Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

white screen can't boot to winxp [Closed]

Started by njlock , Dec 10 2012 06:47 PM

  • This topic is locked This topic is locked

#1
njlock
Posted 10 December 2012 - 06:47 PM

njlock

    Member

  • Member
  • PipPipPip
  • 353 posts
now it's going to a screen saying my pc is blocked,& it wants me to send $200 to unblock it? I think my nephew was messing with it and got a nasty in here. I ca't do anything, tried to start in safe mode, just freezes up. Please help ***edit*** was able to log on safe mode with an alternate "administrator" account, running malwarebytes while I go to bed, hopefully that'll get me able to log on to main account and post a log.

Edited by njlock, 10 December 2012 - 09:06 PM.

  • 0

Advertisements

#2
maliprog
Posted 11 December 2012 - 12:34 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello njlock and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here for me.

Step 2

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
njlock
Posted 11 December 2012 - 12:30 PM

njlock

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 353 posts
Maliprog, Thank you very much for your assistance. I apologize I did'nt follow you're instructions properly and did a restore to the pc, which did get it running again. I also purchased and downloaded Malwarebytes and did a scan which did seem to find and remove something, if you direct me where log is I can post it if you want. Also did a spybot search and destroy scan and fix. Sorry I needed this pc up and running asap.
computer does seem ok, I'd appreciate if you could check the logs and advise.
Thanks again for your timely assistance, you guys are great! I know I was lucky if I did'nt create more problems by starting by myself. otl logs to follow
  • 0

#4
njlock
Posted 11 December 2012 - 12:35 PM

njlock

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 353 posts
OTL logfile created on: 12/11/2012 1:20:50 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\DAVID CREIGHTON\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 62.30% Memory free
5.09 Gb Paging File | 3.91 Gb Available in Paging File | 76.91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.39 Gb Total Space | 189.83 Gb Free Space | 41.05% Space Free | Partition Type: NTFS
Drive D: | 533.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Unable to calculate disk information.

Computer Name: BOSSSILVERDELL | User Name: DAVID CREIGHTON | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/11 13:19:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAVID CREIGHTON\My Documents\Downloads\OTL (1).exe
PRC - [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/10/23 17:58:52 | 000,120,728 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/10/23 17:58:40 | 000,694,168 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/08/31 08:36:42 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/08/29 13:51:48 | 004,643,912 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2012/08/29 13:51:48 | 001,061,960 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2012/07/03 08:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/05/30 12:18:07 | 004,331,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/12/08 11:37:18 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011/12/08 11:34:58 | 001,527,104 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011/10/26 08:27:26 | 002,101,760 | ---- | M] () -- C:\INTEGRA\ULTIMATE.EXE
PRC - [2011/10/07 04:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011/09/27 14:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011/04/04 14:45:06 | 001,185,592 | ---- | M] (WH Software Ltd) -- C:\Program Files\WH Software\IC\Bin\ICSvr.exe
PRC - [2010/09/13 19:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2009/09/14 04:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2009/09/14 04:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
PRC - [2009/04/25 11:54:52 | 005,686,256 | ---- | M] (Essential Fax Software) -- C:\Program Files\EssentialFax\essfax.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/03/14 06:22:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/27 22:43:17 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 22:43:16 | 012,456,040 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012/11/27 22:43:15 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 22:42:30 | 000,587,880 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 22:42:29 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 22:42:22 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 22:42:21 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 22:42:21 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/10/23 17:58:52 | 000,120,728 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
MOD - [2012/10/23 17:58:40 | 000,694,168 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/10/17 15:42:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2012/05/30 12:11:47 | 000,176,128 | ---- | M] () -- C:\Program Files\AIM\nssckbi.dll
MOD - [2011/10/26 08:27:26 | 002,101,760 | ---- | M] () -- C:\INTEGRA\ULTIMATE.EXE
MOD - [2011/10/07 04:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/01/10 08:37:40 | 000,027,648 | ---- | M] () -- C:\WINDOWS\system32\essfaxpm.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/08/08 22:19:46 | 000,027,648 | ---- | M] () -- C:\WINDOWS\system32\rksfaxpm.dll


========== Services (SafeList) ==========

SRV - [2012/10/23 17:58:52 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/10/08 16:48:16 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/08/31 08:36:42 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/29 13:51:48 | 004,643,912 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2011/12/08 11:34:58 | 001,527,104 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/08 11:31:34 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/09/27 14:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/04/04 14:45:06 | 001,185,592 | ---- | M] (WH Software Ltd) [Auto | Running] -- C:\Program Files\WH Software\IC\Bin\ICSvr.exe -- (ICDataService)
SRV - [2010/09/13 19:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2009/09/14 04:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2009/09/14 04:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)
SRV - [2006/03/14 06:22:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\spcstb.sys -- (spcstb)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - [2012/12/11 13:11:48 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{46566F75-096E-4FD9-BA8D-D6C65CE5E399}\MpKsl6f19d36f.sys -- (MpKsl6f19d36f)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2012/06/08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012/06/08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012/01/25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2011/11/08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/09/02 01:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 01:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/09/02 01:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 01:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/07/08 04:12:48 | 007,023,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/10/22 12:48:00 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010/10/07 12:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/06/21 21:51:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2010/02/17 11:09:38 | 000,197,416 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2009/10/22 15:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2007/12/26 02:20:36 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2007/08/21 13:39:20 | 000,235,616 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OEM05Vid.sys -- (OEM05Vid)
DRV - [2007/08/21 13:39:18 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OEM05Vfx.sys -- (OEM05Vfx)
DRV - [2007/08/21 13:39:04 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OEM05Afx.sys -- (OEM05Afx)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/05/18 08:48:00 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2006/03/14 06:22:00 | 000,090,176 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
DRV - [2004/10/15 02:49:22 | 000,029,292 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FTD2XX.sys -- (FTD2XX)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080617
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8DF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...client&ie=UTF-8
IE - HKCU\..\SearchScopes,DefaultScope = {8A8501A7-6CEE-41A8-878B-9B2072F6A109}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar....ale.underscore}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{8A8501A7-6CEE-41A8-878B-9B2072F6A109}: "URL" = http://www.google.co...1I7GGLL_enUS362
IE - HKCU\..\SearchScopes\{D2E02658-0017-47EA-8756-C8CFC85362E7}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)


[2012/06/28 13:08:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Mozilla\Firefox\Profiles\extensions
[2012/06/28 13:08:00 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Mozilla\Firefox\Profiles\extensions\[email protected]

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpass.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: AT_Splendid = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\
CHR - Extension: YouTube = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Autopen - Email Signatures = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmjcoiohflenpehfaalahocpmacjloof\0.8.0.1_0\
CHR - Extension: Google Search = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Logitech Device Detection = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\
CHR - Extension: LastPass = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\
CHR - Extension: Google Voice (by Google) = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.8_0\
CHR - Extension: WiseStamp - Email Signatures for GMail, Google Apps and more = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg\3.11.24.200_0\
CHR - Extension: Gmail = C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/11 10:18:31 | 000,444,136 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15281 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\DAVID CREIGHTON\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\DAVID CREIGHTON\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: LastPass - file://C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\LastPass\context.html?cmd=fillforms File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: travelers.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: travelers.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: travelerspc.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: travelerspc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: travelers.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: travelers.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: travelerspc.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: travelerspc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range37 ([http] in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.m...ash/swflash.cab (MetaStreamCtl Class)
O16 - DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} http://192.168.1.102:100/RemoteWeb.cab (Remote200 Control)
O16 - DPF: {5FFDFC21-AE40-4C7C-955C-415A1ACE01C8} http://192.168.1.102...VideoViewer.cab (CViewerControl Object)
O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://192.168.1.100/EDVR.CAB (DVR4204 Client Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1221747677171 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} http://free.aol.com/...5/aolcdt175.cab (CDToolCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} http://www.cvsphoto....veX_Control.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F26D0182-6B67-4613-BBAA-934270106655}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 16:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/07/16 15:55:09 | 000,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/11 08:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/15 08:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2012/11/15 08:23:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Motorola Mobility
[2012/11/15 08:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Mobility
[2012/11/15 08:23:07 | 000,011,008 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motusbdevice.sys
[2012/11/15 08:23:06 | 000,023,808 | ---- | C] (Motorola Mobility Inc) -- C:\WINDOWS\System32\drivers\Motousbnet.sys
[2012/11/15 08:23:06 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys
[2012/11/15 08:23:04 | 000,020,864 | ---- | C] (Motorola Mobility Inc) -- C:\WINDOWS\System32\drivers\motccgp.sys
[2012/11/15 08:23:04 | 000,008,448 | ---- | C] (Motorola Mobility Inc) -- C:\WINDOWS\System32\drivers\motccgpfl.sys
[2012/11/15 08:23:04 | 000,006,656 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys
[2012/11/15 08:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/11/15 08:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Motorola
[2012/11/14 15:52:09 | 000,000,000 | ---D | C] -- C:\revolution sdcard
[2012/11/14 15:49:06 | 000,000,000 | ---D | C] -- C:\LGMobileUpgrade
[2012/11/14 15:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010/12/03 09:25:52 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/11 13:27:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1034079361-1168208069-412699111-1005UA.job
[2012/12/11 13:17:58 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/11 13:11:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/11 13:08:07 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/12/11 13:08:06 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/11 13:07:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/11 13:07:45 | 3487,744,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/11 13:01:54 | 000,000,395 | ---- | M] () -- C:\WINDOWS\MYOBP.INI
[2012/12/11 13:01:31 | 000,000,190 | ---- | M] () -- C:\WINDOWS\MYOB.INI
[2012/12/11 13:01:31 | 000,000,127 | ---- | M] () -- C:\WINDOWS\SwDrvs.ini
[2012/12/11 13:01:01 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/11 12:48:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/11 11:05:15 | 000,051,240 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\154 STUEBING MB RELB.pdf
[2012/12/11 10:59:23 | 000,001,115 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\magicJack.lnk
[2012/12/11 10:25:46 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/11 10:18:31 | 000,444,136 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/12/10 19:49:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/10 08:23:00 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2012/12/10 06:27:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1034079361-1168208069-412699111-1005Core.job
[2012/12/07 14:29:12 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk
[2012/12/07 11:12:20 | 000,122,027 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\stuebing mailbox.jpg
[2012/12/07 11:10:22 | 000,146,878 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\stuebing wall.jpg
[2012/12/03 12:48:56 | 000,002,339 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zed-BULL.lnk
[2012/11/30 13:29:10 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\Google Chrome.lnk
[2012/11/30 13:29:10 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/17 12:25:21 | 000,021,186 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\46951418.jpg
[2012/11/17 12:22:41 | 000,070,692 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\47223164.jpg
[2012/11/15 08:24:00 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/11/15 08:23:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/11/15 08:23:43 | 000,000,498 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Update.job
[2012/11/15 08:23:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/11/15 08:23:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/11/15 08:23:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/11/15 08:14:04 | 000,528,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/11/15 08:14:03 | 000,097,078 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/11/15 08:07:33 | 000,329,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/15 03:04:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/11/12 09:37:01 | 000,023,367 | ---- | M] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\211 MANH KEY BOXES.jpg
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/11 11:05:14 | 000,051,240 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\154 STUEBING MB RELB.pdf
[2012/12/11 10:59:23 | 000,001,115 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\magicJack.lnk
[2012/12/11 10:25:46 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/11 08:30:02 | 3487,744,000 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/10 19:49:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/07 11:12:20 | 000,122,027 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\stuebing mailbox.jpg
[2012/12/07 11:10:22 | 000,146,878 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\stuebing wall.jpg
[2012/11/17 12:25:20 | 000,021,186 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\46951418.jpg
[2012/11/17 12:22:37 | 000,070,692 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\47223164.jpg
[2012/11/15 08:24:00 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/11/15 08:23:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/11/15 08:23:43 | 000,000,498 | ---- | C] () -- C:\WINDOWS\tasks\Motorola Device Manager Update.job
[2012/11/15 08:23:43 | 000,000,482 | ---- | C] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2012/11/15 08:23:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/11/15 08:23:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/11/15 08:23:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/11/12 09:37:01 | 000,023,367 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Desktop\211 MANH KEY BOXES.jpg
[2012/07/23 10:53:08 | 000,035,196 | ---- | C] () -- C:\WINDOWS\System32\drivers\OldUsbkey.sys
[2012/07/23 10:49:36 | 000,035,196 | ---- | C] () -- C:\WINDOWS\System32\drivers\Usbkey.sys
[2012/07/23 10:49:35 | 000,024,136 | ---- | C] () -- C:\WINDOWS\System32\ppmon.exe
[2012/07/23 10:49:35 | 000,012,480 | ---- | C] () -- C:\WINDOWS\System32\KL2N.DLL
[2012/07/23 10:49:35 | 000,007,440 | ---- | C] () -- C:\WINDOWS\System32\ppmon.dll
[2012/07/02 11:22:14 | 000,000,198 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2012/05/28 11:14:47 | 000,188,880 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/03/24 12:27:35 | 000,069,928 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/27 09:54:37 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012/02/15 22:28:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/26 08:44:00 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/08/27 14:20:42 | 000,448,527 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1034079361-1168208069-412699111-1005-0.dat
[2011/08/27 14:20:41 | 000,318,194 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/08/26 09:05:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/08/26 08:20:31 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/08/26 08:20:31 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/08/26 08:20:31 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/08/26 08:20:31 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/08/26 08:20:31 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/08/26 08:20:31 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/08/26 08:20:31 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/08/26 08:20:31 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/08/26 08:20:31 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/08/26 08:20:31 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/08/26 08:20:31 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/08/26 08:20:31 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/08/26 08:20:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011/08/26 08:20:30 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/08/26 08:20:30 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/08/26 08:20:30 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/08/26 08:17:31 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF630.ini
[2011/08/20 08:10:44 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2011/07/22 13:13:55 | 000,000,200 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/07/22 11:44:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011/06/24 06:10:32 | 000,319,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\TS440Firmware.bin
[2011/06/24 06:10:32 | 000,319,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\TS230Firmware.bin
[2011/06/24 06:10:32 | 000,191,838 | ---- | C] () -- C:\WINDOWS\System32\drivers\CX30Firmware.bin
[2011/06/24 06:10:32 | 000,095,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\TS220Firmware.bin
[2011/04/21 13:49:31 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p17].bmp
[2011/04/21 13:49:27 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p16].bmp
[2011/04/21 13:49:23 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p15].bmp
[2011/04/21 13:49:19 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p14].bmp
[2011/04/21 13:49:15 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p13].bmp
[2011/04/21 13:49:10 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p12].bmp
[2011/04/21 13:49:06 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p11].bmp
[2011/04/21 13:49:03 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p10].bmp
[2011/04/21 13:48:59 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p09].bmp
[2011/04/21 13:48:55 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p08].bmp
[2011/04/21 13:48:52 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p07].bmp
[2011/04/21 13:48:48 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p06].bmp
[2011/04/21 13:48:44 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p05].bmp
[2011/04/21 13:48:41 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p04].bmp
[2011/04/21 13:48:37 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0021]-[p03].bmp
[2011/04/21 13:47:47 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p11].bmp
[2011/04/21 13:47:44 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p10].bmp
[2011/04/21 13:47:40 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p09].bmp
[2011/04/21 13:47:36 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p08].bmp
[2011/04/21 13:47:32 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p07].bmp
[2011/04/21 13:47:29 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p06].bmp
[2011/04/21 13:47:25 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p05].bmp
[2011/04/21 13:47:21 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p04].bmp
[2011/04/21 13:47:17 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p03].bmp
[2011/04/21 13:47:14 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p02].bmp
[2011/04/21 13:47:10 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0020]-[p01].bmp
[2011/04/21 13:45:32 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p22].bmp
[2011/04/21 13:45:29 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p21].bmp
[2011/04/21 13:45:25 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p20].bmp
[2011/04/21 13:45:22 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p19].bmp
[2011/04/21 13:45:18 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p18].bmp
[2011/04/21 13:45:14 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p17].bmp
[2011/04/21 13:45:11 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p16].bmp
[2011/04/21 13:45:07 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p15].bmp
[2011/04/21 13:45:03 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p14].bmp
[2011/04/21 13:44:59 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p13].bmp
[2011/04/21 13:44:56 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p12].bmp
[2011/04/21 13:44:52 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p11].bmp
[2011/04/21 13:44:48 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p10].bmp
[2011/04/21 13:44:44 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p09].bmp
[2011/04/21 13:44:41 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p08].bmp
[2011/04/21 13:44:37 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p07].bmp
[2011/04/21 13:44:33 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p06].bmp
[2011/04/21 13:44:29 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p05].bmp
[2011/04/21 13:44:26 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p04].bmp
[2011/04/21 13:44:22 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p03].bmp
[2011/04/21 13:44:18 | 002,440,206 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\[j0018]-[p02].bmp
[2011/04/08 11:46:03 | 000,000,071 | R--- | C] () -- C:\WINDOWS\System32\FTD2XXUN.ini
[2011/04/08 11:46:00 | 000,057,344 | R--- | C] () -- C:\WINDOWS\System32\USB_IO.dll
[2010/05/25 14:25:02 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/02/16 08:42:03 | 000,000,289 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\learnburn_usersettings.xml
[2008/11/06 14:32:05 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\$_hpcst$.hpc
[2008/09/18 10:10:17 | 000,000,224 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\{268EB95C-7C1C-4826-B79E-0E50B1A64C5A}.dss
[2008/06/20 07:14:06 | 000,046,892 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\wklnhst.dat
[2008/06/20 07:07:40 | 000,162,304 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/19 13:19:33 | 000,005,037 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\powjnvfp.pmy
[2008/06/19 12:10:30 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\DAVID CREIGHTON\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/11 16:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/06/05 09:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/10 07:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2012/04/27 08:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alogent
[2010/11/27 13:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2008/09/18 10:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cloudmark
[2011/08/26 08:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/01/07 13:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IDSS
[2012/01/21 10:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/07/24 15:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2010/11/20 13:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/11/15 08:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2008/06/17 02:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2012/06/28 13:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/12/13 09:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/08 07:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TNL
[2010/12/04 10:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/06/17 02:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/11/24 12:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/08/20 12:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebClient2
[2009/02/26 08:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WH Software
[2009/03/20 09:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/12/04 09:58:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/04/24 11:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/13 09:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/16 09:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/10/09 09:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/01/10 10:48:23 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/06/05 09:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\3jam
[2009/06/05 09:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\acccore
[2012/09/22 14:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Advanced Diagnostics
[2011/06/16 09:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Auslogics
[2009/01/19 09:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Blackberry Desktop
[2012/12/07 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\calibre
[2008/10/16 07:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Cloudmark
[2012/12/11 13:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Dropbox
[2011/08/26 09:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Epson
[2011/08/19 12:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\GetRightToGo
[2011/01/07 13:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\IDSS
[2011/11/26 08:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\iolo
[2011/08/26 08:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Leadertech
[2010/12/03 16:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\licenses
[2012/12/11 10:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\mjusbsp
[2012/11/15 08:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Motorola
[2012/11/15 08:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Motorola Mobility
[2012/08/20 11:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Oracle
[2010/12/03 16:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\PCMM2009
[2010/12/03 16:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\PCMM2010
[2010/04/09 12:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Research In Motion
[2008/10/16 07:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\SPAMfighter
[2011/04/11 16:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\TeamViewer
[2008/07/26 10:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Template
[2010/05/25 14:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\TNL
[2010/10/22 12:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\TrueCrypt
[2010/12/04 09:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\TuneUp Software
[2010/03/30 13:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Windows Desktop Search
[2010/05/04 12:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAVID CREIGHTON\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2011/06/23 11:30:06 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 04:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

#5
njlock
Posted 11 December 2012 - 12:36 PM

njlock

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 353 posts
OTL Extras logfile created on: 12/11/2012 1:20:50 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\DAVID CREIGHTON\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 62.30% Memory free
5.09 Gb Paging File | 3.91 Gb Available in Paging File | 76.91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.39 Gb Total Space | 189.83 Gb Free Space | 41.05% Space Free | Partition Type: NTFS
Drive D: | 533.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Unable to calculate disk information.

Computer Name: BOSSSILVERDELL | User Name: DAVID CREIGHTON | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"30630:TCP" = 30630:TCP:*:Enabled:InstaCode

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\aol\1214860790\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1214860790\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein™ -- (Activision)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein™ -- (Activision)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Kaba\E-Plex PC M-Unit\EplexPCMU.exe" = C:\Program Files\Kaba\E-Plex PC M-Unit\EplexPCMU.exe:*:Enabled:EplexPCMU -- (Kaba)
"C:\Documents and Settings\DAVID CREIGHTON\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\DAVID CREIGHTON\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe" = C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe:*:Enabled:EpsonNet Setup -- (SEIKO EPSON CORPORATION)
"D:\Common\Driver Update\EDUPDATE.EXE" = D:\Common\Driver Update\EDUPDATE.EXE:*:Enabled:EPSON Driver Update
"C:\Program Files\AOL Desktop 9.6\waol.exe" = C:\Program Files\AOL Desktop 9.6\waol.exe:*:Enabled:AOL -- (AOL Inc.)
"C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe:*:Enabled:AOL Browser -- (AOL Inc.)
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\DAVID CREIGHTON\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\DAVID CREIGHTON\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0139C350-2428-442E-A6E6-86A940D4731C}" = E-Plex PC M-Unit
"{02F389EC-AB95-11D6-B455-00E0987E9E9E}" = MYOB Plus V12
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{07D9B246-CE09-41F3-A33B-94416D10A8B6}" = Scanner Controller Web Client
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B99A5A6-6975-45AE-A8DA-96AFF5A449C5}" = Zed-BULL
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11655C91-EF58-4aab-BF09-E8F205324FBF}" = BPDSoftware
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{27B1EB20-36B9-11DF-6784-088ACD3A18BE}" = InstaCode
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{3B7CB2D7-A03E-4E79-9DC5-273F8C0B3957}" = KeylessRide Learn and Burn
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47836D49-8220-4B40-AC4D-E68F556410A3}" = Learn and Burn
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5C6C47DE-3120-4245-914E-DD0F28A5232B}" = CHSKIM
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68473A08-3E46-4B25-9739-D01AA9D8F99A}" = Locksmith Connect
"{68FF4E69-53DC-485C-ADD9-E56FF9A406F8}" = Panini 3.3.1 Universal Installer
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6C3010E7-5982-49B2-BECF-509CE71C03DC}" = AD Loader
"{6DC0632A-A838-4B34-AC19-0FA18E1C533C}" = Sentinel Protection Installer 7.2.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D15B945-2725-4443-AB3F-D900556612FE}" = User Profile Hive Cleanup Service
"{815568B6-BD64-4FDD-8621-AA3D61F755AF}" = IRIScan Book 2 Control Panel
"{81DE15C9-5390-4533-81DF-2DC936C1A40C}" = Motorola Device Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3723EB8-255B-4A2D-9831-0752C0D06FF6}_is1" = EssentialFax
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D29FEDBA-417D-4F74-81D5-4F5916215348}" = LG Verizon United Drivers
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E125515C-29A4-4AAD-9BB7-9AE4FD521776}" = Readiris Pro 12 for IRIScan Book 2
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0F4163F-6A2D-48BA-BC36-23C33B0ECDB5}" = calibre
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F35D5A5E-7739-49DB-8A0E-23E2E8F99D1A}" = Motorola Mobile Drivers Installation 5.9.0
"{F789A548-255B-4037-94FD-F536BFB67DDC}" = IRIScan Book 2
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"69BD4AA45E9C862327EF05CEA66E45DE7DAF7F15" = Windows Driver Package - Digital Check Corporation (TSUSB2) USB (01/08/2007 1.10.0000)
"6D84083A905912F21439B4047066CCFB1F92952D" = Windows Driver Package - Advanced Diagnostics AD100 Pro Driver Package (05/19/2006 2.00.00)
"6FE4FC1EDCCFB197DD24DA48D73FA015278374E6" = Windows Driver Package - Advanced Diagnostics AD100 Pro Driver Package (05/19/2006 2.00.00)
"A33A5A34A685523D97B5195EAD29B9A70B235ECF" = Windows Driver Package - Advanced Diagnostics AD100 Pro Driver Package (03/18/2011 2.08.14)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AIM_7" = AIM 7
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Carbonite Backup" = Carbonite
"CMS" = CMS
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Cool Timer_is1" = Cool Timer 3.7
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"CutePDF Writer Installation" = CutePDF Writer 2.8
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"Excel" = Microsoft Excel 97
"FTDICOMM" = FTDI USB Serial Converter Drivers
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstaCode" = InstaCode
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Jewel Quest" = Jewel Quest
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MYOBPlus" = M.Y.O.B. Plus
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pagis Viewer 2.0" = Pagis Viewer 2.0
"PROSet" = Intel® PRO Network Connections Drivers
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"RKSFaxVersion1_is1" = RKS Fax
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"sp6" = Logitech SetPoint 6.32
"ST6UNST #1" = Autotel
"Strattec Part Search" = Strattec Part Search
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.1.0.366
"magicJack" = magicJack

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/15/2012 3:37:51 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/15/2012 3:40:35 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/15/2012 4:09:51 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/15/2012 4:27:03 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/15/2012 4:34:36 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/15/2012 4:36:50 AM | Computer Name = BOSSSILVERDELL | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error GetVolumeNameForVolumeMountPointW(
\\?\Volume{30bd404a-03df-11e1-8b5f-00038a000015}\, ...). hr = 0x80070003.

Error - 11/24/2012 4:40:03 PM | Computer Name = BOSSSILVERDELL | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.6662.5003, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/3/2012 6:19:32 PM | Computer Name = BOSSSILVERDELL | Source = Application Hang | ID = 1002
Description = Hanging application aim.exe, version 7.5.14.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/7/2012 3:42:22 PM | Computer Name = BOSSSILVERDELL | Source = Application Error | ID = 1000
Description = Faulting application calibre-parallel.exe, version 0.9.9.0, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00010cce.

Error - 12/7/2012 3:53:42 PM | Computer Name = BOSSSILVERDELL | Source = Application Error | ID = 1000
Description = Faulting application calibre-parallel.exe, version 0.9.9.0, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00010cce.

[ OSession Events ]
Error - 6/20/2011 1:01:52 PM | Computer Name = BOSSSILVERDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 920
seconds with 60 seconds of active time. This session ended with a crash.

Error - 4/17/2012 1:03:23 PM | Computer Name = BOSSSILVERDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 374
seconds with 60 seconds of active time. This session ended with a crash.

Error - 5/28/2012 12:21:13 PM | Computer Name = BOSSSILVERDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 121
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/27/2012 2:13:39 PM | Computer Name = BOSSSILVERDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/11/2012 8:47:31 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 8:48:17 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 8:48:17 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 8:48:17 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 8:54:27 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 9:12:24 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 12/11/2012 9:12:24 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 9:12:24 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 9:12:24 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service CarboniteService
with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

Error - 12/11/2012 9:28:32 AM | Computer Name = BOSSSILVERDELL | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >
  • 0

#6
maliprog
Posted 12 December 2012 - 12:59 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi njlock,

OK. I see that your system is better now.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#7
maliprog
Posted 20 December 2012 - 02:36 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP