tmp.dll
[2001/08/23 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/19 17:15:24 | 000,000,166 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2001/07/19 05:38:32 | 000,021,637 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2001/07/13 09:37:18 | 000,176,128 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2001/06/28 12:05:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2001/03/23 15:09:58 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2000/06/08 18:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[2000/04/17 14:44:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[1999/04/23 23:22:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/11/17 18:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1996/02/23 15:34:48 | 000,014,629 | ---- | C] () -- C:\WINDOWS\System32\Declw.dll
[1996/02/22 13:09:20 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\Decln.dll

========== LOP Check ==========

[2008/08/17 11:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/09/23 21:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2008/11/26 15:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2008/02/06 00:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2005/08/07 21:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESPN
[2004/12/17 02:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kazaa Lite
[2003/03/23 06:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keyhole
[2007/06/13 22:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2005/03/30 00:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2006/07/07 23:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2006/07/08 00:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/06/02 22:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2006/07/07 23:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/07/31 20:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2002/05/27 16:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/01/15 20:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/01/20 23:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2009/03/16 17:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/05 19:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/14 17:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/06 19:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2005/03/21 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\.BitTornado
[2007/05/31 22:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\.bittorrent
[2008/01/15 20:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\acccore
[2010/09/23 21:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Aim
[2008/10/08 00:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Any Video Converter
[2010/07/18 23:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\ApplicationHistory
[2006/04/26 03:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Azureus
[2008/10/05 22:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Cisco
[2010/09/30 23:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
[2005/04/26 00:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\drms
[2007/07/22 14:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\eBookPro6
[2006/03/23 00:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\FilmLoop
[2008/04/01 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\GarageGames
[2004/08/23 01:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\GlobalSCAPE
[2003/03/09 15:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\InterVideo
[2005/03/21 00:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\IsolatedStorage
[2003/10/24 01:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Kazaa Lite
[2003/03/23 06:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Keyhole
[2003/03/21 01:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Leadertech
[2007/06/13 22:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Line 6
[2008/04/27 20:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\LocalLow
[2007/05/26 15:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\MusicIP
[2006/07/11 00:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Seven Zip
[2008/06/12 20:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Skinux
[2011/08/15 19:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Spotify
[2008/04/07 15:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\SupportSoft
[2011/04/26 20:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Temp
[2002/05/25 03:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Ulead Systems
[2011/09/12 17:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\uTorrent
[2008/01/22 23:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\Viewpoint
[2008/04/07 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\vol_toolbar
[2010/05/03 01:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\WMTools Downloaded Files
[2005/03/21 19:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerrod\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
[2011/09/12 14:06:16 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
maliprog
Posted 23 September 2011 - 03:01 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello jrodfoo and welcome to G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Let's see if this is caused by malware...

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
    O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell - "" = AutoRun
    O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    [2010/04/17 00:14:12 | 000,013,986 | -HS- | C] () -- C:\Documents and Settings\Jerrod\Application Data\jrNYi6G
    [2010/04/17 00:14:12 | 000,013,986 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\jrNYi6G

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download GMER from Here. Note the file's name and save it to your root folder, such as C:.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • GMER log
It would be helpful if you could post each log in separate post
  • 0

#3
jrodfoo
Posted 24 September 2011 - 02:00 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi, Thanks for your reply! Here is the OTL log, I will now download GMER and post the results.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f4fe740-0030-11dc-86c4-002078030942}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f4fe740-0030-11dc-86c4-002078030942}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f4fe740-0030-11dc-86c4-002078030942}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f4fe740-0030-11dc-86c4-002078030942}\ not found.
File F:\LaunchU3.exe -a not found.
C:\Documents and Settings\Jerrod\Application Data\jrNYi6G moved successfully.
C:\Documents and Settings\All Users\Application Data\jrNYi6G moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Jerrod
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 11372687 bytes
->Java cache emptied: 90770907 bytes
->FireFox cache emptied: 351218184 bytes
->Google Chrome cache emptied: 76939849 bytes
->Flash cache emptied: 2072429 bytes

User: LocalService
->Temporary Internet Files folder emptied: 116502 bytes

User: NetworkService
->Temporary Internet Files folder emptied: 597037484 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 3234496 bytes
%systemroot%\System32 .tmp files removed: 123988797 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83357 bytes
Session Manager Temp folder emptied: 32768 bytes
Session Manager Tmp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64850396 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 2450423 bytes
RecycleBin emptied: 117663744 bytes

Total Files Cleaned = 1,375.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Jerrod
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.28.0 log created on 09242011_153842

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\JET90C7.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_560.dat moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_65c.dat not found!

Registry entries deleted on Reboot...
  • 0

#4
jrodfoo
Posted 24 September 2011 - 06:37 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here is the log of the GMER scan. Now the PC is slow and when playing any music the music skips and things are really sluggish. it's worse. You can also see the "skipping" when moving the mouse across the screen. CPU 100% too... ugh.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-24 20:22:59
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD1200JB-00GVA0 rev.08.02D08
Running: f7l4iy47.exe; Driver: C:\DOCUME~1\Jerrod\LOCALS~1\Temp\uwtdypob.sys


---- System - GMER 1.0.15 ----

SSDT 852928F8 ZwAlertResumeThread
SSDT 852929B8 ZwAlertThread
SSDT 84CCF350 ZwAllocateVirtualMemory
SSDT 86881340 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF4FC7020]
SSDT 85292658 ZwCreateMutant
SSDT 852A0148 ZwCreateThread
SSDT 85292358 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF4FC72A0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF4FC7800]
SSDT 852C6180 ZwFreeVirtualMemory
SSDT 85292728 ZwImpersonateAnonymousToken
SSDT 85292838 ZwImpersonateThread
SSDT 852F2A58 ZwMapViewOfSection
SSDT 85292598 ZwOpenEvent
SSDT 852B3140 ZwOpenProcessToken
SSDT 85292418 ZwOpenSection
SSDT 84CCEE68 ZwOpenThreadToken
SSDT 852E1200 ZwResumeThread
SSDT 8529DE30 ZwSetContextThread
SSDT 852F7E48 ZwSetInformationProcess
SSDT 85292BD0 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF4FC7A50]
SSDT 852924D8 ZwSuspendProcess
SSDT 852E1140 ZwSuspendThread
SSDT 852AF148 ZwTerminateProcess
SSDT 84CCF318 ZwTerminateThread
SSDT 84CD8140 ZwUnmapViewOfSection
SSDT 84C45240 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 215 804E2881 3 Bytes [25, 29, 85]
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF6950360, 0x24BB1D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[168] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[240] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\WINDOWS\System32\CTsvcCDA.EXE[248] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\WINDOWS\System32\svchost.exe[492] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[552] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text ...
.text C:\program files\real\realplayer\update\realsched.exe[2744] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\program files\real\realplayer\update\realsched.exe[2744] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\Documents and Settings\Jerrod\My Documents\Downloads\f7l4iy47.exe[2748] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\WINDOWS\system32\WDBtnMgr.exe[3052] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\Program Files\iTunes\iTunesHelper.exe[3056] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text C:\WINDOWS\system32\CTHELPER.EXE[3148] GDI32.dll!Escape 77F26F5A 5 Bytes JMP 10001000 C:\WINDOWS\system32\wmfhotfix.dll
.text ...

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}
Reg HKLM\SOFTWARE\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}@KGHQ1WVPMWYCTK5FHYUB2KQRGA1 0x01 0x00 0x01 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C3E67C84-FF81-4ACD-401BD333BA56E9EA}\{F4E9985F-0D7B-FE76-62CD8C76B0126B78}\{BB457FA5-4647-F88E-4919FBC3754B9322}
Reg HKLM\SOFTWARE\Classes\CLSID\{C3E67C84-FF81-4ACD-401BD333BA56E9EA}\{F4E9985F-0D7B-FE76-62CD8C76B0126B78}\{BB457FA5-4647-F88E-4919FBC3754B9322}@KGHQ1WVPMWYCTK5FHYUB2KQRGA1 0x01 0x00 0x01 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\System32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...

---- EOF - GMER 1.0.15 ----

Edited by jrodfoo, 24 September 2011 - 09:03 PM.

  • 0

#5
maliprog
Posted 25 September 2011 - 11:52 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jrodfoo,

OK. Let's do some more scans and try to find problem.

Step 1

Please read carefully and follow these steps.

Download TDSSKiller.zip from Kaspersky and save it to your Desktop.
  • Extract the zip file to its own folder.
  • Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
  • Click Start scan to start scanning.
  • If infection is detected, the default setting for "action" should be Cure
    • (If suspicious file is detected please click on it and change it to Skip).
  • Click Continue button
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post in your next reply
Step 3

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Step 4

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • aswMBR log
  • Combofix log
It would be helpful if you could post each log in separate post
  • 0

#6
jrodfoo
Posted 27 September 2011 - 05:52 AM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi, here is the TDSSKiller.log I cannot open Mozilla Firefox now, it's saying there is a process running but there is not. I even uninstalled and reinstalled firefox and it's still saying this. I've rebooted multiple times as well. Using IE for now.


07:46:32.0352 3416 TDSS rootkit removing tool 2.6.1.0 Sep 26 2011 09:21:32
07:46:34.0355 3416 ============================================================
07:46:34.0355 3416 Current date / time: 2011/09/27 07:46:34.0355
07:46:34.0355 3416 SystemInfo:
07:46:34.0355 3416
07:46:34.0355 3416 OS Version: 5.1.2600 ServicePack: 3.0
07:46:34.0355 3416 Product type: Workstation
07:46:34.0355 3416 ComputerName: JERROD
07:46:34.0355 3416 UserName: Jerrod
07:46:34.0355 3416 Windows directory: C:\WINDOWS
07:46:34.0355 3416 System windows directory: C:\WINDOWS
07:46:34.0355 3416 Processor architecture: Intel x86
07:46:34.0355 3416 Number of processors: 1
07:46:34.0355 3416 Page size: 0x1000
07:46:34.0355 3416 Boot type: Normal boot
07:46:34.0355 3416 ============================================================
07:46:37.0350 3416 Initialize success
07:46:49.0988 2620 ============================================================
07:46:49.0988 2620 Scan started
07:46:49.0988 2620 Mode: Manual;
07:46:49.0988 2620 ============================================================
07:46:51.0129 2620 Abiosdsk - ok
07:46:51.0209 2620 abp480n5 - ok
07:46:51.0390 2620 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:46:51.0390 2620 ACPI - ok
07:46:51.0510 2620 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:46:51.0520 2620 ACPIEC - ok
07:46:51.0590 2620 adpu160m - ok
07:46:51.0640 2620 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:46:51.0650 2620 aec - ok
07:46:51.0710 2620 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
07:46:51.0720 2620 AFD - ok
07:46:51.0760 2620 Aha154x - ok
07:46:51.0800 2620 aic78u2 - ok
07:46:51.0850 2620 aic78xx - ok
07:46:51.0941 2620 ALiAGP (0ca67bfc10aa62550d2a757891cb8b18) C:\WINDOWS\system32\DRIVERS\ALiAGP.sys
07:46:51.0961 2620 ALiAGP - ok
07:46:52.0001 2620 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
07:46:52.0011 2620 AliIde - ok
07:46:52.0101 2620 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
07:46:52.0101 2620 AmdK7 - ok
07:46:52.0141 2620 amsint - ok
07:46:52.0191 2620 AN983 (116bff96077a4a724e0aab800525ceb5) C:\WINDOWS\system32\DRIVERS\AN983.sys
07:46:52.0191 2620 AN983 - ok
07:46:52.0261 2620 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:46:52.0261 2620 Arp1394 - ok
07:46:52.0301 2620 asc - ok
07:46:52.0351 2620 asc3350p - ok
07:46:52.0391 2620 asc3550 - ok
07:46:52.0471 2620 aslm75 (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
07:46:52.0471 2620 aslm75 - ok
07:46:52.0531 2620 ASPI (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
07:46:52.0531 2620 ASPI - ok
07:46:52.0581 2620 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\Aspi32.sys
07:46:52.0581 2620 Aspi32 - ok
07:46:52.0652 2620 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:46:52.0672 2620 AsyncMac - ok
07:46:52.0712 2620 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:46:52.0712 2620 atapi - ok
07:46:52.0752 2620 Atdisk - ok
07:46:52.0832 2620 ati2mpad (f3e3f01fbcc0d86180c64d9036e00db4) C:\WINDOWS\system32\DRIVERS\ati2mpad.sys
07:46:52.0862 2620 ati2mpad - ok
07:46:52.0952 2620 atirage3 (79e888ccceafb49764b254c2537f1afb) C:\WINDOWS\system32\DRIVERS\atimpae.sys
07:46:52.0972 2620 atirage3 - ok
07:46:53.0102 2620 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:46:53.0112 2620 Atmarpc - ok
07:46:53.0162 2620 ATWPKT2 - ok
07:46:53.0262 2620 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:46:53.0262 2620 audstub - ok
07:46:53.0343 2620 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:46:53.0353 2620 Beep - ok
07:46:53.0463 2620 BENDER (fc6d0c2f327a5f716fdfdc24a305aceb) C:\WINDOWS\system32\drivers\bender.sys
07:46:53.0473 2620 BENDER - ok
07:46:53.0573 2620 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
07:46:53.0583 2620 Bridge - ok
07:46:53.0593 2620 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
07:46:53.0593 2620 BridgeMP - ok
07:46:53.0683 2620 Bulk503 - ok
07:46:53.0763 2620 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:46:53.0773 2620 cbidf2k - ok
07:46:53.0903 2620 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:46:53.0913 2620 CCDECODE - ok
07:46:54.0004 2620 cd20xrnt - ok
07:46:54.0104 2620 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:46:54.0104 2620 Cdaudio - ok
07:46:54.0194 2620 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:46:54.0204 2620 Cdfs - ok
07:46:54.0264 2620 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:46:54.0274 2620 Cdrom - ok
07:46:54.0334 2620 Changer - ok
07:46:54.0454 2620 CmdIde - ok
07:46:54.0554 2620 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\WINDOWS\system32\Drivers\COH_Mon.sys
07:46:54.0564 2620 COH_Mon - ok
07:46:54.0664 2620 COMMONFX.DLL (1ef05b641e9a67ded74ac8ad40055dbf) C:\WINDOWS\system32\COMMONFX.DLL
07:46:54.0674 2620 COMMONFX.DLL - ok
07:46:54.0795 2620 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\WINDOWS\system32\drivers\CO_Mon.sys
07:46:54.0805 2620 CO_Mon - ok
07:46:54.0845 2620 Cpqarray - ok
07:46:54.0985 2620 CT20XUT.DLL (6191a973461852a09d643609e1d5f7c6) C:\WINDOWS\system32\CT20XUT.DLL
07:46:55.0005 2620 CT20XUT.DLL - ok
07:46:55.0125 2620 ctac32k (8ac5f77e30e37d2d11bd99eff0c53d8c) C:\WINDOWS\system32\drivers\ctac32k.sys
07:46:55.0145 2620 ctac32k - ok
07:46:55.0245 2620 ctaud2k (673241d314e932f4890509ae8ebf26db) C:\WINDOWS\system32\drivers\ctaud2k.sys
07:46:55.0255 2620 ctaud2k - ok
07:46:55.0345 2620 CTAUDFX.DLL (472b82d7e549e7fab428852e4d16f21d) C:\WINDOWS\system32\CTAUDFX.DLL
07:46:55.0365 2620 CTAUDFX.DLL - ok
07:46:55.0516 2620 ctdvda2k (ed316d4c3d39c5b6c23de067e275c183) C:\WINDOWS\system32\drivers\ctdvda2k.sys
07:46:59.0101 2620 ctdvda2k - ok
07:46:59.0251 2620 CTEAPSFX.DLL (6a57f82009563aee8826f117e1d3c72c) C:\WINDOWS\system32\CTEAPSFX.DLL
07:46:59.0271 2620 CTEAPSFX.DLL - ok
07:46:59.0351 2620 CTEDSPFX.DLL (c8ac1ffaeadd655193d7b1811a572d8d) C:\WINDOWS\system32\CTEDSPFX.DLL
07:46:59.0381 2620 CTEDSPFX.DLL - ok
07:46:59.0451 2620 CTEDSPIO.DLL (44495d9daf675257d00b25b041ee6667) C:\WINDOWS\system32\CTEDSPIO.DLL
07:46:59.0471 2620 CTEDSPIO.DLL - ok
07:46:59.0572 2620 CTEDSPSY.DLL (8e90b1762cb42e2fc76dac9210c83c66) C:\WINDOWS\system32\CTEDSPSY.DLL
07:46:59.0622 2620 CTEDSPSY.DLL - ok
07:46:59.0692 2620 CTERFXFX.DLL (d3fbd9983325435b06795f29cb57ed3d) C:\WINDOWS\system32\CTERFXFX.DLL
07:46:59.0742 2620 CTERFXFX.DLL - ok
07:46:59.0892 2620 CTEXFIFX.DLL (2c48e9d8ca703964463f27ae341115b7) C:\WINDOWS\system32\CTEXFIFX.DLL
07:47:00.0002 2620 CTEXFIFX.DLL - ok
07:47:00.0102 2620 CTHWIUT.DLL (f7657c598e7c29c6683c1e4a8dd68884) C:\WINDOWS\system32\CTHWIUT.DLL
07:47:00.0192 2620 CTHWIUT.DLL - ok
07:47:00.0273 2620 ctprxy2k (34e7f8a499fd8361df14fedb724c0ad3) C:\WINDOWS\system32\drivers\ctprxy2k.sys
07:47:00.0273 2620 ctprxy2k - ok
07:47:00.0373 2620 CTSBLFX.DLL (679ae21eb7f48a08184813aebabdec7c) C:\WINDOWS\system32\CTSBLFX.DLL
07:47:00.0413 2620 CTSBLFX.DLL - ok
07:47:00.0513 2620 ctsfm2k (32098497cb4dfe9ea7660fa62dd91060) C:\WINDOWS\system32\drivers\ctsfm2k.sys
07:47:00.0523 2620 ctsfm2k - ok
07:47:00.0623 2620 dac2w2k - ok
07:47:00.0683 2620 dac960nt - ok
07:47:00.0823 2620 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
07:47:00.0843 2620 Disk - ok
07:47:01.0004 2620 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:47:01.0064 2620 dmboot - ok
07:47:01.0174 2620 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:47:01.0194 2620 dmio - ok
07:47:01.0274 2620 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:47:01.0294 2620 dmload - ok
07:47:01.0384 2620 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
07:47:01.0384 2620 DMusic - ok
07:47:01.0454 2620 dpti2o - ok
07:47:01.0544 2620 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
07:47:01.0544 2620 drmkaud - ok
07:47:01.0695 2620 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
07:47:01.0705 2620 eeCtrl - ok
07:47:01.0815 2620 emupia (2885f72d2daffd0329272f12e16d6579) C:\WINDOWS\system32\drivers\emupia2k.sys
07:47:01.0815 2620 emupia - ok
07:47:01.0865 2620 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
07:47:01.0875 2620 EraserUtilRebootDrv - ok
07:47:01.0995 2620 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
07:47:02.0205 2620 Fastfat - ok
07:47:02.0325 2620 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
07:47:02.0325 2620 Fdc - ok
07:47:02.0406 2620 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
07:47:02.0406 2620 Fips - ok
07:47:02.0476 2620 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:47:02.0476 2620 Flpydisk - ok
07:47:02.0546 2620 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
07:47:02.0556 2620 FltMgr - ok
07:47:02.0626 2620 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:47:02.0636 2620 Fs_Rec - ok
07:47:02.0706 2620 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:47:02.0726 2620 Ftdisk - ok
07:47:02.0816 2620 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
07:47:02.0816 2620 gameenum - ok
07:47:02.0906 2620 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:47:02.0906 2620 GEARAspiWDM - ok
07:47:02.0966 2620 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:47:02.0966 2620 Gpc - ok
07:47:03.0147 2620 GPWADrv (8b70e4e9ee5fccdab0919aa6d58be6ec) C:\WINDOWS\system32\Drivers\GPWADrv.sys
07:47:03.0197 2620 GPWADrv - ok
07:47:03.0327 2620 ha10kx2k (da2c735b66d2e7b739f9a46146581a9d) C:\WINDOWS\system32\drivers\ha10kx2k.sys
07:47:03.0367 2620 ha10kx2k - ok
07:47:03.0467 2620 hap16v2k (5c7d6d68796e4621b4168c879908dae0) C:\WINDOWS\system32\drivers\hap16v2k.sys
07:47:03.0487 2620 hap16v2k - ok
07:47:03.0607 2620 hap17v2k (a595b88ad16d8b5693ddf08113caf30e) C:\WINDOWS\system32\drivers\hap17v2k.sys
07:47:03.0627 2620 hap17v2k - ok
07:47:03.0748 2620 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:47:03.0758 2620 HidUsb - ok
07:47:03.0828 2620 hpn - ok
07:47:03.0918 2620 hpt3xx - ok
07:47:04.0018 2620 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:47:04.0028 2620 HPZid412 - ok
07:47:04.0148 2620 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:47:04.0158 2620 HPZipr12 - ok
07:47:04.0248 2620 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:47:04.0258 2620 HPZius12 - ok
07:47:04.0358 2620 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
07:47:04.0368 2620 HTTP - ok
07:47:04.0439 2620 i2omgmt - ok
07:47:04.0519 2620 i2omp - ok
07:47:04.0659 2620 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:47:04.0669 2620 i8042prt - ok
07:47:04.0739 2620 Icam4USB (68ff0ec93bf4724e285bf28d987d5ac9) C:\WINDOWS\system32\Drivers\Icam4USB.sys
07:47:04.0759 2620 Icam4USB - ok
07:47:04.0849 2620 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
07:47:04.0849 2620 Imapi - ok
07:47:04.0909 2620 ini910u - ok
07:47:04.0959 2620 IntelIde - ok
07:47:05.0039 2620 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
07:47:05.0059 2620 ip6fw - ok
07:47:05.0140 2620 IPFilter (9ea02e03ed52d25551a6e46cf3b94b01) C:\WINDOWS\system32\DRIVERS\IPFilter.sys
07:47:05.0150 2620 IPFilter - ok
07:47:05.0190 2620 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:47:05.0190 2620 IpFilterDriver - ok
07:47:05.0240 2620 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:47:05.0260 2620 IpInIp - ok
07:47:05.0320 2620 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:47:05.0330 2620 IpNat - ok
07:47:05.0400 2620 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:47:05.0410 2620 IPSec - ok
07:47:05.0470 2620 IPVNMon - ok
07:47:05.0570 2620 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:47:05.0580 2620 IRENUM - ok
07:47:05.0680 2620 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:47:05.0690 2620 isapnp - ok
07:47:05.0780 2620 ISO503 - ok
07:47:05.0881 2620 itchfltr (8f1ba487b35f0c8f637e05113aa815f8) C:\WINDOWS\system32\DRIVERS\itchfltr.sys
07:47:05.0881 2620 itchfltr - ok
07:47:05.0981 2620 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:47:05.0991 2620 Kbdclass - ok
07:47:06.0121 2620 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
07:47:06.0131 2620 kmixer - ok
07:47:06.0231 2620 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
07:47:06.0241 2620 KSecDD - ok
07:47:06.0401 2620 L6DP (eda48947f36953fe4ab8c7f6645e21c2) C:\WINDOWS\system32\Drivers\l6dp.sys
07:47:06.0401 2620 L6DP - ok
07:47:06.0481 2620 L8042Kbd (f3a17f3fd54ca73c0bcbcc3fe0c47e13) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
07:47:06.0501 2620 L8042Kbd - ok
07:47:06.0552 2620 L8042mou (dba4170da935937a9d8aca5b09df0845) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
07:47:06.0562 2620 L8042mou - ok
07:47:06.0732 2620 L8042pr2 (733ececf4371ac99410ee0f00bfd51e7) C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
07:47:06.0742 2620 L8042pr2 - ok
07:47:06.0852 2620 lbrtfdc - ok
07:47:07.0042 2620 LMouFlt2 (128f0b4cd156872d440ae77202923a32) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
07:47:07.0092 2620 LMouFlt2 - ok
07:47:07.0243 2620 LMouKE (ec7ac2fb252b0854daabbe3d21da6660) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
07:47:07.0253 2620 LMouKE - ok
07:47:07.0333 2620 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
07:47:07.0343 2620 MarvinBus - ok
07:47:07.0433 2620 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
07:47:07.0433 2620 MBAMProtector - ok
07:47:07.0553 2620 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:47:07.0553 2620 mnmdd - ok
07:47:07.0643 2620 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
07:47:07.0663 2620 Modem - ok
07:47:07.0733 2620 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:47:07.0733 2620 Mouclass - ok
07:47:07.0843 2620 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:47:07.0863 2620 mouhid - ok
07:47:08.0014 2620 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
07:47:08.0024 2620 MountMgr - ok
07:47:08.0114 2620 mraid35x - ok
07:47:08.0224 2620 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
07:47:08.0244 2620 MREMP50 - ok
07:47:08.0264 2620 MREMPR5 - ok
07:47:08.0284 2620 MRENDIS5 - ok
07:47:08.0314 2620 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
07:47:08.0324 2620 MRESP50 - ok
07:47:08.0374 2620 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:47:08.0394 2620 MRxDAV - ok
07:47:08.0524 2620 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:47:08.0534 2620 MRxSmb - ok
07:47:08.0625 2620 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
07:47:08.0625 2620 Msfs - ok
07:47:08.0735 2620 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:47:08.0745 2620 MSKSSRV - ok
07:47:08.0845 2620 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:47:08.0855 2620 MSPCLOCK - ok
07:47:08.0945 2620 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
07:47:08.0955 2620 MSPQM - ok
07:47:09.0085 2620 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:47:09.0085 2620 mssmbios - ok
07:47:09.0165 2620 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
07:47:09.0175 2620 MSTEE - ok
07:47:09.0265 2620 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
07:47:09.0275 2620 Mup - ok
07:47:09.0366 2620 MxlW2k (88f57a15b786bf2af9458f7903768085) C:\WINDOWS\system32\drivers\MxlW2k.sys
07:47:09.0376 2620 MxlW2k - ok
07:47:09.0466 2620 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:47:09.0486 2620 NABTSFEC - ok
07:47:09.0646 2620 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110926.019\NAVENG.SYS
07:47:09.0656 2620 NAVENG - ok
07:47:09.0766 2620 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110926.019\NAVEX15.SYS
07:47:10.0077 2620 NAVEX15 - ok
07:47:10.0327 2620 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
07:47:10.0477 2620 NDIS - ok
07:47:10.0527 2620 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:47:10.0667 2620 NdisIP - ok
07:47:10.0718 2620 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:47:10.0738 2620 NdisTapi - ok
07:47:10.0788 2620 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:47:10.0788 2620 Ndisuio - ok
07:47:10.0878 2620 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:47:10.0898 2620 NdisWan - ok
07:47:10.0978 2620 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
07:47:10.0988 2620 NDProxy - ok
07:47:11.0128 2620 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:47:11.0138 2620 NetBIOS - ok
07:47:11.0278 2620 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:47:11.0298 2620 NetBT - ok
07:47:11.0499 2620 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:47:11.0519 2620 NIC1394 - ok
07:47:11.0609 2620 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
07:47:11.0659 2620 nm - ok
07:47:11.0759 2620 NPF (74a1d72a79a58436159c924cc34f1c1d) C:\WINDOWS\system32\drivers\npf.sys
07:47:11.0819 2620 NPF - ok
07:47:11.0879 2620 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
07:47:11.0889 2620 Npfs - ok
07:47:11.0989 2620 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
07:47:12.0079 2620 Ntfs - ok
07:47:12.0190 2620 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:47:12.0210 2620 Null - ok
07:47:13.0281 2620 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
07:47:14.0513 2620 nv - ok
07:47:14.0713 2620 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:47:14.0773 2620 NwlnkFlt - ok
07:47:14.0884 2620 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:47:14.0904 2620 NwlnkFwd - ok
07:47:15.0184 2620 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:47:15.0194 2620 ohci1394 - ok
07:47:15.0274 2620 ossrv (61c85afeaa6ef0c1b32d43f84f7bfbcf) C:\WINDOWS\system32\drivers\ctoss2k.sys
07:47:15.0294 2620 ossrv - ok
07:47:15.0364 2620 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
07:47:15.0374 2620 Parport - ok
07:47:15.0424 2620 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
07:47:15.0464 2620 PartMgr - ok
07:47:15.0534 2620 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:47:15.0554 2620 ParVdm - ok
07:47:15.0635 2620 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
07:47:15.0665 2620 PCI - ok
07:47:15.0765 2620 PciCfg - ok
07:47:15.0815 2620 PCIDump - ok
07:47:15.0865 2620 PCIIde - ok
07:47:16.0135 2620 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
07:47:16.0165 2620 PCLEPCI - ok
07:47:16.0235 2620 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
07:47:16.0286 2620 Pcmcia - ok
07:47:16.0346 2620 PDCOMP - ok
07:47:16.0426 2620 PDFRAME - ok
07:47:16.0516 2620 PDRELI - ok
07:47:16.0616 2620 PDRFRAME - ok
07:47:16.0696 2620 perc2 - ok
07:47:16.0746 2620 perc2hib - ok
07:47:16.0846 2620 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
07:47:16.0856 2620 pfc - ok
07:47:16.0936 2620 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
07:47:17.0197 2620 PfModNT - ok
07:47:17.0477 2620 PinnacleMarvinUsb (69d758132ffdfc7ac8b0b2c3abcce877) C:\WINDOWS\system32\DRIVERS\MarvinUsb.sys
07:47:17.0557 2620 PinnacleMarvinUsb - ok
07:47:17.0658 2620 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:47:17.0678 2620 PptpMiniport - ok
07:47:17.0768 2620 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
07:47:17.0788 2620 Processor - ok
07:47:17.0938 2620 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:47:17.0958 2620 Ptilink - ok
07:47:18.0098 2620 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
07:47:18.0128 2620 PxHelp20 - ok
07:47:18.0178 2620 ql1080 - ok
07:47:18.0228 2620 Ql10wnt - ok
07:47:18.0298 2620 ql12160 - ok
07:47:18.0328 2620 ql1240 - ok
07:47:18.0409 2620 ql1280 - ok
07:47:18.0499 2620 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:47:18.0509 2620 RasAcd - ok
07:47:18.0599 2620 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:47:18.0609 2620 Rasl2tp - ok
07:47:18.0689 2620 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:47:18.0689 2620 RasPppoe - ok
07:47:18.0759 2620 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:47:18.0759 2620 Raspti - ok
07:47:18.0839 2620 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:47:18.0849 2620 Rdbss - ok
07:47:18.0959 2620 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:47:18.0979 2620 RDPCDD - ok
07:47:19.0130 2620 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
07:47:19.0150 2620 RDPWD - ok
07:47:19.0250 2620 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:47:19.0270 2620 redbook - ok
07:47:19.0410 2620 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys
07:47:19.0410 2620 rspndr - ok
07:47:19.0550 2620 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:47:19.0560 2620 Secdrv - ok
07:47:19.0680 2620 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
07:47:19.0690 2620 serenum - ok
07:47:19.0741 2620 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
07:47:19.0751 2620 Serial - ok
07:47:19.0861 2620 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
07:47:19.0871 2620 Sfloppy - ok
07:47:20.0011 2620 Simbad - ok
07:47:20.0111 2620 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:47:20.0161 2620 SLIP - ok
07:47:20.0231 2620 Sparrow - ok
07:47:20.0462 2620 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
07:47:20.0492 2620 SPBBCDrv - ok
07:47:20.0582 2620 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
07:47:20.0602 2620 splitter - ok
07:47:20.0692 2620 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
07:47:20.0702 2620 sr - ok
07:47:20.0782 2620 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\WINDOWS\system32\Drivers\SRTSP.SYS
07:47:20.0802 2620 SRTSP - ok
07:47:20.0912 2620 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
07:47:20.0952 2620 SRTSPL - ok
07:47:21.0032 2620 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
07:47:21.0052 2620 SRTSPX - ok
07:47:21.0183 2620 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
07:47:21.0203 2620 Srv - ok
07:47:21.0313 2620 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:47:21.0323 2620 streamip - ok
07:47:21.0473 2620 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
07:47:21.0583 2620 SVKP - ok
07:47:21.0733 2620 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:47:21.0743 2620 swenum - ok
07:47:21.0813 2620 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
07:47:21.0824 2620 swmidi - ok
07:47:21.0914 2620 symc810 - ok
07:47:21.0994 2620 symc8xx - ok
07:47:22.0124 2620 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
07:47:22.0124 2620 SYMDNS - ok
07:47:22.0234 2620 SymEvent (06b95820df51502099a8a15c93e87986) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
07:47:22.0264 2620 SymEvent - ok
07:47:22.0314 2620 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\WINDOWS\System32\Drivers\SYMFW.SYS
07:47:22.0314 2620 SYMFW - ok
07:47:22.0364 2620 SYMIDS (23527b9cd4f7b9e31160e98d340e7e85) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
07:47:22.0374 2620 SYMIDS - ok
07:47:22.0665 2620 SYMIDSCO (2133d1f879b280121b0e6a7d34b24a02) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20110921.001\SymIDSCo.sys
07:47:22.0675 2620 SYMIDSCO - ok
07:47:22.0755 2620 SymIM (b54f7959afb4aaf1a8c589b0aa7fde02) C:\WINDOWS\system32\DRIVERS\SymIM.sys
07:47:22.0765 2620 SymIM - ok
07:47:22.0785 2620 SymIMMP (b54f7959afb4aaf1a8c589b0aa7fde02) C:\WINDOWS\system32\DRIVERS\SymIM.sys
07:47:22.0785 2620 SymIMMP - ok
07:47:22.0845 2620 SYMNDIS (d605af3a380a83f4a562f1ad3ee19ecd) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
07:47:22.0855 2620 SYMNDIS - ok
07:47:22.0895 2620 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
07:47:22.0895 2620 SYMREDRV - ok
07:47:23.0045 2620 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
07:47:23.0095 2620 SYMTDI - ok
07:47:23.0165 2620 sym_hi - ok
07:47:23.0256 2620 sym_u3 - ok
07:47:23.0446 2620 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
07:47:23.0466 2620 sysaudio - ok
07:47:23.0616 2620 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
07:47:23.0646 2620 taphss - ok
07:47:23.0756 2620 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:47:23.0796 2620 Tcpip - ok
07:47:23.0957 2620 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:47:23.0977 2620 TDPIPE - ok
07:47:24.0117 2620 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
07:47:24.0157 2620 TDTCP - ok
07:47:24.0317 2620 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:47:24.0327 2620 TermDD - ok
07:47:24.0397 2620 TosIde - ok
07:47:24.0527 2620 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
07:47:24.0557 2620 TVICHW32 - ok
07:47:24.0668 2620 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
07:47:24.0678 2620 Udfs - ok
07:47:24.0828 2620 ultra - ok
07:47:24.0918 2620 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
07:47:24.0938 2620 Update - ok
07:47:25.0128 2620 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:47:25.0168 2620 usbccgp - ok
07:47:25.0238 2620 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:47:25.0248 2620 usbehci - ok
07:47:25.0329 2620 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:47:25.0359 2620 usbhub - ok
07:47:25.0499 2620 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
07:47:25.0519 2620 usbohci - ok
07:47:25.0679 2620 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:47:25.0709 2620 usbprint - ok
07:47:25.0789 2620 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:47:25.0839 2620 usbscan - ok
07:47:25.0919 2620 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:47:25.0939 2620 USBSTOR - ok
07:47:26.0030 2620 USRpdA (497f2190e87d58fd68e559e083796edc) C:\WINDOWS\system32\DRIVERS\USRpdA.sys
07:47:26.0050 2620 USRpdA - ok
07:47:26.0180 2620 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
07:47:26.0180 2620 VgaSave - ok
07:47:26.0300 2620 ViaIde - ok
07:47:26.0410 2620 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\WINDOWS\system32\DRIVERS\VNUSB.sys
07:47:26.0430 2620 VNUSB - ok
07:47:26.0530 2620 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
07:47:26.0540 2620 VolSnap - ok
07:47:26.0701 2620 vpnva (e1f2333a88ec4a5c8ea6be357323b72d) C:\WINDOWS\system32\DRIVERS\vpnva.sys
07:47:26.0721 2620 vpnva - ok
07:47:26.0841 2620 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:47:26.0841 2620 Wanarp - ok
07:47:26.0901 2620 wanatw - ok
07:47:26.0941 2620 WDICA - ok
07:47:27.0021 2620 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
07:47:27.0031 2620 wdmaud - ok
07:47:27.0201 2620 WrKPoET2000 - ok
07:47:27.0281 2620 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:47:27.0311 2620 WS2IFSL - ok
07:47:27.0392 2620 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:47:27.0422 2620 WSTCODEC - ok
07:47:27.0502 2620 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:47:27.0522 2620 WudfPf - ok
07:47:27.0662 2620 xlink (05a74d2be6f493c65d7221d1d0e8a23c) C:\WINDOWS\system32\Drivers\xlink.sys
07:47:27.0702 2620 xlink - ok
07:47:27.0782 2620 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk0\DR0
07:47:28.0884 2620 \Device\Harddisk0\DR0 - ok
07:47:28.0904 2620 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
07:47:29.0915 2620 \Device\Harddisk1\DR1 - ok
07:47:29.0945 2620 Boot (0x1200) (9a77604c1e13e35dae6841ca2b702fc6) \Device\Harddisk0\DR0\Partition0
07:47:29.0945 2620 \Device\Harddisk0\DR0\Partition0 - ok
07:47:29.0955 2620 Boot (0x1200) (ac04a91530d6146fad291119b0ba0267) \Device\Harddisk1\DR1\Partition0
07:47:29.0955 2620 \Device\Harddisk1\DR1\Partition0 - ok
07:47:29.0965 2620 ============================================================
07:47:29.0965 2620 Scan finished
07:47:29.0965 2620 ============================================================
07:47:30.0015 2800 Detected object count: 0
07:47:30.0015 2800 Actual detected object count: 0
  • 0

