Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Search engines wont load in browser, other sites do

Started by adman4054 , Oct 11 2011 02:01 PM

  • Please log in to reply

#1
adman4054
Posted 11 October 2011 - 02:01 PM

adman4054

    New Member

  • Member
  • Pip
  • 8 posts
Hello,
Yesterday I received a file with a virus. My Anti-Virus program picked it up and I assumed it had taken care of the problem. To be sure I ran the AV again and then downloaded Malware Bytes and ran the program. It picked up several:

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\INSTALL.EXE (Adware.Casino) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\cleopatras palace\Install.exe (Adware.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\todd_w\local settings\Temp\5606.sys (Heuristics.Shuriken) -> Quarantined and deleted successfully.

Once I ran Malware Bytes I could not access any of the search engines in any brower, Chrome, FF and IE.

I have performed three instructional operations on the web to solve the problem to no avail. A couple of them pointed me to the host file in /system32/drivers/etc and I thought I had found the issue. At the bottom of the host file contained:


74.55.76.230 www.google-analytics.com.
74.55.76.230 ad-emea.doubleclick.net.
74.55.76.230 www.statcounter.com.
178.250.45.15 www.google-analytics.com.
178.250.45.15 ad-emea.doubleclick.net.
178.250.45.15 www.statcounter.com.

Removing them didn't make any difference


My OTL log file as the instructions for posting suggested:


OTL logfile created on: 10/11/2011 3:39:14 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\This_PC
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1005.78 Mb Total Physical Memory | 225.22 Mb Available Physical Memory | 22.39% Memory free
2.36 Gb Paging File | 1.61 Gb Available in Paging File | 67.96% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 151.11 Gb Total Space | 73.40 Gb Free Space | 48.57% Space Free | Partition Type: NTFS

Computer Name: TODD | User Name: todd_w | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/11 15:17:52 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\This_PC\OTL.exe
PRC - [2011/09/30 11:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/09/29 07:06:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/14 15:04:59 | 004,611,456 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/05/25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\todd_w\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/02/18 14:04:44 | 001,827,616 | ---- | M] (Glance Networks, Inc.) -- C:\Program Files\Glance26\Glance.exe
PRC - [2010/09/23 10:41:16 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mstart.exe
PRC - [2010/09/23 10:41:16 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mlauncher.exe
PRC - [2010/09/23 10:41:16 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mcomm.exe
PRC - [2010/08/19 15:23:10 | 003,069,192 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Jing\Jing.exe
PRC - [2009/09/15 10:20:30 | 000,188,736 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2009/09/15 10:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/05/01 15:15:21 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/09 20:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/11/12 22:41:42 | 000,972,064 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2007/11/12 21:59:54 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2007/03/14 06:50:18 | 001,423,360 | ---- | M] (ES-Computing) -- C:\Program Files\EditPlus 2\editplus.exe
PRC - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/06/15 00:00:56 | 000,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2006/05/11 18:47:24 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/05/11 18:46:54 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/03/09 22:30:34 | 000,630,905 | ---- | M] (Diskeeper® Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/01/31 00:11:48 | 000,192,512 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
PRC - [2004/01/02 20:25:36 | 000,110,592 | ---- | M] () -- C:\syam\system_monitor\DMCentralMgr.exe
PRC - [2004/01/02 20:23:52 | 000,110,592 | ---- | M] () -- C:\syam\jetty\DMWebSrv.exe
PRC - [2003/10/18 05:21:36 | 000,024,673 | ---- | M] () -- C:\syam\java\bin\java.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/11 15:14:09 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/10/11 15:14:09 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/10/11 09:54:50 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/10/11 09:54:50 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/09/30 11:11:39 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\Locales\en-US.dll
MOD - [2011/09/29 07:06:34 | 001,015,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/21 18:26:27 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll
MOD - [2010/11/08 11:15:40 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010/11/04 20:37:28 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
MOD - [2010/11/04 20:36:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
MOD - [2010/11/04 20:08:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
MOD - [2010/11/04 20:08:00 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
MOD - [2010/11/04 20:07:22 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
MOD - [2010/11/04 20:06:07 | 000,224,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
MOD - [2010/11/04 20:05:55 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
MOD - [2010/11/04 20:05:03 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
MOD - [2010/11/04 20:04:19 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
MOD - [2010/11/04 19:59:49 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
MOD - [2010/11/04 19:59:28 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
MOD - [2010/11/04 19:36:55 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_003b1c7a\mscorlib.dll
MOD - [2010/09/27 08:48:02 | 005,969,360 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/08/19 15:23:08 | 000,969,480 | ---- | M] () -- C:\Program Files\TechSmith\Jing\Recorder.dll
MOD - [2009/09/15 10:22:06 | 000,115,008 | ---- | M] () -- C:\Program Files\Nitro PDF\Professional\NPShellExtension.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/05/01 15:15:21 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
MOD - [2008/05/01 15:15:20 | 000,357,768 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/03/14 06:49:56 | 000,032,256 | ---- | M] () -- C:\Program Files\EditPlus 2\eppshell.dll
MOD - [2006/06/15 00:00:08 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2006/06/14 23:58:52 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll
MOD - [2006/06/13 23:45:56 | 000,039,936 | ---- | M] () -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WxEtsEula.dll
MOD - [2006/05/14 00:23:40 | 000,138,752 | ---- | M] () -- C:\Program Files\7-Zip\7-zip.dll
MOD - [2004/01/02 20:30:30 | 000,049,152 | ---- | M] () -- C:\syam\system_monitor\lib\Wrapper.dll
MOD - [2004/01/02 20:30:30 | 000,049,152 | ---- | M] () -- C:\syam\jetty\lib\Wrapper.dll
MOD - [2004/01/02 20:25:36 | 000,110,592 | ---- | M] () -- C:\syam\system_monitor\DMCentralMgr.exe
MOD - [2004/01/02 20:23:52 | 000,110,592 | ---- | M] () -- C:\syam\jetty\DMWebSrv.exe
MOD - [2003/10/18 05:21:38 | 001,208,442 | ---- | M] () -- C:\syam\java\bin\client\jvm.dll
MOD - [2003/10/18 05:21:38 | 000,057,445 | ---- | M] () -- C:\syam\java\bin\verify.dll
MOD - [2003/10/18 05:21:38 | 000,053,356 | ---- | M] () -- C:\syam\java\bin\zip.dll
MOD - [2003/10/18 05:21:38 | 000,020,582 | ---- | M] () -- C:\syam\java\bin\rmi.dll
MOD - [2003/10/18 05:21:36 | 000,098,411 | ---- | M] () -- C:\syam\java\bin\java.dll
MOD - [2003/10/18 05:21:36 | 000,057,447 | ---- | M] () -- C:\syam\java\bin\net.dll
MOD - [2003/10/18 05:21:36 | 000,028,783 | ---- | M] () -- C:\syam\java\bin\hpi.dll
MOD - [2003/10/18 05:21:36 | 000,024,673 | ---- | M] () -- C:\syam\java\bin\java.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (LMS) Intel®
SRV - File not found [Auto | Stopped] -- -- (DataSvr)
SRV - File not found [Auto | Stopped] -- -- (A1Monitor81011202355)
SRV - [2011/09/21 18:26:27 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/08 11:57:12 | 000,185,640 | ---- | M] () [On_Demand | Stopped] -- C:\Documents and Settings\todd_w\Application Data\Mikogo\B-Service.exe -- (B-Service)
SRV - [2010/06/25 13:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/15 10:20:30 | 000,188,736 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2009/09/15 10:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2009/08/20 15:34:24 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/08/04 11:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/05/01 15:15:21 | 001,245,064 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/09 20:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/11/12 21:59:54 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 08:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/06/03 02:30:56 | 000,389,120 | ---- | M] (Wave Systems Corp) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2006/05/12 00:45:14 | 000,184,320 | ---- | M] (SyAM Software, Inc.) [Auto | Stopped] -- C:\syam\system_monitor\agent\smaagent.exe -- (SMAgent)
SRV - [2006/05/11 18:46:54 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/03/09 22:30:34 | 000,630,905 | ---- | M] (Diskeeper® Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2004/01/02 20:25:36 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\syam\system_monitor\DMCentralMgr.exe -- (DMCentralMgr)
SRV - [2004/01/02 20:23:52 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\syam\jetty\DMWebSrv.exe -- (DMWebSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/07/07 10:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/25 13:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/12/15 15:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/12/15 15:29:42 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009/12/15 15:29:34 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/12/15 15:29:30 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/12/15 15:29:26 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009/05/13 09:56:28 | 000,034,080 | ---- | M] (Glance Networks, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\glancedrv.sys -- (glancedrv)
DRV - [2009/03/28 14:45:24 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2009/02/25 05:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2007/04/14 13:02:17 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006/10/18 19:32:16 | 000,011,648 | ---- | M] (SerComm) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lknucmp.sys -- (LKNUCMP)
DRV - [2006/10/18 19:32:10 | 000,011,136 | ---- | M] (SerComm) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lknuhst.sys -- (lknuhst)
DRV - [2006/10/18 19:32:04 | 000,037,248 | ---- | M] (SerComm) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lknuhub.sys -- (LKNUHUB)
DRV - [2006/10/02 19:41:34 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/01 07:43:56 | 000,043,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2006/05/26 02:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/19 18:14:00 | 000,021,504 | ---- | M] (STMicroelectronics, INC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stm_tpm.sys -- (stmtpm)
DRV - [2006/02/28 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/02/28 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2005/12/02 12:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/08/24 21:47:56 | 000,004,096 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\syam\system_monitor\agent\drivers\Caniodrvr.sys -- (caniodrvr)
DRV - [2002/02/20 03:34:18 | 000,072,576 | ---- | M] (The LinkSys Group, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netusbxp.sys -- (USBNET_XP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledItems: {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.3
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {5F260DF0-AE97-4f7c-96FE-BC87D4FBC422}:3.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.10
FF - prefs.js..keyword.URL: "http://toolbar.ask.c...3&gct=&gc=1&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@glance.net/GlanceClient: C:\Program Files\Glance26\npglance.dll (Glance Networks, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/03 07:29:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/29 07:06:36 | 000,000,000 | ---D | M]

[2008/12/13 17:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Extensions
[2011/10/09 19:08:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions
[2010/10/22 08:22:36 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/10/22 08:22:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/20 17:01:23 | 000,000,000 | ---D | M] (RSS Validator) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{5F260DF0-AE97-4f7c-96FE-BC87D4FBC422}
[2011/09/01 15:07:33 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
[2011/09/01 15:07:32 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/03/08 08:39:51 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/09/01 15:07:45 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\[email protected]
[2011/08/21 14:05:59 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\[email protected]
[2011/02/21 13:41:51 | 000,000,000 | ---D | M] ("Pencil") -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\[email protected]
[2010/01/06 16:48:32 | 000,000,000 | ---D | M] ("WebScan") -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\extensions\[email protected]
[2009/03/08 14:06:17 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\todd_w\Application Data\Mozilla\Firefox\Profiles\qa6c2cqd.default\searchplugins\ask.xml
[2011/10/09 19:08:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/17 16:26:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/17 16:26:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/17 16:26:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Ask Search (Enabled)
CHR - default_search_provider: search_url = http://toolbar.ask.c...rchTerms}&crm=1
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: Poppit = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: RSS Subscription Extension (by Google) = C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.1.3_0\

O1 HOSTS File: ([2011/10/11 15:35:36 | 000,000,719 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: :: localhost #[IPv6]
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (IE DevToolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Auto Auto EPSON Stylus Photo RX600 on Stuffsites on JUDY-LAPTOP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto EPSON Stylus Photo RX600 on JUDY-LAPTOP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto EPSON Stylus Photo RX600 on JUDYNB] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto Network EPSON Stylus Photo RX... on LOGANDESKTOP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CacheFP] C:\Program Files\Wave Systems Corp\Authentication Manager\CacheFP.exe ()
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper® Corporation)
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Epson] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus Photo RX600] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2M1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelAudioStudio] C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PSDiagnosticM] C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Remote Console] C:\syam\system_monitor\agent\winvnc.exe (RealVNC Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] sttray.exe File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TurboTax 2008] K:\TurboTax 2008\TurboTax 2008 Installer.exe File not found
O4 - HKLM..\Run: [Virtual PDF Printer] C:\Program Files\Virtual PDF Printer\VirtualPDFPrinter.exe File not found
O4 - HKCU..\Run: [19BE8C9F4AE8F4D58127F4E190BB612E5D621DF4._service_run] C:\Documents and Settings\todd_w\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\457\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe (Wave Systems Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Glance.lnk = C:\Program Files\Glance26\Glance.exe (Glance Networks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\todd_w\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\todd_w\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\todd_w\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/03/20 17:37:57 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2007/03/20 17:37:57 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2007/03/20 17:37:57 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2007/03/20 17:37:57 | 000,000,000 | ---D | M]
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} https://photos.ritea...PhotoOnline.cab (Rite Aid One Hour Photo Online Control)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15A8EAB1-E1DA-442C-ABB3-D0FC29102493}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD9D7F87-409C-45BA-B1E7-769787C49C9A}: DhcpNameServer = 24.247.24.53 24.247.15.53
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O20 - AppInit_DLLs: (wxvault.dll) -C:\WINDOWS\System32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\todd_w\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\todd_w\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (wvauth) -C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/02 18:23:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/02/22 18:48:45 | 000,045,015 | ---- | M] () - C:\auto_news.jpg -- [ NTFS ]
O33 - MountPoints2\{0dd2c0ab-cebd-11de-b8f9-001676d3aa61}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{1ba38c53-ee2d-11dd-b8c4-001676d3aa61}\Shell - "" = AutoRun
O33 - MountPoints2\{1ba38c53-ee2d-11dd-b8c4-001676d3aa61}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1ba38c53-ee2d-11dd-b8c4-001676d3aa61}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{2074ed5b-1b4f-11de-b8cd-001676d3aa61}\Shell\AutoRun\command - "" = J:\.\EncryptionTool\MaxtorEncryption.exe
O33 - MountPoints2\{321f2d93-d72b-11db-b84b-0006251a0668}\Shell - "" = AutoRun
O33 - MountPoints2\{321f2d93-d72b-11db-b84b-0006251a0668}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{321f2d93-d72b-11db-b84b-0006251a0668}\Shell\AutoRun\command - "" = J:\LaunchU3.exe
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/11 09:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\todd_w\Application Data\SUPERAntiSpyware.com
[2011/10/11 09:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/10/11 09:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/10/11 09:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/11 08:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\todd_w\Desktop\HostsXpert
[2011/10/10 13:54:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\todd_w\Application Data\Malwarebytes
[2011/10/10 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 13:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/10 13:53:55 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/10 13:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/07 09:37:04 | 000,000,000 | ---D | C] -- C:\evo_phone
[2011/10/05 16:38:53 | 000,034,080 | ---- | C] (Glance Networks, Inc) -- C:\WINDOWS\System32\drivers\glancedrv.sys
[2011/10/05 16:38:53 | 000,033,824 | ---- | C] (Glance Networks, Inc) -- C:\WINDOWS\System32\glancedrv.dll
[2011/10/05 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Glance26
[2011/10/05 16:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Glance
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/11 15:36:30 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-731781172-1896487735-3647571899-1005UA.job
[2011/10/11 15:35:36 | 000,000,719 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/11 15:13:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/11 15:12:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/11 10:55:54 | 000,001,866 | -H-- | M] () -- C:\Documents and Settings\todd_w\My Documents\Default.rdp
[2011/10/11 10:46:40 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\todd_w\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/10/11 09:54:13 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/11 08:46:44 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\todd_w\Desktop\HostsXpert.zip
[2011/10/11 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-TODD-todd_w.job
[2011/10/10 21:36:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-731781172-1896487735-3647571899-1005Core.job
[2011/10/10 13:53:59 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/10 10:54:10 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\prvlcl.dat
[2011/10/10 10:48:25 | 000,001,392 | -HS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2011/10/10 10:00:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Internet Explorer.job
[2011/10/10 08:43:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/05 16:38:57 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Glance.lnk
[2011/10/05 16:38:57 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Glance.lnk
[2011/10/05 09:40:59 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/10/05 09:40:59 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/10/05 04:40:48 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\todd_w\Desktop\Google Chrome.lnk
[2011/10/05 04:40:48 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\todd_w\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/01 13:53:12 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\PUTTY.RND
[2011/09/28 05:08:00 | 001,499,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/19 11:44:27 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\etc\*.tmp files -> C:\WINDOWS\System32\drivers\etc\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/11 10:46:40 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\todd_w\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/10/11 09:54:13 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/11 08:46:44 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\todd_w\Desktop\HostsXpert.zip
[2011/10/10 13:53:59 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/05 16:38:57 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Glance.lnk
[2011/10/05 16:38:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Glance.lnk
[2011/10/05 09:40:59 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/10/05 09:40:59 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/07/27 07:00:09 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/12/06 13:40:20 | 000,153,593 | ---- | C] () -- C:\Program Files\Dreamweaver CS5 Read Me.pdf
[2010/12/06 13:40:15 | 013,973,940 | ---- | C] () -- C:\Program Files\Dreamweaver CS5 Help.pdf
[2010/11/04 20:09:12 | 000,322,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/23 08:16:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\prvlcl.dat
[2010/07/23 11:03:59 | 000,037,202 | ---- | C] () -- C:\Documents and Settings\todd_w\Application Data\Comma Separated Values (DOS).ADR
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/02/17 14:07:17 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2009/11/21 12:56:34 | 000,000,105 | ---- | C] () -- C:\WINDOWS\mapiuid.ini
[2009/10/28 10:32:37 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/10/28 10:32:37 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/10/28 10:31:39 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/10/28 10:31:39 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/10/28 10:31:38 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/10/26 08:45:30 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/07/22 11:08:20 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/17 10:13:30 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2008/06/03 18:19:38 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\todd_w\Application Data\$_hpcst$.hpc
[2008/06/02 15:51:07 | 000,004,825 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2008/03/26 15:41:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\virport.dll
[2008/03/10 10:19:20 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\PUTTY.RND
[2007/12/12 12:19:52 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.todd_w.ini
[2007/10/11 20:23:48 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\smtpvn2.dll
[2007/08/09 13:58:22 | 000,943,104 | ---- | C] () -- C:\WINDOWS\System32\semtempl.dll
[2007/08/09 13:58:22 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\arcdll.dll
[2007/08/09 13:58:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\hashfunc.dll
[2007/05/10 11:36:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/04/23 10:22:32 | 000,001,277 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/23 10:15:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/03/27 09:00:04 | 000,037,188 | ---- | C] () -- C:\Documents and Settings\todd_w\Application Data\Microsoft Excel.ADR
[2007/03/26 17:18:48 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/03/21 04:09:35 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/21 04:09:35 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\fusioncache.dat
[2007/03/21 04:09:35 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\todd_w\Local Settings\Application Data\.user_keys.dat
[2007/03/20 17:29:30 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2007/03/20 17:27:29 | 000,000,196 | ---- | C] () -- C:\WINDOWS\EPSONRX600.ini
[2007/03/20 16:52:48 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/03 15:30:24 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2006/10/03 15:16:18 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/10/03 15:15:55 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/10/03 15:15:55 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/10/03 15:15:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/10/03 15:14:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/10/03 15:14:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/10/03 15:12:53 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/10/03 15:12:07 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/10/02 21:31:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/02 21:09:11 | 000,000,426 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/10/02 19:30:46 | 000,000,008 | ---- | C] () -- C:\WINDOWS\key_registry.dat
[2006/10/02 19:25:24 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/10/02 19:25:24 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/10/02 18:39:45 | 000,348,880 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2006/10/02 18:39:45 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4618.dll
[2006/10/02 18:25:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/10/02 18:21:25 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/10/02 14:18:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/10/02 14:17:15 | 001,499,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/15 00:00:08 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2006/06/14 23:58:52 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2006/06/08 17:08:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_en.dll
[2006/06/08 16:56:06 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2006/06/08 16:55:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2006/06/08 16:55:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2006/06/08 16:55:12 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2006/06/08 16:54:54 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2006/06/08 16:54:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2006/06/08 16:54:18 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2006/06/08 16:54:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2006/06/08 16:53:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2006/06/08 16:53:20 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2006/06/02 17:43:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2006/02/28 15:00:00 | 000,491,512 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 15:00:00 | 000,088,762 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/09/20 20:36:06 | 000,798,720 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2005/03/07 20:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll
[2005/03/07 20:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll
[2005/03/07 20:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll
[2005/03/07 20:30:46 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll
[2005/03/07 20:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll
[2005/03/07 20:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll
[2005/03/07 20:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll
[2005/03/07 20:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll
[2004/07/21 22:03:14 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/07/20 21:27:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2002/04/19 21:03:52 | 000,004,514 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/04/19 21:03:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[1999/11/15 04:29:18 | 000,155,702 | ---- | C] () -- C:\WINDOWS\System32\Win2Kinstall.exe
[1999/11/05 01:44:28 | 000,155,728 | ---- | C] () -- C:\WINDOWS\System32\win2kuninst.exe
[1999/05/16 23:08:54 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\InstDrv.exe
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2011/03/15 08:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/08/20 15:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2010/06/22 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\f-secure
[2010/06/30 10:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySecureBackup
[2010/12/14 09:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2010/11/23 14:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL_old
[2009/10/31 13:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2010/12/06 13:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2006/10/02 19:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2011/07/15 09:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Artisteer
[2009/09/15 12:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Dimdim
[2009/10/31 13:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Downloaded Installations
[2011/10/11 15:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Dropbox
[2010/12/02 13:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\EditPlus 2
[2007/04/26 23:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\EPSON
[2007/08/14 09:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\FileMaker
[2009/03/08 08:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Foxit
[2009/10/26 08:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\gpdf2swf
[2007/03/20 17:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Leadertech
[2011/07/08 11:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Mikogo
[2009/10/19 23:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Moyea
[2009/07/29 06:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\MySecureBackup
[2011/10/01 14:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Nitro PDF
[2010/12/23 12:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Notepad++
[2007/04/30 16:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Opera
[2006/10/02 19:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\SampleView
[2008/05/28 15:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\SmartDraw
[2008/10/08 19:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Snapfish
[2011/03/07 11:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\SQL Maestro Group
[2010/12/28 14:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\TeamViewer
[2009/12/25 10:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\VirtualStore
[2011/10/10 10:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Wave Systems Corp
[2010/11/24 17:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\todd_w\Application Data\Wireshark
[2011/10/10 10:00:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\Internet Explorer.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/08/20 15:54:59 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2010/04/07 14:24:50 | 000,035,374 | ---- | M] () -- C:\ASLog.txt
[2009/11/23 13:11:13 | 000,000,000 | ---- | M] () -- C:\asoutput.log
[2006/10/02 18:23:53 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/02/22 18:48:45 | 000,045,015 | ---- | M] () -- C:\auto_news.jpg
[2008/01/21 13:59:58 | 004,114,932 | ---- | M] () -- C:\bm-20-unix.zip
[2008/01/22 12:51:27 | 004,112,544 | ---- | M] () -- C:\bm-20-win.zip
[2007/05/14 21:57:09 | 002,992,091 | ---- | M] () -- C:\bm1-3-7a_VvK_OLD_BM.zip
[2007/03/21 04:09:25 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2007/06/15 16:51:14 | 000,000,103 | ---- | M] () -- C:\BootErr.log
[2006/10/02 18:23:53 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/10/02 18:23:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/11/26 08:57:58 | 009,867,062 | ---- | M] () -- C:\ioncube_encoder5_6.5.zip
[2007/11/26 08:58:53 | 004,804,194 | ---- | M] () -- C:\ipfoundry_3.0.zip
[2008/01/15 10:17:44 | 002,824,792 | ---- | M] () -- C:\Joomla_1.0.12-Stable-Full_Package.zip
[2006/10/02 18:23:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/28 15:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/04 11:45:22 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2007/09/23 15:28:00 | 001,128,071 | ---- | M] () -- C:\orchidLinks_fullSource_2007.09.22.zip
[2011/10/11 15:12:31 | 1585,446,912 | -HS- | M] () -- C:\pagefile.sys
[2007/09/20 12:13:14 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2008/10/08 15:49:11 | 003,263,957 | ---- | M] () -- C:\phpMyAdmin-3.0.0-all-languages.zip
[2007/10/16 06:52:00 | 001,690,758 | ---- | M] () -- C:\powerClassifieds_2007.10.15.zip
[2007/09/23 15:23:00 | 002,057,781 | ---- | M] () -- C:\powerClassifieds_fullSource_2007.09.22.zip
[2007/03/25 09:42:55 | 002,620,138 | ---- | M] () -- C:\Scan_folder.zip
[2007/02/28 22:58:24 | 000,000,813 | R--- | M] () -- C:\setup.iss
[2008/02/07 12:44:55 | 000,000,186 | ---- | M] () -- C:\setup.log
[2009/06/17 19:05:39 | 000,005,120 | -HS- | M] () -- C:\Thumbs.db
[2008/10/22 13:57:57 | 000,681,784 | ---- | M] (Microsoft Corporation) -- C:\WindowsXP-KB914440-v12-x86-ENU.exe
[2007/03/20 17:37:27 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/02/28 08:00:00 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/01/14 19:26:21 | 000,001,674 | -H-- | M] () -- C:\Documents and Settings\todd_w\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2010/04/02 05:50:48 | 013,973,940 | ---- | M] () -- C:\Program Files\Dreamweaver CS5 Help.pdf
[2010/04/02 05:50:48 | 000,153,593 | ---- | M] () -- C:\Program Files\Dreamweaver CS5 Read Me.pdf

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/10/02 14:16:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/10/02 14:16:29 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/10/02 14:16:29 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-05 00:08:53

< End of report >



Thanks in advance :)
  • 0

Advertisements

#2
adman4054
Posted 18 October 2011 - 07:48 AM

adman4054

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hello,

I ended up replacing the HD, it was overdue. Please mark this as closed and keep up the good work, you guys help a lot of people and although we didn't connect on this one, you have helped me in the past, thanks!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP