Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible after effects of serious virus

Started by jss10 , Dec 06 2011 10:12 PM

  • Please log in to reply

#1
jss10
Posted 06 December 2011 - 10:12 PM

jss10

    Member

  • Member
  • PipPip
  • 40 posts
Hi. I admit that this is kind of a precautionary post, but I take this stuff very seriously so I thought I'd be worth it. Last week my computer somehow picked up some pretty massive virus. I couldn't even get to my desktop, and I had to bring it into a local shop. They told me the hard drive was dying, and that it would have to be cloned if I didn't want to reinstall the OS (which I didn't). Once they did so, they discovered that although the hard drive WAS dying, it also had this virus on it.

After another day, they say they cleaned it, and things certainly do look much better. However, there are a certain few strange behaviors that have caught my attention. For example, you know how in a Windows folder (My Pictures, for example), you can choose between various "views" such as Thumbnails, Tiles, Icons, etc.? Well, I keep setting some folders on Tiles, but when I go back later, it's switched to Thumbnails. Basically, I just don't like it when my computer makes changes on its own! I know that this in and of itself isn't a huge deal, but again, I'm just wondering if there's something still messing with the system.

With all of that having been said, I'll paste my OTL file below. If it looks clean, great. But if something looks wrong, I'll obviously go through the procedure. Thanks!

OTL logfile created on: 12/6/2011 10:53:15 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jordan Solomon\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.03% Memory free
3.85 Gb Paging File | 2.96 Gb Available in Paging File | 76.77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 371.10 Gb Free Space | 79.68% Space Free | Partition Type: NTFS

Computer Name: JORDAN-B44B7F29 | User Name: Jordan Solomon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/06 22:52:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jordan Solomon\Desktop\OTL.exe
PRC - [2011/06/08 09:45:44 | 000,822,456 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2010/04/03 11:55:18 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/02/10 08:57:36 | 000,676,520 | ---- | M] () -- C:\Program Files\Dell V505\dldwmon.exe
PRC - [2010/02/10 08:57:32 | 000,025,256 | ---- | M] () -- C:\Program Files\Dell V505\dldwmsdmon.exe
PRC - [2009/07/24 16:04:12 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\dldwcoms.exe
PRC - [2009/04/08 09:54:34 | 005,168,128 | ---- | M] (Worden Brothers Inc.) -- C:\Program Files\TeleChart.exe
PRC - [2008/12/08 22:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2008/12/08 21:42:34 | 001,443,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2008/12/08 21:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2008/11/06 06:42:59 | 000,054,568 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\shellmon.exe
PRC - [2008/11/06 06:42:59 | 000,039,208 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\waol.exe
PRC - [2008/08/14 14:45:52 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2008/08/14 14:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/07/10 00:51:06 | 000,095,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1230403542\ee\aolsoftware.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe


========== Modules (No Company Name) ==========

MOD - [2010/02/10 08:57:36 | 000,676,520 | ---- | M] () -- C:\Program Files\Dell V505\dldwmon.exe
MOD - [2010/02/10 08:57:32 | 000,025,256 | ---- | M] () -- C:\Program Files\Dell V505\dldwmsdmon.exe
MOD - [2010/01/21 05:09:30 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell V505\app4r.monitor.core.dll
MOD - [2010/01/21 05:09:30 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell V505\app4r.monitor.common.dll
MOD - [2010/01/21 05:08:34 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell V505\app4r.devmons.mcmdevmon.dll
MOD - [2009/07/23 14:52:40 | 001,036,288 | ---- | M] () -- C:\WINDOWS\system32\dldwdrs.dll
MOD - [2009/07/23 14:52:40 | 001,036,288 | ---- | M] () -- C:\Program Files\Dell V505\dldwdrs.dll
MOD - [2009/07/23 14:51:56 | 000,380,928 | ---- | M] () -- C:\Program Files\Dell V505\dldwscw.dll
MOD - [2009/07/02 07:41:44 | 000,163,328 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldwdrui.dll
MOD - [2009/07/02 07:41:16 | 000,155,648 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldwdrpp.dll
MOD - [2009/05/27 03:59:58 | 000,811,008 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldwptpc.dll
MOD - [2009/05/14 06:23:14 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDWPMON.DLL
MOD - [2009/05/14 06:22:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell V505\ipcmt.dll
MOD - [2009/05/13 09:50:52 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\dldwcaps.dll
MOD - [2009/05/13 09:50:52 | 000,081,920 | ---- | M] () -- C:\Program Files\Dell V505\dldwcaps.dll
MOD - [2009/05/13 09:48:00 | 000,151,552 | ---- | M] () -- C:\Program Files\Dell V505\dldwmonr.dll
MOD - [2009/03/25 22:12:06 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldwprpr.dll
MOD - [2009/02/20 13:06:53 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/02/20 11:54:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/02/20 11:54:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/02/20 11:54:29 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/02/20 11:52:45 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/02/20 11:52:35 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2008/11/06 06:42:59 | 000,081,920 | ---- | M] () -- C:\Program Files\AOL 9.1\xmltok.dll
MOD - [2008/11/06 06:42:59 | 000,053,248 | ---- | M] () -- C:\Program Files\AOL 9.1\xmlparse.dll
MOD - [2008/11/06 06:42:59 | 000,045,056 | ---- | M] () -- C:\Program Files\AOL 9.1\zlib.dll
MOD - [2008/07/10 00:51:14 | 004,214,272 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libffmpeg_plugin.dll
MOD - [2008/07/10 00:51:14 | 002,763,264 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libwxwidgets_plugin.dll
MOD - [2008/07/10 00:51:14 | 001,839,616 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2008/07/10 00:51:14 | 001,171,456 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,205,312 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libflacdec_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,194,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,179,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,111,616 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblibmpeg2_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,107,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,092,160 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvout_directx_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,023,040 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvcd_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,020,480 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,012,800 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,009,728 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblinear_resampler_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,008,704 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,008,192 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,680 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,680 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfixed32tofloat32_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtrivial_mixer_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libs16tofixed32_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfloat32tos16_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfixed32tos16_plugin.dll
MOD - [2008/07/10 00:51:14 | 000,006,656 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspdif_mixer_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,290,816 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,205,312 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,148,992 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,118,784 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,059,392 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,040,448 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,023,040 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,021,504 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,018,432 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,013,824 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libcinepak_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,013,312 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaccess_directory_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,012,800 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,012,288 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaccess_file_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,010,752 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,010,752 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,010,240 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,007,680 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2008/07/10 00:51:12 | 000,006,656 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2008/07/10 00:51:08 | 003,072,512 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2008/07/10 00:51:06 | 000,095,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
MOD - [2008/04/25 01:44:40 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLDWcfg.dll
MOD - [2008/04/25 01:44:40 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell V505\DLDWcfg.dll
MOD - [2008/03/25 03:53:10 | 000,012,288 | ---- | M] () -- C:\Program Files\Dell V505\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2008/03/10 06:30:50 | 000,188,416 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldwdatr.dll
MOD - [2008/02/26 14:24:06 | 000,069,632 | ---- | M] () -- C:\Program Files\Dell V505\dldwcnv4.dll
MOD - [2008/01/28 06:38:56 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\dldwoem.dll
MOD - [2007/03/26 02:39:36 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldwcats.dll
MOD - [2006/08/22 04:05:26 | 000,498,742 | ---- | M] () -- C:\WINDOWS\system32\dxmasf.dll
MOD - [2004/08/04 07:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
MOD - [2003/08/02 23:24:01 | 000,192,512 | R--- | M] () -- C:\Program Files\SpywareGuard\dlprotect.dll
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/07/24 16:04:12 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldwcoms.exe -- (dldw_device)
SRV - [2009/07/24 16:04:06 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldwserv.exe -- (dldwCATSCustConnectService)
SRV - [2008/12/08 22:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/12/08 21:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2008/12/08 21:01:28 | 000,320,840 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2008/08/14 14:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/08/14 14:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/06/30 16:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/12/06 14:34:43 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/11/08 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/08 04:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/18 06:09:40 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111206.002\navex15.sys -- (NAVEX15)
DRV - [2011/10/18 06:09:40 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111206.002\naveng.sys -- (NAVENG)
DRV - [2009/01/14 02:14:01 | 003,455,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/11/18 18:17:08 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/10/13 12:31:46 | 000,319,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/10/13 12:31:46 | 000,279,600 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/10/13 12:31:46 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/08/21 11:13:56 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/08/21 11:13:56 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/06/16 16:53:14 | 000,420,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/09/20 06:07:40 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/09/20 06:07:38 | 000,053,632 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/09/11 04:23:22 | 004,614,656 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/07/07 02:13:10 | 000,012,032 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/05/31 02:19:22 | 000,096,896 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006/03/01 20:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2005/05/06 14:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2005/05/06 14:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2005/05/06 14:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=11: C:\Program Files\Google\Google Updater\2.1.886.21021\npCIDetect11.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/10 09:44:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/02 16:39:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2010/04/03 12:01:26 | 000,000,000 | ---D | M]

[2009/01/02 17:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jordan Solomon\Application Data\Mozilla\Extensions
[2011/12/02 13:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jordan Solomon\Application Data\Mozilla\Firefox\Profiles\f69fi6vv.default\extensions
[2011/11/11 07:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/09 08:41:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/11/10 09:44:27 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/12/27 13:47:00 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011/11/10 09:44:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 09:44:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/12/03 13:00:44 | 000,438,048 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15093 more lines...
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {2E5E800E-6AC0-411E-940A-369530A35E43} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Dell Toolbar) - {09B71986-2AC5-482D-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Dell Toolbar) - {09B71986-2AC5-482D-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell V505 Fax Server] C:\Program Files\Dell V505\fm3032.exe ()
O4 - HKLM..\Run: [dldwamon] C:\Program Files\Dell V505\dldwamon.exe ()
O4 - HKLM..\Run: [dldwmon.exe] C:\Program Files\Dell V505\dldwmon.exe ()
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Documents and Settings\Jordan Solomon\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Favorites Search - {FF925300-80E6-11D4-A15B-FFF9086C1A3C} - C:\Program Files\DzSoft\Favorites Search\FavSeek.dll (DzSoft Ltd)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1230402208544 (WUWebControl Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...ine/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.130 167.206.251.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42C0BEBA-96F1-4872-873D-8591929E62B6}: DhcpNameServer = 167.206.251.129 167.206.251.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{794E1C2E-0F0B-4B14-84A7-C1DEB1F25731}: DhcpNameServer = 167.206.251.130 167.206.251.129
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jordan Solomon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jordan Solomon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/28 02:06:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/06 22:52:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jordan Solomon\Desktop\OTL.exe
[2011/12/06 16:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/12/06 14:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Toolbar
[2011/12/06 14:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\Dell V505
[2011/12/06 14:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Printers
[2011/12/06 14:22:36 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwserv.dll
[2011/12/06 14:22:36 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwusb1.dll
[2011/12/06 14:22:36 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwpmui.dll
[2011/12/06 14:22:36 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwlmpm.dll
[2011/12/06 14:22:36 | 000,446,464 | ---- | C] ( ) -- C:\WINDOWS\System32\DLDWhcp.dll
[2011/12/06 14:22:36 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwinpa.dll
[2011/12/06 14:22:36 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwiesc.dll
[2011/12/06 14:22:35 | 000,761,856 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwcomc.dll
[2011/12/06 14:22:35 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwhbn3.dll
[2011/12/06 14:22:35 | 000,594,600 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwcoms.exe
[2011/12/06 14:22:35 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwcomm.dll
[2011/12/06 14:22:35 | 000,369,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwcfg.exe
[2011/12/06 14:22:35 | 000,328,360 | ---- | C] ( ) -- C:\WINDOWS\System32\dldwih.exe
[2011/12/03 13:08:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jordan Solomon\Desktop\Tech Connect
[2011/12/03 12:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/03 12:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jordan Solomon\Application Data\TeamViewer
[2011/12/03 12:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/12/03 12:39:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/03 12:39:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cookies
[2011/12/03 12:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Cookies
[2011/12/03 12:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temporary Internet Files
[2011/12/03 12:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Recent
[2011/12/03 12:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jordan Solomon\Recent
[2011/12/03 12:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Recent
[2011/12/03 12:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\History
[2011/12/02 17:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/02 17:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/12/02 17:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/12/02 17:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/12/02 17:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/02 17:28:39 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/02 17:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/02 17:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/12/02 17:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/12/02 17:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/12/02 17:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/12/02 17:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jordan Solomon\Local Settings\Application Data\Adobe
[2011/12/02 17:26:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/02 13:53:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/12/02 13:07:13 | 000,000,000 | ---D | C] -- C:\found.000
[2011/12/02 12:59:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/02 12:59:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/02 12:59:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/02 12:59:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/02 12:59:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/02 12:58:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/02 12:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/02 12:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jordan Solomon\Start Menu\Programs\CleanUp!
[2011/12/02 12:51:26 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2011/11/28 15:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jordan Solomon\Application Data\6F411BF1
[2010/08/02 12:44:56 | 000,785,920 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBChat.ocx
[2010/08/02 12:44:55 | 004,515,328 | ---- | C] (WBI) -- C:\Program Files\SFServer.dll
[2010/08/02 12:44:55 | 000,103,424 | ---- | C] (Worden Bros) -- C:\Program Files\AutoLabelN.ocx
[2010/08/02 12:44:55 | 000,060,416 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBCoolB3.ocx
[2010/08/02 12:44:55 | 000,054,784 | ---- | C] (Dell Computer Corporation) -- C:\Program Files\WBScroll.ocx
[2010/08/02 12:44:55 | 000,019,968 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBSplit.ocx
[2010/08/02 12:44:55 | 000,015,872 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBHandle.ocx
[2010/08/02 12:44:54 | 000,102,912 | ---- | C] (Worden Bros) -- C:\Program Files\TC2000Dev.dll
[2010/08/02 12:44:54 | 000,095,232 | ---- | C] (WBI Inc.) -- C:\Program Files\WBChartH.ocx
[2010/08/02 12:44:54 | 000,092,672 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBIFileTransfer.dll
[2010/08/02 12:44:54 | 000,084,480 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBList.ocx
[2010/08/02 12:44:54 | 000,078,336 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBCoolBar.ocx
[2010/08/02 12:44:54 | 000,060,416 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBCoolB.ocx
[2010/08/02 12:44:54 | 000,046,592 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\WBChart.ocx
[2010/08/02 12:44:54 | 000,033,280 | ---- | C] (Worden Brothers, Inc.) -- C:\Program Files\UploadWP.exe
[2010/08/02 12:44:54 | 000,024,064 | ---- | C] (WBI) -- C:\Program Files\ZipUtil.exe
[2010/08/02 12:44:54 | 000,020,992 | ---- | C] (wbi) -- C:\Program Files\WBIMediaPlayer.dll
[2010/08/02 12:44:54 | 000,019,968 | ---- | C] (Worden Bros) -- C:\Program Files\TCWatchListReader.dll
[2010/08/02 12:44:54 | 000,013,312 | ---- | C] (Worden Brothers Inc) -- C:\Program Files\RemProg.exe
[2010/08/02 12:44:51 | 005,168,128 | ---- | C] (Worden Brothers Inc.) -- C:\Program Files\TeleChart.exe
[2010/08/02 12:44:50 | 000,118,272 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\Program Files\Qpro32.dll
[2010/08/02 12:44:50 | 000,037,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Regsvr32.exe
[2009/04/03 17:57:14 | 000,436,224 | ---- | C] (Irfan Skiljan) -- C:\Program Files\i_view32.exe
[2009/04/03 17:56:58 | 001,618,664 | ---- | C] (Connected Software, Inc.) -- C:\Program Files\ePreserver.exe

========== Files - Modified Within 30 Days ==========

[2011/12/06 22:52:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jordan Solomon\Desktop\OTL.exe
[2011/12/06 18:50:01 | 000,002,321 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\TCScan+.lnk
[2011/12/06 14:45:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/06 14:34:44 | 000,010,563 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/12/06 14:34:44 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/12/06 14:34:43 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/12/06 14:34:43 | 000,060,800 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/12/06 14:31:25 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dell Imaging Toolbox - V505.LNK
[2011/12/06 14:26:16 | 000,141,122 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011/12/05 23:47:33 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/05 14:49:58 | 000,002,324 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/12/05 14:49:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/04 21:44:41 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/04 19:47:32 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Microsoft Office Word 2007.lnk
[2011/12/04 13:21:42 | 000,000,071 | ---- | M] () -- C:\Program Files\i_view32.ini
[2011/12/04 13:19:56 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\The Weather Channel Desktop.lnk
[2011/12/04 00:30:55 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Bracket Trader.lnk
[2011/12/03 23:11:54 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show desktop.scf
[2011/12/03 16:44:07 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\CCleaner.lnk
[2011/12/03 14:44:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Firefox.lnk
[2011/12/03 14:43:59 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/12/03 14:43:56 | 000,000,644 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL.lnk
[2011/12/03 13:49:44 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Firefox.lnk
[2011/12/03 13:46:54 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Defragler.lnk
[2011/12/03 13:38:08 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Microsoft Office Excel 2007.lnk
[2011/12/03 13:37:27 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\TeleChart.lnk
[2011/12/03 13:13:12 | 000,000,644 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\AOL.lnk
[2011/12/03 13:00:44 | 000,438,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/03 12:50:27 | 000,438,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111203-130044.backup
[2011/12/02 17:51:41 | 000,438,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111203-125027.backup
[2011/12/02 17:50:51 | 000,438,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111202-175141.backup
[2011/12/02 17:48:12 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/02 13:22:13 | 000,457,910 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/02 13:22:12 | 000,076,054 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/02 13:20:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111202-175051.backup
[2011/12/02 13:09:24 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/02 12:59:45 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/02 11:34:58 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/12/02 11:34:58 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/11/20 20:14:36 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\Desktop\CorrelScan.lnk
[2011/11/14 10:10:45 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Jordan Solomon\My Documents\Default.rdp

========== Files Created - No Company Name ==========

[2011/12/06 14:31:25 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dell Imaging Toolbox - V505.LNK
[2011/12/06 14:25:41 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldwvs.dll
[2011/12/06 14:25:30 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldwcoin.dll
[2011/12/06 14:25:22 | 000,072,625 | ---- | C] () -- C:\WINDOWS\System32\dldwprpr.chm
[2011/12/06 14:24:45 | 001,036,288 | ---- | C] () -- C:\WINDOWS\System32\dldwdrs.dll
[2011/12/06 14:24:45 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldwcaps.dll
[2011/12/06 14:24:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldwcnv4.dll
[2011/12/06 14:24:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\dldwoem.dll
[2011/12/06 14:24:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDWPMON.DLL
[2011/12/06 14:24:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDWFXPU.DLL
[2011/12/06 14:23:08 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\DLDWwupd.dll
[2011/12/06 14:23:08 | 000,017,064 | ---- | C] () -- C:\WINDOWS\System32\DLDWwupd.exe
[2011/12/06 14:22:36 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\dldwutil.dll
[2011/12/06 14:22:36 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\DLDWinst.dll
[2011/12/06 14:22:36 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\dldwinsb.dll
[2011/12/06 14:22:36 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldwins.dll
[2011/12/06 14:22:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\dldwjswr.dll
[2011/12/06 14:22:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldwinsr.dll
[2011/12/06 14:22:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldwgrd.dll
[2011/12/06 14:22:35 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldwcub.dll
[2011/12/06 14:22:35 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\DLDWcfg.dll
[2011/12/06 14:22:35 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldwcu.dll
[2011/12/06 14:22:35 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldwcur.dll
[2011/12/06 14:22:35 | 000,001,957 | ---- | C] () -- C:\WINDOWS\System32\dldw.loc
[2011/12/06 13:54:32 | 000,001,563 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Set Program Access and Defaults.lnk
[2011/12/06 13:54:32 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Update.lnk
[2011/12/06 13:54:32 | 000,000,398 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Catalog.lnk
[2011/12/04 13:21:42 | 000,000,071 | ---- | C] () -- C:\Program Files\i_view32.ini
[2011/12/04 13:19:56 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\The Weather Channel Desktop.lnk
[2011/12/03 23:11:54 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show desktop.scf
[2011/12/03 16:44:07 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\CCleaner.lnk
[2011/12/03 14:44:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Firefox.lnk
[2011/12/03 14:43:59 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/12/03 14:43:56 | 000,000,644 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL.lnk
[2011/12/03 13:49:44 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Firefox.lnk
[2011/12/03 13:46:54 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\Defragler.lnk
[2011/12/03 13:37:27 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\TeleChart.lnk
[2011/12/03 13:13:12 | 000,000,644 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Desktop\AOL.lnk
[2011/12/02 17:30:36 | 000,002,324 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/12/02 12:59:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/02 12:59:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/02 12:59:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/02 12:59:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/02 12:59:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/23 13:03:58 | 001,846,075 | ---- | C] () -- C:\Program Files\ProcessExplorer.zip
[2011/07/29 14:09:32 | 000,021,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/15 18:25:51 | 000,001,225 | ---- | C] () -- C:\Program Files\GoMeetNow.lnk
[2011/06/09 08:11:12 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/09 08:11:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/10/28 23:22:25 | 000,158,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/02 12:44:50 | 000,074,752 | ---- | C] () -- C:\Program Files\TCPatch.exe
[2010/08/02 12:44:50 | 000,006,783 | ---- | C] () -- C:\Program Files\Disclaim.rtf
[2010/08/02 12:44:50 | 000,002,518 | ---- | C] () -- C:\Program Files\DftL.def
[2009/09/24 20:43:11 | 000,000,809 | ---- | C] () -- C:\Program Files\STC Series 7.lnk
[2009/08/28 17:29:26 | 000,005,772 | ---- | C] () -- C:\Program Files\AUDTEST.WAV
[2009/08/28 17:28:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\asym.ini
[2009/04/22 20:14:07 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/02/20 11:56:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/02/20 11:42:32 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/01/13 23:05:09 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/01/13 23:05:09 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/01/13 23:05:09 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/01/07 17:05:58 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008/12/28 02:13:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/12/28 02:07:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/28 02:03:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/27 20:59:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/27 20:56:22 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/27 18:32:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/12/27 17:39:00 | 000,000,042 | ---- | C] () -- C:\WINDOWS\ib.ini
[2008/12/27 17:38:58 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2008/12/27 15:35:12 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Jordan Solomon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/27 15:08:57 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarIe7.dll
[2008/12/27 15:08:57 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarBho.dll
[2008/12/27 13:36:36 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/11 10:32:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\NtDirect.dll
[2008/10/29 17:13:33 | 000,180,720 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/10/21 12:40:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/10/21 12:40:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/01/31 17:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2007/10/04 03:14:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/10/04 03:14:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/10/04 03:14:00 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/10/04 03:14:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/10/04 03:14:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/10/04 03:14:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/04 03:14:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/10/04 03:14:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/10/04 03:14:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/08/29 10:39:50 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ZlibOCX2.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,457,910 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 07:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/04 07:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/04 07:00:00 | 000,076,054 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/07/24 17:26:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\GSMessageBox.dll
[1998/06/13 21:53:26 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL

========== LOP Check ==========

[2009/02/25 09:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1stWorks
[2008/12/27 13:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2011/12/02 17:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/29 14:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/04/03 12:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011/12/03 12:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/09 18:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\V505
[2009/09/09 18:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\V505 Series
[2008/12/27 13:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/11/28 15:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\6F411BF1
[2008/12/27 14:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\948 Series
[2009/06/30 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Any Video Converter
[2010/08/02 13:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\BlocksDataDownloader
[2011/10/05 13:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Five9
[2008/12/27 13:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Foxit
[2011/12/02 18:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\GoMeetNow
[2011/06/11 22:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\IrfanView
[2011/08/07 11:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Sammsoft
[2009/09/03 11:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Software Defender
[2011/12/03 12:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\TeamViewer
[2008/12/27 13:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Thinstall
[2011/12/06 14:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\V505 Series
[2009/01/15 09:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Viewpoint
[2010/08/02 13:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jordan Solomon\Application Data\Worden Brothers, Inc
[2011/12/02 13:09:24 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/08/10 11:09:18 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP