[elefemy]

All my files are hidden as well as my program. I was getting several error messages that I'm unsure what they mean. Any help is appreciated.

OTL logfile created on: 5/30/2012 11:03:18 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.45 Gb Total Physical Memory | 3.04 Gb Available Physical Memory | 88.13% Memory free
7.30 Gb Paging File | 7.08 Gb Available in Paging File | 97.10% Paging File free
Paging file location(s): D:\pagefile.sys 5302 5302 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 55.11 Gb Free Space | 73.94% Space Free | Partition Type: NTFS
Drive D: | 74.48 Gb Total Space | 64.93 Gb Free Space | 87.18% Space Free | Partition Type: NTFS

Computer Name: MIALAPPNICHOLAS | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (All) ==========

PRC - [2012/05/30 11:02:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/08/25 07:30:33 | 000,634,648 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/06 07:11:05 | 000,110,592 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/02/06 06:10:02 | 000,227,840 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/04/13 20:12:39 | 000,507,904 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/13 20:12:36 | 000,050,688 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/13 20:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008/04/13 20:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008/04/13 20:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008/04/13 20:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008/04/13 20:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 20:12:16 | 000,015,360 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/13 20:12:15 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2006/01/31 11:16:30 | 000,106,496 | -H-- | M] (Evidian) -- C:\Program Files\Evidian\bin\ssoxp.exe


========== Modules (No Company Name) ==========

MOD - [2011/03/17 00:11:16 | 004,297,568 | -H-- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/03/24 21:17:36 | 008,794,464 | -H-- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Win32 Services (All) ==========

SRV - [2011/06/10 18:05:52 | 005,161,036 | -H-- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Altiris\AClient\ACLIENT.EXE -- (AClient)
SRV - [2011/05/19 16:05:00 | 000,120,128 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2011/04/13 12:24:26 | 000,069,192 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/04/13 12:24:26 | 000,035,696 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe -- (hips)
SRV - [2011/04/13 12:24:22 | 001,506,464 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe -- (enterceptAgent)
SRV - [2011/02/09 22:04:05 | 000,136,176 | -H-- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Google Update Service (gupdatem)
SRV - [2011/02/09 22:04:05 | 000,136,176 | -H-- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2011/02/09 22:04:00 | 000,182,768 | -H-- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/12/27 23:50:30 | 031,124,344 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/10/16 01:40:40 | 000,037,664 | -H-- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/07 13:23:00 | 000,345,376 | -H-- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2010/08/27 01:57:43 | 000,099,840 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/26 14:12:36 | 000,013,160 | -H-- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\599\g2aservice.exe -- (GoToAssist)
SRV - [2010/08/25 20:07:00 | 000,147,984 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe -- (McShield)
SRV - [2010/08/25 20:07:00 | 000,066,880 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)
SRV - [2010/08/25 20:07:00 | 000,022,816 | -H-- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe -- (McAfeeEngineService)
SRV - [2010/08/17 09:17:06 | 000,058,880 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/05/24 05:34:59 | 003,391,488 | -H-- | M] (IBM Corp) [Auto | Stopped] -- C:\Program Files\Amanotes\nsd.exe -- (Lotus Notes Diagnostics)
SRV - [2010/03/23 13:19:32 | 001,528,616 | -H-- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/03 16:09:37 | 000,153,376 | -H-- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/09 21:37:50 | 004,640,000 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:18:00 | 000,149,352 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/10/09 17:23:10 | 001,107,456 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2009/09/29 21:00:19 | 001,287,464 | -H-- | M] (Altiris, Inc.) [Auto | Stopped] -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe -- (AeXNSClient)
SRV - [2009/09/29 11:30:00 | 000,058,760 | -H-- | M] (IBM Corp) [Disabled | Stopped] -- C:\Program Files\Amanotes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2009/07/28 18:57:44 | 000,892,928 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Auto | Stopped] -- C:\WINDOWS\system32\BEDevCtl.exe -- (BEDevCtl) SafeGuard®
SRV - [2009/07/28 18:56:28 | 000,020,480 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Auto | Stopped] -- C:\WINDOWS\system32\BEFCSvcn.exe -- (BEFCSvcn) SafeGuard®
SRV - [2009/07/28 17:18:52 | 000,037,376 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Auto | Stopped] -- C:\WINDOWS\system32\SGN_MasterServicen.exe -- (SGN_Trans) SafeGuard®
SRV - [2009/07/28 17:18:52 | 000,037,376 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Auto | Stopped] -- C:\WINDOWS\system32\SGN_MasterServicen.exe -- (SGN_Sem) SafeGuard®
SRV - [2009/07/28 17:18:52 | 000,037,376 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Auto | Stopped] -- C:\WINDOWS\system32\SGN_MasterServicen.exe -- (SGN_LogSystem) SafeGuard®
SRV - [2009/06/10 02:14:49 | 000,132,096 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/03/09 08:24:14 | 000,254,034 | -H-- | M] (IDT, Inc.) [Auto | Stopped] -- c:\Program Files\IDT\DellXPM09B_6159v043\WDM\stacsv.exe -- (STacSV)
SRV - [2009/02/09 08:10:48 | 000,617,472 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009/02/09 08:10:48 | 000,401,408 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - [2009/02/09 08:10:48 | 000,401,408 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2009/02/06 07:11:05 | 000,110,592 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/06 07:11:05 | 000,110,592 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/01/22 10:19:20 | 000,808,296 | -H-- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/01/22 10:19:20 | 000,020,840 | -H-- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/07/29 21:10:04 | 000,046,104 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 000,881,664 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 000,132,096 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 11:17:02 | 000,069,632 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 000,034,312 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/07 16:26:58 | 000,253,952 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 13:46:57 | 000,245,248 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA)
SRV - [2008/06/19 12:59:06 | 002,058,776 | -H-- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel®
SRV - [2008/06/19 12:59:00 | 000,174,616 | -H-- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel®
SRV - [2008/04/13 20:12:40 | 000,126,464 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 20:12:38 | 000,289,792 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:12:38 | 000,073,216 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 20:12:38 | 000,018,432 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 20:12:35 | 000,089,600 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 20:12:34 | 000,141,312 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 20:12:33 | 000,095,744 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 20:12:29 | 000,111,104 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 20:12:29 | 000,111,104 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 20:12:28 | 000,078,848 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:27 | 000,006,144 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 20:12:25 | 000,032,768 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 20:12:24 | 000,075,264 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 20:12:24 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:22 | 000,150,528 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 20:12:17 | 000,224,768 | -H-- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:17 | 000,005,120 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 20:12:14 | 000,033,280 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 20:12:14 | 000,005,632 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (cisvc)
SRV - [2008/04/13 20:12:12 | 000,044,544 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,483,840 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 20:12:11 | 000,129,024 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 20:12:11 | 000,006,656 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:10 | 000,080,896 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 20:12:09 | 000,144,896 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 20:12:08 | 000,333,824 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - [2008/04/13 20:12:08 | 000,185,856 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 20:12:08 | 000,175,104 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 20:12:08 | 000,068,096 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 20:12:08 | 000,015,872 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 20:12:07 | 000,295,424 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 20:12:07 | 000,249,856 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,171,008 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:07 | 000,090,112 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/13 20:12:07 | 000,071,680 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 20:12:05 | 000,192,512 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:12:05 | 000,135,168 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:05 | 000,135,168 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:05 | 000,135,168 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:05 | 000,039,424 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 20:12:05 | 000,018,944 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:04 | 000,059,904 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 20:12:03 | 000,409,088 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 20:12:03 | 000,291,328 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/13 20:12:03 | 000,186,368 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 20:12:03 | 000,088,576 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:02 | 000,435,200 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:02 | 000,065,536 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2008/04/13 20:12:02 | 000,038,400 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 20:12:01 | 000,198,144 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 20:11:59 | 000,033,792 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 20:11:57 | 000,053,248 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 20:11:56 | 000,061,440 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 20:11:56 | 000,013,824 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:11:55 | 000,331,264 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)
SRV - [2008/04/13 20:11:54 | 000,021,504 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:11:53 | 000,023,040 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 20:11:52 | 000,132,096 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:11:52 | 000,045,568 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/13 20:11:52 | 000,033,792 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 20:11:52 | 000,023,552 | -H-- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:11:51 | 000,126,976 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 20:11:51 | 000,062,464 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:50 | 000,077,824 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:50 | 000,042,496 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:49 | 000,167,936 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/13 20:11:49 | 000,017,408 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/07/11 09:33:28 | 000,069,632 | RH-- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/10/18 21:47:16 | 000,027,136 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2006/10/18 20:05:24 | 000,913,408 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006/09/28 18:56:14 | 000,055,808 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc)
SRV - [2006/02/10 02:05:12 | 000,323,440 | -H-- | M] () [On_Demand | Stopped] -- C:\Program Files\Evidian\bin\ServUpdate.exe -- (AM_INSTALL)
SRV - [2005/11/14 02:06:04 | 000,069,632 | -H-- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 08:00:00 | 000,132,608 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2003/06/19 17:25:00 | 000,322,120 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\NvtSp50.sys -- (NvtSp50)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - [2012/05/29 17:23:41 | 000,002,401 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AlKernel.sys -- (AlKernel)
DRV - [2011/04/13 12:24:24 | 000,337,560 | -H-- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/04/13 12:24:24 | 000,107,928 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIPK.sys -- (HIPK)
DRV - [2011/04/13 12:24:24 | 000,076,088 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/04/13 12:24:24 | 000,065,960 | -H-- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2011/04/13 12:24:24 | 000,038,680 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIPPSK.sys -- (HIPPSK)
DRV - [2011/04/13 12:24:24 | 000,035,552 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIPQK.sys -- (HIPQK)
DRV - [2011/04/13 12:24:24 | 000,030,792 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\firelm01.sys -- (firelm01)
DRV - [2011/04/13 12:24:22 | 000,145,616 | -H-- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FireTDI.sys -- (FireTDI)
DRV - [2011/04/13 12:24:20 | 000,137,568 | -H-- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\FirePM.sys -- (FirePM)
DRV - [2011/03/23 17:38:24 | 000,020,096 | -H-- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2010/08/25 20:07:00 | 000,091,896 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/08/25 20:07:00 | 000,066,536 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/08/25 20:07:00 | 000,043,192 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/03/23 13:15:36 | 000,308,859 | -H-- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/10/20 13:30:24 | 000,044,680 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\firehk.sys -- (FirehkMP)
DRV - [2009/10/20 13:30:24 | 000,044,680 | -H-- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\firehk.sys -- (Firehk)
DRV - [2009/07/28 18:37:16 | 000,087,552 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BEFLT.SYS -- (BeFlt)
DRV - [2009/07/28 18:36:12 | 000,053,760 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\be_fltim.sys -- (BE_FLTI)
DRV - [2009/07/28 12:57:46 | 000,044,544 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SGStDrvm.sys -- (SGSTDRVM)
DRV - [2009/07/28 12:20:12 | 000,009,216 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ceeidem.sys -- (CEEIDEM)
DRV - [2009/07/28 12:20:08 | 000,008,704 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cerndm.sys -- (CERNDM)
DRV - [2009/07/28 12:20:06 | 000,018,432 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cehmacm.sys -- (CEHMACM)
DRV - [2009/07/28 12:20:04 | 000,017,920 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cesham.sys -- (CESHAM)
DRV - [2009/07/28 12:19:58 | 000,026,112 | RH-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ceaes2m.sys -- (CEAES2M)
DRV - [2009/07/28 12:19:56 | 000,026,112 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ceaesm.sys -- (CEAESM)
DRV - [2009/07/28 12:19:52 | 000,013,312 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cedes3m.sys -- (CEDES3M)
DRV - [2009/07/28 12:19:50 | 000,012,800 | -H-- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cedesm.sys -- (CEDESM)
DRV - [2009/07/28 12:19:46 | 000,010,752 | -H-- | M] (Utimaco Safeware AG - a member of the Sophos Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ceidem.sys -- (CEIDEM)
DRV - [2009/05/01 11:00:57 | 001,287,552 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/03/09 08:24:16 | 001,545,795 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/09 08:23:36 | 000,112,512 | -H-- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/03/09 01:06:00 | 000,280,096 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 15:30:08 | 000,133,632 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2009/01/22 10:16:14 | 000,032,808 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2008/11/16 18:39:44 | 000,131,984 | -H-- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/07/24 18:42:48 | 000,170,032 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/06/26 06:15:34 | 003,630,080 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/06/19 12:35:58 | 000,040,832 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2008/06/13 21:26:06 | 000,110,080 | -H-- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/06/04 13:14:00 | 000,026,608 | -H-- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/04/13 15:14:29 | 000,143,744 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 14:56:06 | 000,088,320 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:44:48 | 000,799,744 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:32:36 | 000,066,048 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/04 12:40:50 | 000,244,368 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2007/07/23 15:05:20 | 000,009,104 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | -H-- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | -H-- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | -H-- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/06/08 01:00:02 | 000,148,056 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Afx.sys -- (OA001Afx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/18 20:28:02 | 000,005,275 | -H-- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/06/14 11:53:00 | 000,029,184 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2004/08/04 08:00:00 | 000,063,232 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 08:00:00 | 000,055,936 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 08:00:00 | 000,013,952 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/04 08:00:00 | 000,006,784 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADFA_enUS418
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RadioRage_4j.com/Plugin: C:\Program Files\RadioRage_4j\bar\1.bin\NP4jStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4jffxtbr@RadioRage_4j.com: C:\Program Files\RadioRage_4j\bar\1.bin


O1 HOSTS File: ([2012/05/29 15:20:37 | 000,000,027 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SSOWatch Notification Class) - {F3DCA10E-35FF-11D4-8744-00105A658389} - C:\Program Files\Evidian\SSOEngine\ie_notifier.dll (Enatel)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [AeXAgentLogon] C:\Program Files\Altiris\Altiris Agent\AeXAgentActivate.exe (Altiris, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Boingo Wi-Finder] C:\Program Files\Boingo\Boingo Wi-Finder\Boingo.lnk ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [McAfee Host Intrusion Prevention Tray] C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OA001Mon] C:\WINDOWS\OA001Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SGNMasterApplication] C:\Program Files\Utimaco\SafeGuard Enterprise\Client\SGNMaster.exe (Utimaco Safeware AG - a member of the Sophos Group)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SSOHTTP] C:\Program Files\Evidian\SSOEngine\SSOHPPT.exe File not found
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VPNLogonHook] C:\Windows\VPNHook\VPNwkix32.exe (Ruud van Velsen (Microsoft))
O4 - HKLM..\Run: [XDonyNSULAS.exe] C:\Documents and Settings\All Users\Application Data\XDonyNSULAS.exe ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {27DBFA85-92EA-40B8-AC93-5407E89DE444} https://crm.amadeus....x_HI_Client.cab (Siebel High Interactivity Framework)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1241115230875 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1241115362015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8C244272-1DC1-4CE7-9C6C-FABCA09EB543} https://crm.amadeus....Integration.cab (Siebel Desktop Integration)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BF88D489-C9C4-4BDD-9F73-09DE058A3D7D} https://crm.amadeus....tBound_mail.cab (Siebel Email Support for Microsoft Outlook and Lotus Notes)
O16 - DPF: {CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.21.176.74 172.21.66.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mia.amadeus.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1962F6B9-B113-4593-A79F-B3CB609B73FD}: DhcpNameServer = 172.21.176.74 172.21.66.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AM_SSOXPress: DllName - (C:\Program Files\Evidian\shared_lib\xpcontrol.dll) - C:\Program Files\Evidian\shared_lib\xpcontrol.dll (Evidian)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\599\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\599\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\SGSSOGinaExtension: DllName - (C:\Program Files\Utimaco\SafeGuard Enterprise\SSO\SGSSOGinaExtension.dll) - C:\Program Files\Utimaco\SafeGuard Enterprise\SSO\SGSSOGinaExtension.dll (Utimaco Safeware AG - a member of the Sophos Group)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/30 10:34:48 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/30 11:02:36 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/05/29 14:53:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012/05/29 14:01:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/29 13:49:46 | 000,518,144 | -H-- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/29 13:49:46 | 000,406,528 | -H-- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/29 13:49:46 | 000,212,480 | -H-- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/29 13:49:46 | 000,060,416 | -H-- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/29 13:49:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ERDNT
[2012/05/29 13:49:13 | 000,000,000 | -H-D | C] -- C:\Qoobox
[2012/05/29 12:21:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2012/05/29 12:21:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Application Data\Google
[2012/05/29 11:03:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Data Recovery
[2012/05/29 10:39:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Application Data\McAfee
[2012/05/25 15:22:58 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/05/23 17:14:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cisco
[2012/05/23 17:14:00 | 000,000,000 | -H-D | C] -- C:\Program Files\Cisco
[2012/05/21 11:00:36 | 000,060,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[43 D:\My Documents\*.tmp files -> D:\My Documents\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/30 11:02:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/05/30 10:54:57 | 000,000,105 | -H-- | M] () -- C:\WINDOWS\am_win.ini
[2012/05/30 10:54:56 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/30 10:53:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/30 10:52:06 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/05/30 10:48:00 | 000,000,994 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-895524005-2101724659-3411302216-4573UA.job
[2012/05/30 10:46:00 | 000,000,892 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/30 10:46:00 | 000,000,888 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/30 09:48:00 | 000,000,942 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-895524005-2101724659-3411302216-4573Core.job
[2012/05/30 07:10:50 | 000,029,659 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/05/29 17:27:40 | 000,072,136 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/29 17:23:41 | 000,002,401 | -H-- | M] () -- C:\WINDOWS\System32\drivers\AlKernel.sys
[2012/05/29 17:23:39 | 000,001,445 | -H-- | M] () -- C:\AClient.cfg
[2012/05/29 17:20:03 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2012/05/29 17:20:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2012/05/29 17:19:59 | 002,128,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2012/05/29 15:44:54 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\-zRUJzqPN9ouTrd
[2012/05/29 15:44:46 | 000,000,256 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\zRUJzqPN9ouTrd
[2012/05/29 15:20:42 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\system.ini
[2012/05/29 15:20:37 | 000,000,027 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/29 15:02:45 | 000,517,316 | -H-- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012/05/29 14:43:38 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\-n1x0IXDiwPHKeP
[2012/05/29 14:43:26 | 000,000,844 | -H-- | M] () -- C:\Documents and Settings\Administrator\Desktop\Data_Recovery.lnk
[2012/05/29 14:01:37 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/05/29 11:03:43 | 000,000,862 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/29 11:03:17 | 000,274,944 | -H-- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\n1x0IXDiwPHKeP.exe
[2012/05/27 19:11:03 | 000,437,656 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/27 17:10:21 | 000,274,944 | -H-- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\zRUJzqPN9ouTrd.exe
[2012/05/27 16:21:46 | 000,389,120 | -H-- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\XDonyNSULAS.exe
[2012/05/25 15:22:57 | 000,059,040 | -H-- | M] () -- D:\My Documents\Viva Letter 05-25-12.pdf
[2012/05/16 08:14:38 | 000,001,984 | -H-- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/08 17:30:04 | 000,112,212 | -H-- | M] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs Clean 05-08-12.rtf
[2012/05/08 17:29:43 | 000,113,166 | -H-- | M] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs Redline 05-08-12.rtf
[2012/05/06 23:12:51 | 000,112,900 | -H-- | M] () -- D:\My Documents\Job Description - North America, General Counsel 05-04-12.rtf
[2012/05/06 23:08:53 | 000,111,031 | -H-- | M] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs 05-06-12.rtf
[2012/05/04 12:59:33 | 000,110,479 | -H-- | M] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs rtf.rtf
[2012/05/04 11:36:56 | 000,110,933 | -H-- | M] () -- D:\My Documents\Job Description - North America, General Counsel Clean 05-04-12.rtf
[2012/05/04 11:35:40 | 000,117,085 | -H-- | M] () -- D:\My Documents\Job Description - North America, General Counsel redline 05-04-12.rtf
[2012/05/03 00:17:08 | 000,143,008 | -H-- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\KevlarSigs.dll
[2012/04/30 16:30:46 | 000,450,895 | -H-- | M] () -- D:\My Documents\Sabre Subpoena.pdf
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[43 D:\My Documents\*.tmp files -> D:\My Documents\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/29 15:44:44 | 000,000,256 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\zRUJzqPN9ouTrd
[2012/05/29 14:43:25 | 000,000,844 | -H-- | C] () -- C:\Documents and Settings\Administrator\Desktop\Data_Recovery.lnk
[2012/05/29 14:01:37 | 000,000,213 | -H-- | C] () -- C:\Boot.bak
[2012/05/29 14:01:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/29 13:49:46 | 000,256,000 | -H-- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/29 13:49:46 | 000,208,896 | -H-- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/29 13:49:46 | 000,098,816 | -H-- | C] () -- C:\WINDOWS\sed.exe
[2012/05/29 13:49:46 | 000,080,412 | -H-- | C] () -- C:\WINDOWS\grep.exe
[2012/05/29 13:49:46 | 000,068,096 | -H-- | C] () -- C:\WINDOWS\zip.exe
[2012/05/29 12:58:41 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\-n1x0IXDiwPHKeP
[2012/05/29 11:03:43 | 000,000,862 | -H-- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/29 11:03:17 | 000,274,944 | -H-- | C] ( ) -- C:\Documents and Settings\All Users\Application Data\n1x0IXDiwPHKeP.exe
[2012/05/27 19:23:34 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\-zRUJzqPN9ouTrd
[2012/05/27 17:10:21 | 000,274,944 | -H-- | C] ( ) -- C:\Documents and Settings\All Users\Application Data\zRUJzqPN9ouTrd.exe
[2012/05/27 16:24:16 | 000,389,120 | -H-- | C] ( ) -- C:\Documents and Settings\All Users\Application Data\XDonyNSULAS.exe
[2012/05/25 15:22:57 | 000,059,040 | -H-- | C] () -- D:\My Documents\Viva Letter 05-25-12.pdf
[2012/05/25 15:22:49 | 000,000,326 | -H-- | C] () -- C:\Documents and Settings\LocalService\Application Data\PrimoPDFSet.xml
[2012/05/08 17:30:04 | 000,112,212 | -H-- | C] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs Clean 05-08-12.rtf
[2012/05/08 17:29:43 | 000,113,166 | -H-- | C] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs Redline 05-08-12.rtf
[2012/05/06 23:08:53 | 000,111,031 | -H-- | C] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs 05-06-12.rtf
[2012/05/04 12:59:33 | 000,110,479 | -H-- | C] () -- D:\My Documents\Job Description - Deputy General Counsel, Head of LATAM Legal Affairs rtf.rtf
[2012/05/04 11:52:48 | 000,112,900 | -H-- | C] () -- D:\My Documents\Job Description - North America, General Counsel 05-04-12.rtf
[2012/05/04 11:36:56 | 000,110,933 | -H-- | C] () -- D:\My Documents\Job Description - North America, General Counsel Clean 05-04-12.rtf
[2012/05/04 11:35:40 | 000,117,085 | -H-- | C] () -- D:\My Documents\Job Description - North America, General Counsel redline 05-04-12.rtf
[2012/04/30 16:30:46 | 000,450,895 | -H-- | C] () -- D:\My Documents\Sabre Subpoena.pdf
[2011/02/28 14:11:43 | 000,008,665 | -H-- | C] () -- C:\WINDOWS\dynamic.ini
[2010/10/14 15:32:59 | 000,000,100 | -H-- | C] () -- C:\WINDOWS\System32\C000046W.sys
[2010/10/14 15:32:59 | 000,000,037 | -H-- | C] () -- C:\WINDOWS\notes.ini

========== LOP Check ==========

[2010/03/03 17:30:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AeUicon
[2011/06/15 08:47:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GoBoingo
[2010/09/08 20:29:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\LexisNexis
[2010/03/03 17:28:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\QuickKronosIcon
[2009/05/15 10:53:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2010/03/03 17:48:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Utimaco
[2010/03/03 17:29:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wfcicon
[2010/12/26 14:35:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/07/05 18:53:46 | 000,024,064 | -H-- | M] ()(D:\My Documents\????? ????.doccoind.doc) -- D:\My Documents\לעולם חסדו.doccoind.doc
[2011/07/05 18:53:46 | 000,024,064 | -H-- | C] ()(D:\My Documents\????? ????.doccoind.doc) -- D:\My Documents\לעולם חסדו.doccoind.doc

< End of report >

[Advertisements]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Check the box that says Scan All Users.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

[Gammo]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Check the box that says Scan All Users.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.