#7
jrodfoo
Posted 27 September 2011 - 03:46 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here is the ASWMBR Log

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-27 07:53:27
-----------------------------
07:53:27.079 OS Version: Windows 5.1.2600 Service Pack 3
07:53:27.079 Number of processors: 1 586 0x801
07:53:27.079 ComputerName: JERROD UserName: Jerrod
07:53:30.373 Initialize success
07:54:15.729 AVAST engine defs: 11092700
07:54:49.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
07:54:49.437 Disk 0 Vendor: WDC_WD1200JB-00GVA0 08.02D08 Size: 114473MB BusType: 3
07:54:49.437 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
07:54:49.437 Disk 1 Vendor: WDC_WD1200JB-00EVA0 15.05R15 Size: 114473MB BusType: 3
07:54:51.450 Disk 0 MBR read successfully
07:54:51.460 Disk 0 MBR scan
07:54:51.530 Disk 0 unknown MBR code
07:54:51.540 Disk 0 scanning sectors +234436545
07:54:51.600 Disk 0 scanning C:\WINDOWS\system32\drivers
07:55:26.721 Service scanning
07:55:28.593 Modules scanning
07:55:34.412 Disk 0 trace - called modules:
07:55:34.422 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys aliide.sys PCIIDEX.SYS
07:55:34.772 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87355ab8]
07:55:34.772 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\00000080[0x873d1f18]
07:55:34.772 5 ACPI.sys[f743e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x873dd940]
07:55:35.563 AVAST engine scan C:\WINDOWS
07:56:26.346 AVAST engine scan C:\WINDOWS\system32
08:02:07.657 AVAST engine scan C:\WINDOWS\system32\drivers
08:02:54.955 AVAST engine scan C:\Documents and Settings\Jerrod
08:38:02.736 File: C:\Documents and Settings\Jerrod\My Documents\Software\No 1 Video Converter 4.1.6\keygen.exe **INFECTED** Win32:Agent-ADAI [Trj]
08:41:36.664 AVAST engine scan C:\Documents and Settings\All Users
08:49:08.914 Scan finished successfully
17:44:09.192 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jerrod\Desktop\MBR.dat"
17:44:09.202 The log file has been saved successfully to "C:\Documents and Settings\Jerrod\Desktop\aswMBR.txt"
  • 0

#8
jrodfoo
Posted 27 September 2011 - 04:52 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
and here is the ComboFix.log. I was able to create a new Firefox profile and that is now working flawlessly.

CPU usage is not at 100%. I will report if the freezing and copy and paste is occuring while I browse tonight. Let me know if you need anything else from me.

I appreciate it!



ComboFix 11-09-27.01 - Jerrod 09/27/2011 17:59:01.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.268 [GMT -4:00]
Running from: c:\documents and settings\Jerrod\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *Enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\DirectCDUserName.txt
c:\documents and settings\All Users\Application Data\DragToDiscUserNameD.txt
c:\documents and settings\Jerrod\a.exe
c:\documents and settings\Jerrod\Application Data\ApplicationHistory
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\cr_ss30.exe.5aceff20.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\cr_ss30.exe.da00a9be.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\csc.exe.3e4ac0af.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\hpqimvac.exe.290054de.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\HpqPhUnl.exe.e1eda619.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\hpqpos.exe.2a8da59e.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\hpqselsk.exe.a048b05c.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\MLBAMPlayer.exe.1daadbe9.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\MLBAMPlayer.exe.e28b2e43.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\MLBAppStart.exe.8a6d4c17.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\MLBAppStart.exe.c58cf9bd.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\PMSRegisterFile.exe.475efe81.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\SL134.tmp.b9bb779e.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\SL22E.tmp.79f83411.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\SLFE4.tmp.6549d6a1.ini
c:\documents and settings\Jerrod\Application Data\ApplicationHistory\V2iConsole.exe.d0f5fbc6.ini
c:\documents and settings\Jerrod\My Documents\DPE.DUS
c:\documents and settings\Jerrod\WINDOWS
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\INSTALL.LOG
c:\program files\WinPCap\NetMonInstaller.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\program files\WinPCap\Uninstall.exe
c:\windows\Downloaded Program Files\RdxIE.dll
c:\windows\Downloaded Program Files\temp
c:\windows\ehome\snchk.exe
c:\windows\help\wmplayer.bak
c:\windows\system\Color
c:\windows\system\Color\15GA.icm
c:\windows\system\Color\15GS-3.icm
c:\windows\system\Color\15GS.icm
c:\windows\system\Color\17EA.icm
c:\windows\system\Color\17GA-2.icm
c:\windows\system\Color\17GA.icm
c:\windows\system\Color\17GS-2.icm
c:\windows\system\Color\17GS.icm
c:\windows\system\Color\17PS-2.icm
c:\windows\system\Color\17PS.icm
c:\windows\system\Color\21ps-2.icm
c:\windows\system\Color\21PS.icm
c:\windows\system\Color\E40-2.icm
c:\windows\system\Color\e40-3.icm
c:\windows\system\Color\E40.icm
c:\windows\system\Color\E41.icm
c:\windows\system\Color\e50.icm
c:\windows\system\Color\E51.icm
c:\windows\system\Color\E641-2.ICM
c:\windows\system\Color\E641-3.icm
c:\windows\system\Color\E651-2.icm
c:\windows\system\Color\E651-3.icm
c:\windows\system\Color\E651.icm
c:\windows\system\Color\e653.icm
c:\windows\system\Color\E655-2.icm
c:\windows\system\Color\E655-3.icm
c:\windows\system\Color\e70.icm
c:\windows\system\Color\E71.icm
c:\windows\system\Color\E771-2.icm
c:\windows\system\Color\E771.ICM
c:\windows\system\Color\e773.icm
c:\windows\system\Color\e790.icm
c:\windows\system\Color\e790b.icm
c:\windows\system\Color\EA771.ICM
c:\windows\system\Color\EA771B.ICM
c:\windows\system\Color\G653-2.icm
c:\windows\system\Color\G653.icm
c:\windows\system\Color\g655.icm
c:\windows\system\Color\G771.icm
c:\windows\system\Color\G773-2.icm
c:\windows\system\Color\g773.icm
c:\windows\system\Color\G790.icm
c:\windows\system\Color\G800.icm
c:\windows\system\Color\G810-2.icm
c:\windows\system\Color\G810.icm
c:\windows\system\Color\GA655.ICM
c:\windows\system\Color\GA771.icm
c:\windows\system\Color\gf775.icm
c:\windows\system\Color\GS771.ICM
c:\windows\system\Color\gs773.icm
c:\windows\system\Color\gt775-3.icm
c:\windows\system\Color\GT775.icm
c:\windows\system\Color\GT800.icm
c:\windows\system\Color\m50.icm
c:\windows\system\Color\m70.icm
c:\windows\system\Color\mb110.icm
c:\windows\system\Color\MB50.icm
c:\windows\system\Color\MB70.icm
c:\windows\system\Color\MB90.icm
c:\windows\system\Color\P655.ICM
c:\windows\system\Color\p775.icm
c:\windows\system\Color\P795.icm
c:\windows\system\Color\P810-2.icm
c:\windows\system\Color\P810-3.icm
c:\windows\system\Color\p810-4.icm
c:\windows\system\Color\P810.icm
c:\windows\system\Color\p815-4.icm
c:\windows\system\Color\P815.icm
c:\windows\system\Color\p817-e.icm
c:\windows\system\Color\P817.icm
c:\windows\system\Color\Pj1000.icm
c:\windows\system\Color\PJ1060.icm
c:\windows\system\Color\pj1200.icm
c:\windows\system\Color\pj800.icm
c:\windows\system\Color\pj820.icm
c:\windows\system\Color\pj850.icm
c:\windows\system\Color\pj860.icm
c:\windows\system\Color\pjl1035.icm
c:\windows\system\Color\Pjl802.icm
c:\windows\system\Color\ps775-2.icm
c:\windows\system\Color\ps775.icm
c:\windows\system\Color\ps790-2.icm
c:\windows\system\Color\ps790.icm
c:\windows\system\Color\pt770.icm
c:\windows\system\Color\PT771.ICM
c:\windows\system\Color\pt775-6.icm
c:\windows\system\Color\PT775.icm
c:\windows\system\Color\pt795.icm
c:\windows\system\Color\PT810-2.icm
c:\windows\system\Color\PT810-3.icm
c:\windows\system\Color\PT810.icm
c:\windows\system\Color\pt813.icm
c:\windows\system\Color\ve150.icm
c:\windows\system\Color\ve151.icm
c:\windows\system\Color\vg150.icm
c:\windows\system\Color\vg180.icm
c:\windows\system\Color\vp140-2.icm
c:\windows\system\Color\vp140.icm
c:\windows\system\Color\VP150.icm
c:\windows\system\Color\VP151.icm
c:\windows\system\Color\VP181.icm
c:\windows\system\Color\vp190.icm
c:\windows\system\Color\VPA138.ICM
c:\windows\system\Color\VPA145.ICM
c:\windows\system\Color\vpa150.icm
c:\windows\system\Color\VPD150.icm
c:\windows\system\Color\vpd180.icm
c:\windows\system32\_000173_.tmp.dll
c:\windows\system32\_000187_.tmp.dll
c:\windows\system32\_000190_.tmp.dll
c:\windows\system32\_000193_.tmp.dll
c:\windows\system32\_000200_.tmp.dll
c:\windows\system32\_000211_.tmp.dll
c:\windows\system32\_000213_.tmp.dll
c:\windows\system32\_006322_.tmp.dll
c:\windows\system32\_006323_.tmp.dll
c:\windows\system32\_006324_.tmp.dll
c:\windows\system32\_006325_.tmp.dll
c:\windows\system32\_006332_.tmp.dll
c:\windows\system32\_006333_.tmp.dll
c:\windows\system32\_006334_.tmp.dll
c:\windows\system32\_006335_.tmp.dll
c:\windows\system32\_006337_.tmp.dll
c:\windows\system32\_006338_.tmp.dll
c:\windows\system32\_006341_.tmp.dll
c:\windows\system32\_006342_.tmp.dll
c:\windows\system32\_006344_.tmp.dll
c:\windows\system32\_006345_.tmp.dll
c:\windows\system32\_006346_.tmp.dll
c:\windows\system32\_006348_.tmp.dll
c:\windows\system32\_006351_.tmp.dll
c:\windows\system32\_006352_.tmp.dll
c:\windows\system32\_006356_.tmp.dll
c:\windows\system32\_006357_.tmp.dll
c:\windows\system32\_006359_.tmp.dll
c:\windows\system32\_006362_.tmp.dll
c:\windows\system32\_006364_.tmp.dll
c:\windows\system32\_006365_.tmp.dll
c:\windows\system32\_006366_.tmp.dll
c:\windows\system32\_006367_.tmp.dll
c:\windows\system32\_006368_.tmp.dll
c:\windows\system32\_006371_.tmp.dll
c:\windows\system32\_006372_.tmp.dll
c:\windows\system32\_006373_.tmp.dll
c:\windows\system32\_006374_.tmp.dll
c:\windows\system32\_006375_.tmp.dll
c:\windows\system32\_006380_.tmp.dll
c:\windows\system32\_006382_.tmp.dll
c:\windows\system32\_006383_.tmp.dll
c:\windows\system32\comct332.ocx
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\setup.ini
c:\windows\system32\Temp
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\system32\zip32.dll
c:\windows\tsoc.log
c:\windows\Web\default.htt
c:\windows\winhelp.ini
c:\windows\system32\gotomon.log . . . . Failed to delete
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-08-27 to 2011-09-27 )))))))))))))))))))))))))))))))
.
.
2011-09-27 11:41 . 2011-09-03 06:01 713016 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2011-09-25 22:25 . 2011-09-25 22:25 -------- d-----w- c:\documents and settings\Jerrod\Application Data\Malwarebytes
2011-09-25 22:24 . 2011-09-25 22:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-09-25 22:24 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-25 22:24 . 2011-09-25 22:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-25 20:53 . 2011-09-25 20:53 -------- d-----w- c:\documents and settings\Jerrod\Application Data\DDMSettings
2011-09-25 20:49 . 2011-09-25 20:51 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-09-25 20:46 . 2011-09-25 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2011-09-25 03:32 . 2011-09-25 03:32 -------- d-----w- c:\windows\system32\wbem\Repository
2011-09-24 19:38 . 2011-09-24 19:38 -------- d-----w- C:\_OTL
2011-09-17 04:38 . 2006-11-14 11:28 86016 ----a-w- c:\windows\system32\cttele.dll
2011-09-17 04:37 . 2011-09-17 04:37 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-17 04:37 . 2011-09-17 04:37 -------- d-----w- c:\documents and settings\Jerrod\Application Data\Creative
2011-09-17 04:37 . 2007-04-12 12:10 280320 ----a-w- c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPFX.DLL
2011-09-17 04:37 . 2007-04-12 12:10 168192 ----a-w- c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEAPSFX.DLL
2011-09-17 04:37 . 2007-04-12 12:10 560384 ----a-w- c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTSBLFX.DLL
2011-09-17 04:37 . 2007-04-12 12:10 546048 ----a-w- c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTAUDFX.DLL
2011-09-17 04:37 . 2007-04-18 12:59 98600 ----a-w- c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##COMMONFX.DLL
2011-09-17 03:57 . 2011-09-17 03:57 -------- d-----w- c:\documents and settings\All Users\Application Data\UAB
2011-09-17 03:56 . 2011-09-17 03:56 -------- d-----w- c:\documents and settings\Jerrod\Application Data\PC_Drivers_Headquarters
2011-09-17 03:55 . 2011-09-17 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2011-09-17 03:53 . 2011-09-17 03:53 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2011-09-15 03:34 . 2011-09-15 03:34 -------- d-----w- C:\NSS
2011-09-12 23:34 . 2011-09-12 23:34 -------- d-----w- C:\OutputFolder
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-03 10:17 . 2011-09-09 09:12 599040 ------w- c:\windows\system32\dllcache\crypt32.dll
2011-08-31 04:31 . 2011-08-31 04:31 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-31 04:26 . 2011-09-16 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-25 20:30 . 2011-05-18 03:40 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-17 04:37 . 2001-08-23 14:46 114688 ----a-w- c:\windows\system32\OpenAL32.dll
2011-09-09 09:12 . 2004-08-23 22:20 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-15 13:29 . 2008-08-31 22:17 456320 ------w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 15:20 . 2011-07-12 15:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 15:20 . 2011-07-12 15:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-08 14:02 . 2008-08-31 22:17 10496 ------w- c:\windows\system32\drivers\ndistapi.sys
2011-07-05 22:37 . 2011-07-05 22:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 22:37 . 2011-07-05 22:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2003-08-27 19:19 . 2005-01-16 21:54 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
2011-09-03 06:01 . 2011-09-27 11:41 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="c:\windows\Updreg.exe" [2000-05-11 90112]
"CTStartup"="c:\program files\Creative\SBAudigy\Program\CTEaxSpl.EXE" [2001-06-04 28672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"WD Button Manager"="WDBtnMgr.exe" [2005-07-25 331776]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 55824]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 1565696]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-05-27 273544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2006-10-22 86016]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToMyPC]
2007-06-20 15:09 10536 ----a-w- c:\program files\Citrix\GoToMyPC\G2WinLogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-01-09 16:30 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Detector 3.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Device Detector 3.lnk
backup=c:\windows\pss\Device Detector 3.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Swarmcast for MLB-TV-Mosaic.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Swarmcast for MLB-TV-Mosaic.lnk
backup=c:\windows\pss\Swarmcast for MLB-TV-Mosaic.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jerrod^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=c:\documents and settings\Jerrod\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=c:\windows\pss\PowerReg Scheduler.exeStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USRpdA]
c:\windows\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe]
2002-12-06 20:07 617984 ----a-w- c:\program files\ASUS\Probe\AsusProb.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
2001-10-10 17:59 270336 -c----w- c:\windows\SYSTEM32\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2005-01-12 18:54 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-17 03:11 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-08-19 05:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-04-20 19:52 28672 ----a-w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 14:50 155648 ----a-w- c:\windows\SYSTEM32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
2004-08-30 21:31 36864 ----a-w- c:\progra~1\Pinnacle\PPE\PPE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB2Check]
2004-09-21 16:22 73728 ----a-w- c:\windows\SYSTEM32\PCLECoInst.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2005-06-13 06:30 192512 ----a-w- c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"TaskTray"=c:\program files\Creative\SBAudigy\Taskbar\CTLTray.exe
"Taskbar"=c:\program files\Creative\SBAudigy\Taskbar\CTLTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TaskMonitor"=c:\windows\taskmon.exe
"Disc Detector"=c:\program files\Creative\ShareDLL\CtNotify.exe
"CTStartup"=c:\program files\CREATIVE\SBAUDIGY\PROGRAM\CTEaxSpl.EXE /run
"Jet Detection"=c:\program files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
"CTRegRun"=c:\windows\CTRegRun.EXE
"RealTray"=c:\program files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
"CreateCD50"=c:\progra~1\COMMON~1\ADAPTE~1\CREATECD\CREATE~1.EXE -r
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"ASUS Probe"=c:\program files\ASUS\Probe\AsusProb.exe
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"3Cmlink"=c:\windows\SYSTEM32\3CMLNKW.EXE
"AdaptecDirectCD"="c:\program files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
"WinampAgent"="c:\program files\WINAMP\WINAMPa.exe"
"TkBellExe"=c:\program files\Common Files\Real\Update_OB\evntsvc.exe -osboot
"NAV Agent"=c:\progra~1\NORTON~1\NAVAPW32.EXE
"Hotbar"=c:\program files\HOTBAR\BIN\3.0.8.0\HBINST.EXE /Upgrade
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"*StateMgr"=c:\windows\System\Restore\StateMgr.exe
"StillImageMonitor"=c:\windows\SYSTEM32\STIMON.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\mIRC\\mirc.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ahead\\Nero MediaHome\\NeroMediaHome.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\WM Recorder 10\\WMR90.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\PFPortChecker\\PFPortChecker.exe"=
"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"137:TCP"= 137:TCP:file sharing
"138:TCP"= 138:TCP:port2
"50000:UDP"= 50000:UDP:IHA_MessageCenter
"1034:TCP"= 1034:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 ALiAGP;ALi AGP Bus Filter Driver;c:\windows\SYSTEM32\DRIVERS\ALiAGP.SYS [3/17/2004 9:00 PM 23326]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/23/2004 6:19 PM 14336]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [10/13/2010 6:06 PM 151552]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2/18/2008 3:37 PM 149352]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/25/2011 6:24 PM 366152]
R2 SVKP;SVKP;c:\windows\SYSTEM32\SVKP.sys [12/6/2006 1:29 AM 2368]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 9:53 PM 24652]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [12/17/2009 6:32 PM 497856]
R3 BENDER;Pinnacle DV/AV Capture;c:\windows\SYSTEM32\DRIVERS\bender.sys [7/9/2003 3:35 PM 203264]
R3 COH_Mon;COH_Mon;c:\windows\SYSTEM32\DRIVERS\COH_Mon.sys [1/12/2008 10:32 PM 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/25/2011 12:17 AM 105592]
R3 L6DP;L6DP;c:\windows\SYSTEM32\DRIVERS\l6dp.sys [10/7/2003 2:46 PM 29312]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [9/25/2011 6:24 PM 22216]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\SYSTEM32\DRIVERS\ASPI32.SYS [7/16/2006 3:13 PM 16512]
S3 ati2mpad;ati2mpad;c:\windows\SYSTEM32\DRIVERS\ati2mpad.sys [12/21/2001 9:10 AM 303232]
S3 Bulk503;Chameleon Mega Digital Camera;c:\windows\system32\Drivers\Bulk503.sys --> c:\windows\system32\Drivers\Bulk503.sys [?]
S3 GPWADrv;Service for L6 GuitarPort Driver (WDM);c:\windows\SYSTEM32\DRIVERS\GPWADrv.sys [10/7/2003 2:46 PM 531456]
S3 ISO503;Chameleon Mega Video Camera;c:\windows\system32\Drivers\ISO503.SYS --> c:\windows\system32\Drivers\ISO503.SYS [?]
S3 PciCfg;PciCfg;\??\c:\documents and settings\Jerrod\Desktop\PciCfg.sys --> c:\documents and settings\Jerrod\Desktop\PciCfg.sys [?]
S3 WrKPoET2000;WrKPoET2000;\??\c:\program files\Verizon Online\WinPoET\WrKPoET2000.sys --> c:\program files\Verizon Online\WinPoET\WrKPoET2000.sys [?]
S3 xlink;XLink Driver (xlink.sys);c:\windows\SYSTEM32\DRIVERS\xlink.sys [7/2/2004 9:34 PM 19677]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
2008-04-14 00:12 73216 ----a-w- c:\program files\Outlook Express\setup50.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
2008-04-14 00:12 73216 ----a-w- c:\program files\Outlook Express\setup50.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
2008-04-14 00:12 73216 ----a-w- c:\program files\Outlook Express\setup50.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
2008-04-14 00:12 73216 ----a-w- c:\program files\Outlook Express\setup50.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2011-09-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004Core.job
- c:\documents and settings\Jerrod\Application Data\Google\Update\GoogleUpdate.exe [2010-05-22 16:10]
.
2011-09-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004UA.job
- c:\documents and settings\Jerrod\Application Data\Google\Update\GoogleUpdate.exe [2010-05-22 16:10]
.
2011-09-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-436374069-1060284298-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-09-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-436374069-1060284298-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
IE: c:\progra~1\COMMON~1\BTLINK\btlink.dll//iemenu
Trusted Zone: aol.com\free
Trusted Zone: bestbuy.com\www
Trusted Zone: line6.net
TCP: Interfaces\{42F3870D-E6D6-496C-A620-DE877172437B}: NameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\windows\SYSTEM\dajava.cab
DPF: Internet Explorer Classes for Java - file://c:\windows\SYSTEM\iejava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} - hxxp://www.cdkeybonus.com/cdkey/ITCDKey.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://webvpn.aamc.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} - hxxp://speedtest.adelphia.net/customerdiag/speedtest/SPEEDTESTACTIVEX.CAB
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{7D688A77-C613-11D0-999B-00C04FD655E1} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKLM-RunOnce-0000 - c:\documents and settings\Jerrod\Start Menu\Programs\HP DeskJet 930C Series v2.3 - c:\windows\command.com
HKLM-RunOnce-0003 - c:\documents and settings\Jerrod\Start Menu\Programs\HP Internet Connection Center - c:\windows\command.com
HKLM-RunOnce-0004 - c:\documents and settings\Jerrod\Start Menu\Programs\HP Internet Connection Center - c:\windows\command.com
HKU-Default-Run-Mirabilis ICQ - c:\program files\ICQ\NDetect.exe
SSODL-Adobe SVG Viewer-{B7084DFF-32A8-6E0E-85CF-461F507A4D9C} - c:\program files\Common Files\Adobe\SVG Viewer 3.0\Plugins.dll
MSConfigStartUp-AIM - c:\program files\AIM+\AIM+.exe
MSConfigStartUp-FSW - c:\program files\FSW\FSW.EXE
MSConfigStartUp-Launcher - c:\program files\KFH\cl\launcher.exe
MSConfigStartUp-Mirabilis ICQ - c:\program files\ICQ\NDetect.exe
MSConfigStartUp-MoviePlace - c:\program files\MoviePlace\MoviePlace.exe
MSConfigStartUp-RoxioDragToDisc - c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
MSConfigStartUp-SpySweeper - c:\program files\Webroot\Spy Sweeper\SpySweeper.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\evntsvc.exe
AddRemove-Cache Utility - c:\windows\INF\CATALOG\ALiIDECache.isu
AddRemove-Creative News - c:\program files\Creative\News\CTNews.isu
AddRemove-Elecard MPEG-2 PlugIn for WMP 4.1.100318 - c:\program files\Elecard\Elecard MPEG-2 PlugIn for WMP\Uninstall.exe
AddRemove-HijackThis - c:\documents and settings\Jerrod\Desktop\HijackThis.exe
AddRemove-SqrSoftACFControler - c:\program files\Winamp\ungen_acf.exe
AddRemove-WinPcapInst - c:\program files\WinPcap\Uninstall.exe
AddRemove-WM_Recorder_9.1B - c:\windows\iun6002.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\Jerrod\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-27 18:25
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run???????s????x???\???$????\?w? ?w???????w???w4???????.??w4???????4????>?s4???????<>3?????\???0???0???\???\???????$???5?B~e?B~\???\???????h?`???????B~\???\???$??s????\??????s\??? >3?5??s >3???B~???
CTHelper = CTHELPER.EXE?
CTxfiHlp = CTXFIHLP.EXE?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
"KGHQ1WVPMWYCTK5FHYUB2KQRGA1"=hex:01,00,01,00,00,00,00,00,61,e9,6d,81,db,39,d8,
7a,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C3E67C84-FF81-4ACD-401BD333BA56E9EA}\{F4E9985F-0D7B-FE76-62CD8C76B0126B78}\{BB457FA5-4647-F88E-4919FBC3754B9322}*]
"KGHQ1WVPMWYCTK5FHYUB2KQRGA1"=hex:01,00,01,00,00,00,00,00,61,e9,6d,81,db,39,d8,
7a,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•A~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(620)
c:\program files\Citrix\GoToMyPC\G2WinLogon.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(1244)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\ctagent.dll
c:\program files\Logitech\iTouch\iTchHk.dll
c:\windows\system32\nvwddi.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTsvcCDA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Dantz\Retrospect\retrorun.exe
c:\progra~1\Dantz\RETROS~1\wdsvc.exe
c:\program files\TVersity\Media Server\MediaServer.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\WDBtnMgr.exe
c:\windows\system32\rundll32.exe
c:\windows\Logi_MwX.Exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\CTHELPER.EXE
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-09-27 18:36:06 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-27 22:35
.
Pre-Run: 71,317,540,864 bytes free
Post-Run: 73,206,259,712 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout = 5
default = multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS = "Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 6194EA8F3E71E4B624225DA4D6DC4CB0

Edited by jrodfoo, 27 September 2011 - 05:53 PM.

  • 0

#9
maliprog
Posted 27 September 2011 - 11:32 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jrodfoo,

Glad to hear that. Let's see if anything left.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#10
jrodfoo
Posted 29 September 2011 - 04:32 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here is the Kaspersky log

I will post on the PC is functioning with the taskbar freezing and the copy and paste function is working later this evening

Update: Taskbar freezing has come back and the copy and paste issue is back.


Status: Deleted (events: 2)
9/28/2011 11:49:30 PM Deleted Trojan program Trojan-Downloader.Win32.Swizzor.c C:\WINDOWS\Downloaded Program Files\Search_Mp3s.exe High
9/28/2011 11:49:30 PM Deleted Trojan program Trojan-Downloader.Win32.Swizzor.c C:\WINDOWS\Downloaded Program Files\Search_Mp3s.exe//PornoPack High

Edited by jrodfoo, 29 September 2011 - 06:52 PM.

  • 0

Advertisements

#11
maliprog
Posted 29 September 2011 - 11:33 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jrodfoo,

Step 1

  • Go to Start -> My Computer
  • Right click on C: disk and clik on Properties
  • Click on tab Tools and click on Check now... button
  • Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
  • Click Start button
  • Confirm schedule disk check next time computer starts with Yes button
  • Restart your system and wait while system checks your disk for errors

Step 2

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the "Scan All User" checkbox
  • Change "Extra Registry" option to "SafeList"
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this files, and post it with your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
It would be helpful if you could post each log in separate post
  • 0

#12
jrodfoo
Posted 30 September 2011 - 08:35 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Thanks I will try this Sunday night or Monday. I am out of town for a wedding.

Thanks again for your help! I will touch base with you Sunday night.
  • 0

#13
jrodfoo
Posted 03 October 2011 - 03:01 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi, Here is the OTL.LOG

OTL logfile created on: 10/3/2011 4:45:13 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Jerrod\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 476.93 Mb Available Physical Memory | 46.60% Memory free
2.41 Gb Paging File | 2.02 Gb Available in Paging File | 83.79% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 67.70 Gb Free Space | 60.56% Space Free | Partition Type: NTFS
Drive E: | 111.79 Gb Total Space | 55.52 Gb Free Space | 49.67% Space Free | Partition Type: NTFS

Computer Name: JERROD | User Name: Jerrod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/03 16:41:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerrod\My Documents\Downloads\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2011/05/27 00:07:15 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
PRC - [2010/03/17 16:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/12/17 18:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/21 18:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/04/09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CtHelper.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/07/25 12:44:27 | 000,331,776 | ---- | M] (Western Digital Technologies, Inc.) -- C:\WINDOWS\SYSTEM32\WDBtnMgr.exe
PRC - [2004/03/18 09:33:26 | 000,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
PRC - [2003/12/11 06:09:34 | 000,046,592 | R--- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect\wdsvc.exe
PRC - [2003/11/12 13:46:34 | 000,049,152 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect\retrorun.exe
PRC - [2002/11/08 06:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (No Company Name) ==========

MOD - [2011/09/20 21:48:01 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll
MOD - [2011/08/10 03:30:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/10 03:26:55 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/10 03:22:13 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/10 03:15:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/10 03:13:39 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/28 08:00:31 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
MOD - [2011/06/28 07:46:35 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
MOD - [2010/11/24 16:36:30 | 000,731,136 | ---- | M] () -- C:\Program Files\TVersity\Media Server\X11.dll
MOD - [2010/11/24 16:36:30 | 000,714,752 | ---- | M] () -- C:\Program Files\TVersity\Media Server\log4cxx.dll
MOD - [2010/11/24 16:36:30 | 000,507,888 | ---- | M] () -- C:\Program Files\TVersity\Media Server\sqlite3.dll
MOD - [2010/11/24 16:36:30 | 000,346,112 | ---- | M] () -- C:\Program Files\TVersity\Media Server\taglib.dll
MOD - [2010/11/24 16:36:30 | 000,329,728 | ---- | M] () -- C:\Program Files\TVersity\Media Server\libcurl.dll
MOD - [2010/11/24 16:36:30 | 000,311,808 | ---- | M] () -- C:\Program Files\TVersity\Media Server\libmp3lame-0.dll
MOD - [2010/11/24 16:36:30 | 000,201,232 | ---- | M] () -- C:\Program Files\TVersity\Media Server\swscale-0.dll
MOD - [2010/11/24 16:36:28 | 000,165,888 | ---- | M] () -- C:\Program Files\TVersity\Media Server\CORE_RL_lcms_.dll
MOD - [2010/11/24 16:36:22 | 004,532,240 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avcodec-52.dll
MOD - [2010/11/24 16:36:22 | 000,793,616 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avformat-52.dll
MOD - [2010/11/24 16:36:22 | 000,081,936 | ---- | M] () -- C:\Program Files\TVersity\Media Server\avutil-50.dll
MOD - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
MOD - [2010/02/05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\SYSTEM32\quartz.dll
MOD - [2008/03/25 00:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msjetoledb40.dll
MOD - [2006/10/22 12:22:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\SYSTEM32\nview.dll
MOD - [2006/10/22 12:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\SYSTEM32\nvapi.dll
MOD - [2006/09/16 01:03:02 | 000,007,680 | ---- | M] () -- C:\Program Files\TVersity\Media Server\ImageMagickCoders\IM_MOD_RL_gray_.dll
MOD - [2003/05/15 15:43:24 | 000,119,808 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (WinPPPoverEthernet)
SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/20 21:48:01 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/16 13:13:20 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () [Auto | Running] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2009/12/17 18:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/09/07 08:14:34 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/02/21 18:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/09 12:30:08 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/08/22 04:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/06/20 11:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/02/26 02:18:00 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/12/11 06:09:34 | 000,046,592 | R--- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect\wdsvc.exe -- (RetroWDSvc)
SRV - [2003/11/12 13:46:34 | 000,049,152 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect\retrorun.exe -- (RetroLauncher)


========== Driver Services (SafeList) ==========

DRV - [2011/09/15 11:21:24 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111003.001\navex15.sys -- (NAVEX15)
DRV - [2011/09/15 11:21:24 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111003.001\naveng.sys -- (NAVENG)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2011/08/18 13:41:02 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/09/22 15:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\taphss.sys -- (taphss)
DRV - [2010/09/15 14:07:08 | 000,270,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20110929.002\SymIDSco.sys -- (SYMIDSCO)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/17 18:18:50 | 000,020,152 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\vpnva.sys -- (vpnva)
DRV - [2009/09/07 08:50:18 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/04/20 13:36:06 | 000,531,456 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\GPWADrv.sys -- (GPWADrv) Service for L6 GuitarPort Driver (WDM)
DRV - [2009/04/20 13:36:04 | 000,029,312 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\l6dp.sys -- (L6DP)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 13:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIM)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 13:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/01/31 21:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 21:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 21:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\srtspx.sys -- (SRTSPX)
DRV - [2007/11/29 02:18:04 | 000,078,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2007/11/29 02:17:34 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2007/11/29 02:17:28 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/08/08 20:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CO_Mon.sys -- (CO_Mon)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2006/12/06 01:29:37 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\SVKP.sys -- (SVKP)
DRV - [2006/11/21 13:34:24 | 000,203,264 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bender.sys -- (BENDER)
DRV - [2006/04/07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\VNUSB.sys -- (VNUSB)
DRV - [2006/01/19 20:41:52 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2005/06/29 15:49:44 | 000,425,984 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinUsb.sys -- (PinnacleMarvinUsb)
DRV - [2005/06/02 19:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI)
DRV - [2004/03/23 22:09:52 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/03/10 13:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\itchfltr.sys -- (itchfltr)
DRV - [2002/11/13 06:54:06 | 000,019,677 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\xlink.sys -- (xlink) XLink Driver (xlink.sys)
DRV - [2002/11/08 06:50:00 | 000,070,238 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2002/11/08 06:50:00 | 000,052,238 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys -- (L8042pr2)
DRV - [2002/08/29 01:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\an983.sys -- (AN983)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS -- (ASPI)
DRV - [2002/04/11 14:47:52 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipfilter.sys -- (IPFilter)
DRV - [2001/12/21 09:10:08 | 000,303,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mpad.sys -- (ati2mpad)
DRV - [2001/12/03 17:11:14 | 000,160,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Icam4USB.sys -- (Icam4USB)
DRV - [2001/08/17 14:28:26 | 000,113,762 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\USRpdA.sys -- (USRpdA)
DRV - [2001/08/17 13:49:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atimpae.sys -- (atirage3)
DRV - [2000/08/09 15:08:18 | 000,023,326 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [1999/12/17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\PfModNT.sys -- (PfModNT)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASLM75.SYS -- (aslm75)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foofighters.com/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foofighters.com/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-823518204-436374069-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerrod\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerrod\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jerrod\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jerrod\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/27 00:09:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/25 16:52:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 17:58:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/25 16:52:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerrod\Application Data\Move Networks [2009/08/13 14:00:09 | 000,000,000 | ---D | M]

[2008/09/02 23:51:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerrod\Application Data\Mozilla\Extensions
[2011/06/23 19:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/28 17:58:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/28 18:32:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/28 17:57:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/30 17:49:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/28 18:54:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/23 19:06:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/09/30 17:58:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2004/11/12 23:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/11/02 17:33:45 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/09/30 17:58:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jerrod\Application Data\Google\Chrome\Application\10.0.648.204\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jerrod\Application Data\Google\Chrome\Application\10.0.648.204\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Jerrod\Application Data\Google\Chrome\Application\10.0.648.204\gears.dll
CHR - plugin: Adobe ESD Manager Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Turner Media Plugin 1.0.0.10 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Jerrod\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Jerrod\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Jerrod\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\

O1 HOSTS File: ([2011/09/27 18:24:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [WD Button Manager] C:\WINDOWS\System32\WDBtnMgr.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKU\.DEFAULT..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-18..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..Trusted Domains: bestbuy.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-823518204-436374069-1060284298-1004\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {00000075-0000-0010-8000-00AA00389B71} http://codecs.micros...86/voxmsdec.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.micros...i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsi.cab (Reg Error: Key error.)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.symantec....trl/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.a...ad/tgctlins.cab (Reg Error: Key error.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfi...IOS/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...ector/swdir.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.micr...b?1092106100512 (MSSecurityAdvisor Class)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec....rl/LSSupCtl.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://download.yaho...talls/yinst.cab (YInstStarter Class)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv8dmo.cab (Reg Error: Key error.)
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} http://www.cdkeybonu...key/ITCDKey.cab (CDKey Class)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://apple.speeder...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://webvpn.aamc....ries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120538235714 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1125770038228 (MUWebControl Class)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://208.158.118.1...sCamControl.ocx (CamImage Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7578.9259837963 (Reg Error: Key error.)
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} http://community.web...otoUploader.CAB (Webshots Photo Uploader)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft...ols/SassCln.CAB (SassCln Object)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} http://speedtest.ade...TESTACTIVEX.CAB (SpdTCtl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} http://www.instantac...ad/iaplayer.cab (InstantAction Game Launcher)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://www.driverage...driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F3870D-E6D6-496C-A620-DE877172437B}: NameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToMyPC: DllName - (C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll) - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerrod\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerrod\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/11/20 15:32:22 | 000,000,194 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2006/07/07 22:58:44 | 000,000,279 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/29 22:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\New_Found_Glory-Radiosurgery-2011-FNT
[2011/09/27 23:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Man_Overboard-Man_Overboard-2011-FNT
[2011/09/27 20:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\My Documents\malware progs
[2011/09/27 19:46:33 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/27 17:53:44 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/27 17:50:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/27 17:50:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/27 17:50:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/27 17:50:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/27 17:50:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/27 17:50:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/25 18:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Application Data\Malwarebytes
[2011/09/25 18:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/25 18:24:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/25 18:24:49 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/25 18:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/25 16:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Application Data\DDMSettings
[2011/09/25 16:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2011/09/25 16:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/09/25 16:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2011/09/25 15:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Blink_182_-_Neighborhoods-2011-MOD
[2011/09/24 15:38:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/24 15:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Nirvana-Nevermind-(Remastered)-2011-CR
[2011/09/20 07:46:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\My Documents\facebook
[2011/09/17 00:38:15 | 000,086,016 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\cttele.dll
[2011/09/17 00:37:50 | 000,409,600 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/09/17 00:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Application Data\Creative
[2011/09/17 00:37:31 | 000,280,320 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPFX.DLL
[2011/09/17 00:37:30 | 000,168,192 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEAPSFX.DLL
[2011/09/17 00:37:28 | 000,560,384 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTSBLFX.DLL
[2011/09/17 00:37:26 | 000,546,048 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTAUDFX.DLL
[2011/09/17 00:37:24 | 000,098,600 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##COMMONFX.DLL
[2011/09/16 23:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/09/16 23:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Application Data\PC_Drivers_Headquarters
[2011/09/16 23:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/09/16 23:53:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/09/16 23:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2011/09/14 23:34:21 | 000,000,000 | ---D | C] -- C:\NSS
[2011/09/12 20:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerrod\Desktop\Bush-The_Sea_Of_Memories-2011-MTD
[2011/09/12 19:34:48 | 000,000,000 | ---D | C] -- C:\OutputFolder
[2007/04/09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2007/04/09 12:19:16 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[2007/04/03 00:25:39 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\interop.simulationmanagerlib.dll
[2007/04/03 00:25:39 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\interop.windowsinstaller.dll
[2005/01/16 17:54:58 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[12 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/03 16:46:00 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004UA.job
[2011/10/03 16:38:13 | 000,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2011/10/03 16:11:04 | 000,087,786 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/10/03 16:09:38 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-436374069-1060284298-1004.job
[2011/10/03 16:09:25 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/03 16:09:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/03 16:09:02 | 1073,254,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/03 15:01:22 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/10/03 15:01:22 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/10/03 15:01:22 | 000,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/10/03 15:01:22 | 000,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/10/03 15:01:22 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/10/03 15:00:44 | 003,778,236 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000004-00511102}.CDF
[2011/10/03 15:00:44 | 003,778,236 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000004-00511102}.BAK
[2011/10/02 20:46:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-436374069-1060284298-1004Core.job
[2011/10/01 23:18:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-436374069-1060284298-1004.job
[2011/10/01 17:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/29 18:58:42 | 000,000,333 | RHS- | M] () -- C:\boot.ini
[2011/09/28 17:43:09 | 097,548,488 | ---- | M] () -- C:\Documents and Settings\Jerrod\My Documents\setup_11.0.0.1245.x01_2011_09_29_01_14.exe
[2011/09/27 18:24:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/27 07:42:04 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jerrod\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/27 01:33:29 | 000,056,209 | ---- | M] () -- C:\Documents and Settings\Jerrod\My Documents\bookmarks-2011-09-27.json
[2011/09/25 16:30:51 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/09/20 19:31:33 | 000,020,409 | ---- | M] () -- C:\Documents and Settings\Jerrod\My Documents\nirvana-6.jpg
[2011/09/17 00:37:50 | 000,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/09/17 00:37:50 | 000,114,688 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2011/09/17 00:18:47 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2011/09/17 00:18:47 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2011/09/15 07:44:44 | 000,000,216 | ---- | M] () -- C:\Boot.bak
[2011/09/15 07:34:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/14 22:58:56 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/09/14 22:58:56 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/09/09 05:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll

========== Files Created - No Company Name ==========

[2011/09/28 17:42:34 | 097,548,488 | ---- | C] () -- C:\Documents and Settings\Jerrod\My Documents\setup_11.0.0.1245.x01_2011_09_29_01_14.exe
[2011/09/27 17:53:55 | 000,000,216 | ---- | C] () -- C:\Boot.bak
[2011/09/27 17:53:49 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/27 17:50:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/27 17:50:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/27 17:50:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/27 17:50:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/27 17:50:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/27 07:42:04 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/27 07:42:03 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/27 01:33:29 | 000,056,209 | ---- | C] () -- C:\Documents and Settings\Jerrod\My Documents\bookmarks-2011-09-27.json
[2011/09/25 16:42:10 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/24 23:35:43 | 1073,254,400 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/24 15:51:04 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-436374069-1060284298-1004.job
[2011/09/20 19:31:29 | 000,020,409 | ---- | C] () -- C:\Documents and Settings\Jerrod\My Documents\nirvana-6.jpg
[2011/09/17 00:29:57 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.rfx
[2011/09/12 22:56:28 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/08/31 00:29:39 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/08/31 00:29:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/09/17 15:41:27 | 000,022,820 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/04 20:00:26 | 000,000,372 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2008/09/28 23:49:04 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2008/09/28 23:49:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2008/07/27 19:42:30 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll
[2008/07/27 19:42:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll
[2008/07/23 12:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/02/04 22:36:26 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/26 21:18:13 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/04/12 08:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 12:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 12:55:14 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/04/09 12:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/04/09 12:32:32 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2007/04/09 12:24:30 | 000,325,821 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007/04/09 12:24:30 | 000,046,273 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2007/04/09 12:21:44 | 000,048,128 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2007/04/09 12:21:28 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2007/04/09 12:19:44 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2007/04/09 12:19:36 | 000,241,084 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2007/04/09 12:19:36 | 000,115,166 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2007/04/09 12:19:20 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007/04/09 12:19:20 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007/04/09 12:19:18 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2007/04/03 00:25:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\swarmcastinstallwrapper.exe
[2007/04/03 00:25:44 | 000,270,336 | ---- | C] () -- C:\WINDOWS\mlbappstart.exe
[2007/04/03 00:25:44 | 000,002,497 | ---- | C] () -- C:\WINDOWS\mlbappstart.exe.config
[2007/04/03 00:25:43 | 000,217,088 | ---- | C] () -- C:\WINDOWS\mlbamplayer.exe
[2007/04/03 00:25:31 | 005,798,560 | ---- | C] () -- C:\WINDOWS\bammediaplayer.exe
[2007/03/28 22:36:17 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/13 22:08:56 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Ahead DVD Ripper.INI
[2007/01/05 22:34:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/12/25 11:53:57 | 000,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf
[2006/12/25 11:52:59 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/12/24 15:47:06 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/11/26 03:19:25 | 000,593,938 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2006/11/12 18:24:46 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/10/02 09:25:18 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2006/07/16 17:36:50 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/07/07 22:58:44 | 000,001,277 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2006/06/16 00:23:02 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/06/16 00:23:01 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/06/01 17:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 17:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/04/26 21:37:07 | 000,000,066 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2006/03/14 22:27:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/02 18:23:16 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wmfhotfix.dll
[2005/12/21 06:36:46 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/10/19 19:49:33 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2005/09/09 21:46:01 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/08/09 18:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 18:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/28 19:27:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ump.INI
[2005/06/16 10:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2005/04/28 20:26:09 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AudACM.ini
[2005/03/21 00:52:03 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2005/03/21 00:51:30 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/03/13 15:34:19 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/02/17 06:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/02/17 06:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/02/17 06:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/02/17 06:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/02/17 06:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 06:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/02/03 23:59:48 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\metaflac.exe
[2005/02/03 23:59:44 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\flac.exe
[2005/01/16 18:02:41 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin
[2005/01/07 01:11:11 | 000,086,470 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2004/12/25 01:10:03 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\fusioncache.dat
[2004/12/25 00:51:19 | 000,038,868 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2004/12/25 00:51:19 | 000,029,358 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2004/12/20 18:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/12/07 20:57:39 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2004/11/17 02:09:14 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2004/08/23 18:20:14 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/23 18:19:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/23 17:54:46 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 00:34:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\imageCache7.db
[2004/07/15 11:42:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2004/07/15 11:42:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2004/07/15 11:42:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2004/07/15 11:42:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2004/07/15 11:42:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2004/07/15 11:42:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2004/07/15 11:42:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2004/07/15 11:42:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2004/07/15 11:42:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/03/17 21:00:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2004/03/11 00:26:10 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2004/02/26 02:18:04 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2004/01/27 08:13:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2003/12/07 14:46:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Quicktools.INI
[2003/08/07 15:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/06/02 04:19:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\msc001.dat
[2003/05/30 00:20:46 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\VQfile.dll
[2003/05/27 01:08:36 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2003/04/22 00:44:42 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2003/04/10 00:12:26 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/04/06 04:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2003/02/14 05:12:30 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2002/12/30 13:34:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\support.exe
[2002/12/27 05:40:27 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2002/12/23 17:01:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\wpdsvr.exe
[2002/12/17 06:24:33 | 000,000,683 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2002/11/24 06:37:37 | 000,012,884 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2002/11/13 11:26:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\wh2robo.dll
[2002/10/15 01:55:33 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2002/08/20 05:37:50 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002/08/12 02:24:31 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2002/07/11 12:23:52 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ITCDKey.dll
[2002/04/11 14:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/04/03 05:08:22 | 001,086,624 | ---- | C] () -- C:\WINDOWS\MyFiles.dat.lst
[2002/04/03 05:08:22 | 000,000,528 | ---- | C] () -- C:\WINDOWS\Settings.ini
[2002/04/03 05:08:22 | 000,000,013 | ---- | C] () -- C:\WINDOWS\MyFiles.dat
[2002/03/20 03:31:37 | 000,000,070 | ---- | C] () -- C:\WINDOWS\System32\wmp32trm.dll
[2002/03/02 17:20:20 | 000,000,030 | ---- | C] () -- C:\WINDOWS\morpheusp.INI
[2002/02/27 19:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2001/12/26 09:31:25 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Jerrod\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/12/25 19:04:35 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2001/12/25 17:49:58 | 000,005,824 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2001/12/25 16:51:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2001/12/25 16:51:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000004-00511102}.dat
[2001/12/25 16:36:48 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\sfman.dat
[2001/12/25 15:18:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2001/12/25 15:14:02 | 000,003,242 | ---- | C] () -- C:\WINDOWS\LnkStub.dat
[2001/12/25 15:11:08 | 000,172,955 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2001/12/25 15:11:08 | 000,012,484 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2001/12/25 15:11:08 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2001/12/25 15:11:08 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2001/12/25 15:11:08 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2001/12/25 15:11:08 | 000,002,742 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2001/12/25 15:11:08 | 000,001,125 | ---- | C] () -- C:\WINDOWS\WINAMP.INI
[2001/12/25 15:11:08 | 000,000,909 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/12/25 15:11:08 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2001/12/25 15:11:08 | 000,000,317 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2001/12/25 15:11:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2001/12/25 15:11:08 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2001/12/25 15:11:08 | 000,000,199 | ---- | C] () -- C:\WINDOWS\HPFSCHED.INI
[2001/12/25 15:11:08 | 000,000,120 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2001/12/25 15:11:08 | 000,000,099 | ---- | C] () -- C:\WINDOWS\CTREC.INI
[2001/12/25 15:11:08 | 000,000,087 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2001/12/25 15:11:08 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2001/12/25 15:11:08 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2001/12/25 15:11:08 | 000,000,045 | ---- | C] () -- C:\WINDOWS\UsrWiz.ini
[2001/12/25 15:11:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2001/12/25 15:11:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WINFILE.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROGMAN.INI
[2001/12/25 15:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2001/12/25 15:07:42 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001/12/25 15:01:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/25 15:00:26 | 000,140,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/11/22 23:31:59 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\3CDPUMP.DLL
[2001/11/22 23:31:59 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\3CMLNKW.EXE
[2001/11/20 18:57:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2001/11/20 18:56:45 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\VP3CLEAN.EXE
[2001/11/20 18:56:38 | 000,795,548 | ---- | C] () -- C:\WINDOWS\System32\ica2.dll
[2001/11/20 18:55:22 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2001/11/20 18:55:22 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2001/11/20 15:54:51 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\HPZCIN01.EXE
[2001/11/20 13:34:02 | 000,397,344 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT
[2001/11/20 13:33:00 | 000,023,357 | -H-- | C] () -- C:\Program Files\folder.htt
[2001/11/20 13:29:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/11/20 11:23:01 | 000,001,020 | ---- | C] () -- C:\WINDOWS\TRUESOFT.DAT
[2001/11/20 11:19:19 | 000,042,448 | ---- | C] () -- C:\WINDOWS\PTDLL16.DLL
[2001/11/20 11:19:19 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PCTPTT.EXE
[2001/11/20 11:19:19 | 000,014,560 | ---- | C] () -- C:\WINDOWS\PTRTSYC.DLL
[2001/11/20 11:19:19 | 000,009,184 | ---- | C] () -- C:\WINDOWS\PTSNOOP.EXE
[2001/11/20 11:19:19 | 000,000,456 | ---- | C] () -- C:\WINDOWS\PTHSP.DAT
[2001/11/20 03:54:21 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\ALiUninst.exe
[2001/11/19 19:03:03 | 000,016,384 | ---- | C] () -- C:\WINDOWS\MSIMGSIZ.DAT
[2001/10/11 11:23:54 | 000,155,136 | ---- | C] () -- C:\WINDOWS\unsp1drv.exe
[2001/10/03 11:48:34 | 000,035,807 | ---- | C] () -- C:\WINDOWS\System32\WEBUPDATEOCT2001.INI
[2001/09/17 13:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/08/23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 13:00:00 | 000,435,266 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 13:00:00 | 000,069,256 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/13 09:37:18 | 000,176,128 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2000/06/08 18:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[2000/04/17 14:44:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[1999/04/23 23:22:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/11/17 18:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1996/02/23 15:34:48 | 000,014,629 | ---- | C] () -- C:\WINDOWS\System32\Declw.dll
[1996/02/22 13:09:20 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\Decln.dll

< End of report >
  • 0

#14
jrodfoo
Posted 03 October 2011 - 03:02 PM

jrodfoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
and the OTL Extras


OTL Extras logfile created on: 10/3/2011 4:45:13 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Jerrod\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 476.93 Mb Available Physical Memory | 46.60% Memory free
2.41 Gb Paging File | 2.02 Gb Available in Paging File | 83.79% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 67.70 Gb Free Space | 60.56% Space Free | Partition Type: NTFS
Drive E: | 111.79 Gb Total Space | 55.52 Gb Free Space | 49.67% Space Free | Partition Type: NTFS

Computer Name: JERROD | User Name: Jerrod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"137:TCP" = 137:TCP:*:Enabled:file sharing
"138:TCP" = 138:TCP:*:Enabled:port2
"50000:UDP" = 50000:UDP:*:Enabled:IHA_MessageCenter
"1033:TCP" = 1033:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\mIRC\mirc.exe" = C:\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe" = C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe:*:Enabled:Nero MediaHome -- (Ahead Software AG)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\WM Recorder 10\WMR90.exe" = C:\Program Files\WM Recorder 10\WMR90.exe:*:Enabled:Windows Media ™ Stream Recorder -- (NetFor2 and Applian Technologies Inc.)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\PFPortChecker\PFPortChecker.exe" = C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded. -- (portforward.com)
"C:\Program Files\TVersity\Media Server\MediaServer.exe" = C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server -- ()
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}" = Adobe Audition 2.0
"{028814FB-D05F-495E-81D7-636A87321025}" = CreativeProjectsTemplates
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{11680998-6792-4DE9-8DE1-D6D041418B26}" = SkinsHP1
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18E0918E-1060-48f3-925C-56C82E88551B}" = HP PSC & OfficeJet 3.5
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{1FD0C5C1-B01B-4B4C-9607-E5D3B3D1318F}" = Microsoft IntelliPoint 4.1
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{2266312B-3502-41EE-82CD-8DC62276D87B}" = Vz In Home Agent
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation
"{2E4E8905-5F24-4AEA-84E2-923CC12E3AB1}" = iPod for Windows 2005-09-06
"{30FD5C60-62AD-42D9-85D5-BFDB72752811}" = SymNet
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3662AF19-6E4B-4F6D-A61C-F3CB6D67097D}" = QuickProjects
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}" = Pinnacle PCI Performance Enhancer
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{46DC1141-0555-44B3-96B2-A6AE194DAF39}" = ESPN360
"{47C25360-AEBC-4B21-B233-87CE653B3369}" = AIOMinimal
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{55DCBED7-5710-4939-A928-4CBD9AB09EBB}" = 1310_Help
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5786D2C8-A4C4-4DDB-B671-8ED2A53310EC}" = 1310Tour
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.75
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{5FCDE341-328B-434B-9F21-AF5BADB57852}" = Symantec Technical Support Web Controls
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6864A62D-3EF3-415F-9922-240EED34B4C0}" = Fax
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{696C94BC-44BC-4B8E-ABAA-6FFC0F11A6D3}" = PhotoGallery
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{7107A761-B2F7-4BB0-84DA-CD90B562A72D}" = Director
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B69C5C-87D6-471E-B695-0BD736C4B644}" = Retrospect 6.5
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"{80813829-BE27-4799-8BC7-2F75A7B6CB50}" = IHA_MessageCenter
"{827ECAB7-3F8E-4A66-A663-67A8F678536C}" = CreativeProjects
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92083A9A-549D-4057-88E8-223EA08563FA}" = Cisco AnyConnect VPN Client
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99D48FBB-2DEF-49A9-BCC9-C5AF63DD2643}" = AiOSoftware
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A10A14F5-DF18-4151-9EB0-B79ABBFE6863}" = WebReg
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1" = Free FLAC to MP3 Converter 1.0
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A75BC59B-10BF-6B87-DCC7-3501F158ACC6}" = Times Reader
"{A764C7FF-F8D9-4974-BB12-FA6D5EC786E7}" = Neuview 1M Edition
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11}" = AiO_Scan
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B3A77A42-DCF7-4830-AE0E-8CEE34A76200}" = CueTour
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E1CDC5B0-7AFB-11DA-8CD6-0800200C9A66}" = WMFHotFix, MSI Version 1, Hotfix Version 14
"{E443F067-3345-482C-BD7A-12675A53D292}" = Readme
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E889F95A-B9E3-4580-B3D7-43DBC9C9CD43}" = TrayApp
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F730A60D-F6DA-4653-9C6E-548F7A3A5EE0}" = 1310Trb
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F9B0968A-810E-484C-B81D-7F19DC2CBBF5}" = 1310
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows XP Signed Files
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF5506ED-4D15-41F1-8588-E097B18124F2}" = BufferChm
"3ComRSWinmodem" = U.S. Robotics 56K Fax Win Int
"3ivx D4 4.5.1" = 3ivx D4 4.5.1 (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Audition 2.0" = Adobe Audition 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"ALi AGP Driver" = ALi AGP Driver 1.70
"ASUS Probe V2.22.04" = ASUS Probe V2.22.04
"ASUS Probe V2.23.06" = ASUS Probe V2.23.06
"ATI Display Driver" = ATI Display Driver
"AVI DivX to DVD SVCD VCD Converter_is1" = AVI DivX to DVD SVCD VCD Converter 1.2.0
"CDex" = CDex extraction audio
"CodInstl" = Intel A/V Codecs V2.0
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"CuteFTP" = CuteFTP
"DivX Setup" = DivX Setup
"DIVXAudioCompressor4.02" = DivX ;-) Audio Compressor 4.02
"DVD Shrink_is1" = DVD Shrink 3.2
"ESPNMotion" = ESPNMotion
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"FilmLoopPlayer" = FilmLoop Player
"FLAC" = FLAC Installer 1.1.2a (remove only)
"Google Video Uploader" = Google Video Uploader
"GoogleVideoPlayer" = Google Video Player
"GuitarPort 2.51" = GuitarPort 2.51 (Remove Only)
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InFlac" = InFlac 1.1.1
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{2E4E8905-5F24-4AEA-84E2-923CC12E3AB1}" = iPod for Windows 2005-09-06
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"InterActual Player" = InterActual Player
"Line 6 Uninstaller" = Line 6 Uninstaller
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Mp3 Codec" = Mpeg Layer3 Codec FHG-Radium v1.263
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton Rescue" = Rescue Disk
"NVIDIA Drivers" = NVIDIA Drivers
"PFPortChecker" = PFPortChecker 1.0.28
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 12.0" = RealPlayer
"RiffWorks 1.00" = RiffWorks 1.00 (Remove Only)
"Shockwave" = Shockwave
"SM1FX_AT" = USB Storage Adapter FX (SM1)
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 12d
"Sound Blaster Audigy" = Sound Blaster Audigy
"Spotify" = Spotify
"SqrSoftACF" = SqrSoft® Advanced Crossfading (remove only)
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.3
"TVersity Media Server Pro" = TVersity Media Server Pro 1.6 Beta
"Ultra Video Splitter_is1" = Ultra Video Splitter 6.2.0411
"Universal Media Player" = Universal Media Player
"uTorrent" = µTorrent
"Verizon Help and Support" = Verizon Help and Support Tool
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.5
"vol_toolbar" = Verizon Broadband Toolbar
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"x264 Revision 506 x264.nl" = x264 Revision 506 x264.nl (remove only)
"x264 Revision 564 x264.nl" = x264 Revision 564 x264.nl (remove only)
"XviD_is1" = XviD 1.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-823518204-436374069-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/29/2011 6:36:11 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:11 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:11 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:11 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:12 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:29 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:36:34 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:38:34 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:38:34 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

Error - 9/29/2011 6:38:34 PM | Computer Name = JERROD | Source = nview_info | ID = 11141121
Description =

[ Cisco AnyConnect VPN Client Events ]
Error - 4/5/2011 4:43:35 PM | Computer Name = JERROD | Source = vpnagent | ID = 67108866
Description = Function: RestoreProxySettingsToBrowser File: .\BrowserProxy.cpp Line:
1040 Invoked Function: DeleteFile Return Code: 2 (0x00000002) Description: The system
cannot find the file specified.

Error - 4/10/2011 4:31:01 PM | Computer Name = JERROD | Source = vpnui | ID = 67108866
Description = Function: ApiCert::getCertList File: .\ApiCert.cpp Line: 236 Invoked
Function: CCertStore::Enumerate Return Code: -31326187 (0xFE220015) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED


Error - 4/10/2011 8:39:37 PM | Computer Name = JERROD | Source = vpnagent | ID = 67108866
Description = Function: RestoreProxySettingsToBrowser File: .\BrowserProxy.cpp Line:
1040 Invoked Function: DeleteFile Return Code: 2 (0x00000002) Description: The system
cannot find the file specified.

Error - 7/18/2011 12:34:48 AM | Computer Name = JERROD | Source = vpnui | ID = 67108866
Description = Function: ApiCert::getCertList File: .\ApiCert.cpp Line: 236 Invoked
Function: CCertStore::Enumerate Return Code: -31326187 (0xFE220015) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED


Error - 7/18/2011 12:47:22 AM | Computer Name = JERROD | Source = vpnagent | ID = 67108866
Description = Function: RestoreProxySettingsToBrowser File: .\BrowserProxy.cpp Line:
1040 Invoked Function: DeleteFile Return Code: 2 (0x00000002) Description: The system
cannot find the file specified.

[ System Events ]
Error - 9/28/2011 9:42:23 PM | Computer Name = JERROD | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service LiveUpdate
with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}

Error - 9/28/2011 9:42:28 PM | Computer Name = JERROD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the LiveUpdate service to
connect.

Error - 9/29/2011 7:39:45 AM | Computer Name = JERROD | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 9/29/2011 7:42:23 AM | Computer Name = JERROD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IHA_MessageCenter service
to connect.

Error - 9/29/2011 7:42:23 AM | Computer Name = JERROD | Source = Service Control Manager | ID = 7000
Description = The IHA_MessageCenter service failed to start due to the following
error: %%1053

Error - 9/29/2011 7:43:19 AM | Computer Name = JERROD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 9/29/2011 6:44:38 PM | Computer Name = JERROD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 9/30/2011 5:47:48 PM | Computer Name = JERROD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 10/3/2011 2:18:06 PM | Computer Name = JERROD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 10/3/2011 2:47:10 PM | Computer Name = JERROD | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.


< End of report >
  • 0

#15
maliprog
Posted 03 October 2011 - 11:33 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jrodfoo,

I think I see one problem with one of your service. Let's try to stop this service to see if that helps.

Please click on Start and then to Run...
Type in msconfig and press Enter
Now click on Services tab
Then find and uncheck NVSvc service and press Apply button.
Restart your system now

Does you system freezes now?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP