Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows XP BSOD on Startup [Solved]

Started by Theoutdoorsman , Aug 22 2013 09:20 AM

  • This topic is locked This topic is locked

#61
Theoutdoorsman
Posted 26 August 2013 - 10:47 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
After successfully cloning the hard drive, and changing that AHCI BIOS setting, the computer is now booting to the dell diagnostics utility... :confused: ... Here is the message I recieve:

Error:
Msg: SYSTEM_ERROR This system is not recognized as a supported Dell PC. These diagnostics may not be run on unsupported systems.


I get an "OK" button which, when clicked, simply reboots the machine.

On a more positive note, the computer now boots using the ARCDC disk that was created!
  • 0

Advertisements

#62
Theoutdoorsman
Posted 26 August 2013 - 10:53 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
UPDATE:

I am now able to boot the computer into Safe Mode!


Your initial suspicions were correct .... :thumbsup:
  • 0

#63
Theoutdoorsman
Posted 26 August 2013 - 11:14 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
The computer booted to "Last Known Good Configuration", but not without issues (multiple device drivers in device manager with an exclamation mark). The good news is that I am now in Windows again! I am going to stop here to answer any questions you might have for me, or until such time as I receive further instructions. Many many thanks for hanging in here with me! ..... :happy:



NOTE: I am working off the clone .... ;)



Here is a list of devices within device manager reporting issues:

  • TSSTcorp CDRWDVD TS-H493B
  • TSSTcorp DVD+-RW TS-H653B
  • Standard floppy disk controller
  • Ethernet Controller (previous owner said it stopped working, so he installed an add-in card, which is)
  • XPS Miniview
  • IDT High Definition Audio Codec
  • RAM memory

Edited by Theoutdoorsman, 26 August 2013 - 11:33 PM.

  • 0

#64
JSntgRvr
Posted 27 August 2013 - 09:00 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Tou can find Original Drivers here:

http://www.dell.com/...Product/xps-420

See if that would resolve some of the issues.
  • 0

#65
Theoutdoorsman
Posted 27 August 2013 - 06:10 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
OK. There is definitely a multimedia driver that is causing the conflicts within device manager. I removed all the problematic hardware, booted into Windows "normally" (I was shocked!), and allowed it to attempt to setup the hardware drivers itself. During the configuring of hardware, Windows notified me about the conflicting driver, and warned that some devices may not function correctly because of it. I'm going to boot into windows normally and obtain a new OTL log for you. With any luck, you can help me sort out this minor headache?
  • 0

#66
JSntgRvr
Posted 27 August 2013 - 06:29 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
  • Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  • Double-click VEW.exe
  • Under 'Select log to query', select (the following ):
    • Application
    • System
  • Under 'Select type to list', select (the following):
    • Error
    • Information
    • Warning
Then use the 'Date of events' or 'Number of events' as follows:

Either:
  • Click the radio button for 'Number of events'
    Type 10 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
  • Click the radio button for 'Date of events'
    In the From: boxes type today's date (presuming the crash happened today) 27 08 2013
    In the To: boxes type today's date (presuming the crash happened today) 27 08 2013
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply
  • 0

#67
Theoutdoorsman
Posted 27 August 2013 - 06:29 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
I ran ESET Online Scanner, RogueKiller, Combofix, adwcleaner, junk removal tool, and ccleaner in an attempt to clean up the OTL logs. Don't hurt me too bad for doing it, but it did make things considerably more manageable. Here ya go ....




OTL logfile created on: 8/27/2013 8:17:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aaron Burnette\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 79.06% Memory free
6.82 Gb Paging File | 6.20 Gb Available in Paging File | 90.85% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 295.29 Gb Total Space | 226.21 Gb Free Space | 76.61% Space Free | Partition Type: NTFS

Computer Name: SKILLSAW | User Name: Aaron Burnette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/27 20:14:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron Burnette\Desktop\OTL.exe
PRC - [2013/08/14 20:27:59 | 005,703,920 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2013/07/11 13:27:23 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2008/09/17 17:17:50 | 003,002,368 | ---- | M] (Foxconn Corporation) -- C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/11 12:23:22 | 000,438,272 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\SYSTEM32\SAiDownloader.exe
PRC - [2007/07/20 18:47:11 | 001,174,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2006/01/19 12:06:18 | 000,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2006/01/19 12:06:16 | 000,416,768 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\LxrSII1s.exe
PRC - [2005/04/04 19:58:30 | 003,502,080 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
PRC - [2005/04/04 19:58:30 | 000,856,064 | ---- | M] (Adobe Sytems Incorporated) -- C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
PRC - [2005/04/04 19:58:28 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
PRC - [2004/06/29 13:23:32 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/06/29 13:22:56 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2004/04/20 14:05:56 | 000,118,784 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\BACS\BacsTray.exe
PRC - [2003/11/19 19:48:14 | 000,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
PRC - [2003/11/06 19:32:30 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
PRC - [2003/08/06 18:58:26 | 001,376,360 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2003/01/10 19:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/10/29 11:18:24 | 000,049,152 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PRC - [2002/09/30 03:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe
PRC - [2001/01/15 16:20:24 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE


========== Modules (No Company Name) ==========

MOD - [2013/08/20 03:02:08 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/07/13 12:04:53 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\616fa195ca93638850a119a54171dac1\System.Web.ni.dll
MOD - [2013/07/13 12:03:32 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll
MOD - [2013/07/13 12:02:45 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\8f799a4688381624de3cfb1edbccb163\Accessibility.ni.dll
MOD - [2013/07/11 13:16:53 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll
MOD - [2013/07/11 13:16:29 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll
MOD - [2013/07/11 13:15:06 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll
MOD - [2013/07/10 17:04:23 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll
MOD - [2013/07/10 17:03:42 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/05/27 12:40:48 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/04/16 14:20:06 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/03/16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2007/04/02 08:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msjetoledb40.dll
MOD - [2007/01/18 10:29:22 | 000,102,400 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ASupplicant.dll
MOD - [2006/09/25 09:13:12 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
MOD - [2006/01/19 12:06:08 | 000,122,880 | ---- | M] () -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\CDDVDAccess.dll
MOD - [2006/01/17 08:41:28 | 000,122,880 | ---- | M] () -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmgit.dll
MOD - [2005/06/27 11:42:36 | 000,167,936 | ---- | M] () -- C:\Program Files\Macromedia\FlashPaper 2\FlashPaperContextMenu.dll
MOD - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\LxrSII1s.exe
MOD - [2005/04/04 19:58:36 | 001,019,904 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
MOD - [2005/04/04 19:58:36 | 000,434,255 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
MOD - [2005/04/04 19:58:34 | 000,057,453 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\verify.dll
MOD - [2005/04/04 19:58:34 | 000,053,364 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\zip.dll
MOD - [2005/04/04 19:58:32 | 000,057,455 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\net.dll
MOD - [2005/04/04 19:58:30 | 003,502,080 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
MOD - [2005/04/04 19:58:30 | 000,102,515 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\java.dll
MOD - [2005/04/04 19:58:28 | 000,032,880 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\nio.dll
MOD - [2005/04/04 19:58:24 | 000,028,791 | ---- | M] () -- C:\Program Files\Adobe\Adobe Version Cue CS2\jre\bin\hpi.dll
MOD - [2004/08/04 07:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\SYSTEM32\TSD32.DLL
MOD - [2003/11/19 19:48:14 | 000,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
MOD - [2003/11/06 19:32:30 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
MOD - [2003/11/06 15:40:32 | 000,049,152 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\Rtl8169LibC.dll
MOD - [2003/09/23 02:00:00 | 000,106,496 | ---- | M] () -- C:\Program Files\Dell\ShareDLL\djbsdk.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe /service -- (TMBMServer)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe -- ($sys$DRMServer)
SRV - [2013/07/11 13:27:23 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/09/11 12:23:22 | 000,438,272 | ---- | M] (TODO: <Company name>) [Auto | Running] -- C:\WINDOWS\SYSTEM32\SAiDownloader.exe -- (SAiDownloader)
SRV - [2007/07/20 18:47:11 | 001,174,664 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/04/04 19:58:28 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
SRV - [2004/06/29 13:22:56 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)
SRV - [2003/08/06 18:58:26 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2003/01/17 04:59:56 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\papycpu2.sys -- (papycpu2)
SRV - [2003/01/17 04:59:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\papyjoy.sys -- (papyjoy)
SRV - [2003/01/10 19:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService)
SRV - [2001/01/15 16:20:24 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE -- (C-DillaSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Capt907B.sys -- (SQTECH907B)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\AARONB~1\LOCALS~1\Temp\iMSPQMn.sys -- (iMSPQMn)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\AARONB~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\$sys$filesystem\oct.sys -- ($sys$oct)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/27 13:37:06 | 004,830,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2010/04/06 09:18:48 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\TM_CFW.sys -- (tmcfw)
DRV - [2010/04/06 09:18:48 | 000,158,224 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmcomm.sys -- (tmcomm)
DRV - [2010/04/06 09:18:48 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmtdi.sys -- (tmtdi)
DRV - [2010/04/06 09:18:48 | 000,059,920 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmactmon.sys -- (tmactmon)
DRV - [2010/04/06 09:18:48 | 000,050,704 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmevtmgr.sys -- (tmevtmgr)
DRV - [2009/12/04 12:39:06 | 000,230,928 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmxpflt.sys -- (tmxpflt)
DRV - [2009/12/04 12:38:18 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmpreflt.sys -- (tmpreflt)
DRV - [2009/12/04 12:05:06 | 001,322,680 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vsapint.sys -- (vsapint)
DRV - [2008/05/13 19:08:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2007/09/05 21:25:30 | 001,246,456 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\sthda.sys -- (STHDA)
DRV - [2007/05/18 12:12:50 | 000,053,344 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Stopped] -- C:\Program Files\SignWarehouse\SignWarehouse Production Suite1\Program\Par1284.sys -- (Par1284)
DRV - [2007/04/27 07:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sentinel.sys -- (Sentinel)
DRV - [2007/04/27 07:40:00 | 000,035,328 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2007/03/21 19:42:08 | 000,049,024 | ---- | M] (Ranioshack Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys -- (Ser2pl)
DRV - [2007/01/22 01:37:02 | 000,070,144 | R--- | M] (Netgear Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\G311N6.sys -- (NetgearGA311)
DRV - [2006/11/22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hardlock.sys -- (hardlock)
DRV - [2006/07/18 18:12:10 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2005/05/19 15:48:24 | 000,070,016 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LxrSII1d.sys -- (LxrSII1d)
DRV - [2005/02/03 19:37:43 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Haspnt.sys -- (Haspnt)
DRV - [2004/08/04 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2004/08/04 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2004/06/16 00:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/05/29 19:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/05/11 19:11:02 | 000,099,968 | ---- | M] (Aladdin Knowledge Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\aksusb.sys -- (aksusb)
DRV - [2004/04/28 10:03:08 | 000,328,448 | ---- | M] (Aladdin Knowledge Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\akshasp.sys -- (akshasp)
DRV - [2004/03/06 00:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 00:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 00:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/12/25 19:53:10 | 000,067,456 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\GA311ND5.SYS -- (RTL8023)
DRV - [2003/12/25 19:53:10 | 000,011,237 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\diag69xp.sys -- (Diag69xp)
DRV - [2003/12/25 19:53:10 | 000,008,440 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LANPkt.sys -- (LANPkt)
DRV - [2003/11/17 17:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 17:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 17:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/08/28 20:58:40 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/03/27 12:58:56 | 000,287,920 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/03/26 17:33:58 | 000,498,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k)
DRV - [2003/03/26 17:32:32 | 000,189,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/26 17:32:02 | 000,141,536 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hap16v2k.sys -- (hap16v2k)
DRV - [2003/03/26 17:31:40 | 000,823,616 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003/03/06 11:10:34 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -- (PfModNT)
DRV - [2003/02/20 18:24:46 | 000,116,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2003/02/20 18:24:34 | 000,135,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/02/20 18:24:18 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2003/02/20 18:22:38 | 000,135,040 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2003/01/17 04:59:56 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\papycpu2.sys -- (papycpu2)
DRV - [2003/01/17 04:59:56 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\papyjoy.sys -- (papyjoy)
DRV - [2003/01/10 19:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - [2002/11/08 15:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/04/11 17:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\AWINDIS5.SYS -- (AWINDIS5)
DRV - [2001/08/17 15:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hidswvd.sys -- (HIDSwvd)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2000/06/20 13:23:32 | 000,021,913 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {f02c5ad6-be31-4c83-8fb8-923fbe9b0e6a}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D9C85F85-EF99-448A-B364-ACF980FFC6D6}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{f02c5ad6-be31-4c83-8fb8-923fbe9b0e6a}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..browser.startup.homepage: "http://www.*****.com/" [EDITED TO PROTECT THE INTEREST OF PREVIOUS OWNER]
FF - prefs.js..keyword.URL: "http://slirsredirect...ir=2706&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Aaron Burnette\Application Data\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Aaron Burnette\Application Data\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Aaron Burnette\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Aaron Burnette\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/16 12:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/16 12:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/15 14:35:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/20 05:09:29 | 000,000,000 | ---D | M]

[2011/01/28 14:52:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Extensions
[2009/11/18 15:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Extensions\[email protected]
[2009/10/19 18:23:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\9722stze.default\extensions
[2005/08/31 18:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\9722stze.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/03/01 23:33:53 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\9722stze.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/19 18:23:02 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\9722stze.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2013/08/27 20:13:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions
[2011/01/28 15:06:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/04/21 00:46:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/25 03:17:29 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/31 13:22:19 | 000,000,000 | ---D | M] (wxDfast) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions\[email protected]
[2013/08/27 20:13:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\zwy0xs2t.default\extensions\staged
[2009/10/19 18:22:35 | 000,000,302 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\Application Data\Mozilla\Firefox\Profiles\9722stze.default\searchplugins\AIM Search.src
[2013/02/26 12:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/19 15:00:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/04 12:28:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/22 11:04:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2011/05/13 10:15:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\defaults\profile\extensions
[2011/05/13 10:15:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\defaults\profile\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2005/09/15 18:26:00 | 000,094,208 | ---- | M] () -- C:\Program Files\mozilla firefox\components\BrandRes.dll
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2005/09/15 18:26:00 | 000,150,912 | ---- | M] (Full Circle Software, Inc.) -- C:\Program Files\mozilla firefox\components\fullsoft.dll
[2005/09/15 18:26:00 | 000,041,573 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2005/09/15 18:26:00 | 000,048,223 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2005/09/15 18:26:00 | 000,008,813 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\qfaservices.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2005/09/15 18:26:00 | 000,160,871 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2013/05/16 12:22:14 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2004/02/20 16:14:09 | 000,176,177 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2005/09/15 18:26:00 | 000,000,735 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.src
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2005/09/15 18:26:00 | 000,000,976 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.src
[2005/09/15 18:26:00 | 000,000,692 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dictionary.src
[2005/09/15 18:26:00 | 000,001,064 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.src
[2009/08/03 20:44:40 | 000,000,750 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.src
[2011/05/15 07:42:06 | 000,001,949 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2005/09/15 18:26:00 | 000,001,098 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.src

O1 HOSTS File: ([2013/08/27 14:23:23 | 000,000,741 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - No CLSID value found.
O4 - HKLM..\Run: [] winlog.exe File not found
O4 - HKLM..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AS00_WN311B] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe (Foxconn Corporation)
O4 - HKLM..\Run: [AsioReg] C:\WINDOWS\System32\CTASIO.DLL (Creative Technology Ltd)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe ()
O4 - HKLM..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [SideWinderTrayV4] C:\Program Files\Microsoft Hardware\Game Controllers\Common\SWTrayV4.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKLM..\RunOnceEx: [Register Homesite+.exe] C:\Program Files\Macromedia\HomeSite+\Homesite+.exe (Macromedia, Inc.)
O4 - HKLM..\RunServices: [] winlog.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk = C:\Program Files\NETGEAR GA311 Adapter\GA311.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1266634999359 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1266634972875 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} file://C:\Program Files\OpenCube\NavStudio\program\comdlg32.cab (Microsoft Common Dialog Control, version 6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC977AE4-4A5B-480F-B8FE-67A8BB7A336B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB10EA6E-B9CF-4628-B9A5-D5F13F29E06D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\tmtb - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 19:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{98d74c94-d3e4-11db-9c42-00038a000015}\Shell\AutoRun\command - "" = F:\.\ResourceDatabase.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/27 20:14:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron Burnette\Desktop\OTL.exe
[2013/08/27 19:57:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/08/27 15:23:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Aaron Burnette\Recent
[2013/08/27 15:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/08/27 14:54:06 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Aaron Burnette\Desktop\aswclear.exe
[2013/08/27 14:34:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/08/27 14:23:59 | 000,000,000 | ---D | C] -- C:\JRT
[2013/08/27 14:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Desktop\RK_Quarantine
[2013/08/27 14:19:35 | 000,550,572 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Aaron Burnette\Desktop\JRT.exe
[2013/08/27 14:19:34 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aaron Burnette\Desktop\TFC.exe
[2013/08/27 13:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Application Data\Malwarebytes
[2013/08/27 12:57:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\DriverDoc
[2013/08/22 15:19:35 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/22 13:57:03 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/08/22 13:56:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/21 16:24:53 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013/08/21 06:37:40 | 000,000,000 | ---D | C] -- C:\Recovered Files
[2013/08/20 05:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/20 04:57:19 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/08/20 04:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/08/20 04:57:18 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/08/20 04:57:14 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/08/20 04:57:13 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/08/20 04:57:13 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/08/20 04:57:08 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/08/20 04:57:07 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/08/20 04:56:14 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/08/20 04:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/08/20 04:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/08/20 04:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Application Data\SUPERAntiSpyware.com
[2013/08/20 04:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/08/20 04:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/08/20 04:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/20 04:54:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/20 04:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/08/20 04:54:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/08/20 04:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/08/20 04:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Combined Community Codec Pack
[2013/08/20 04:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2013/08/20 04:42:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My Videos
[2013/08/20 03:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\T SHIRTS
[2013/08/20 03:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\REAL ESTATE
[2013/08/20 03:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My Scans
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My eBooks
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My Designs
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My Albums
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\Jakes Late Model
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\Cards
[2013/08/20 03:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\ALL MY #4 CAR DESIGNS
[2013/08/20 03:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Desktop\Save To New PC
[2013/08/20 03:10:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/08/19 23:10:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aaron Burnette\My Documents\My Pictures
[2013/08/19 20:36:14 | 000,000,000 | ---D | C] -- C:\Intel
[2013/08/19 20:36:06 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2013/08/15 21:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Desktop\PrintCraftSuite
[2013/08/15 21:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aaron Burnette\Desktop\REVELution
[2013/08/10 18:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Sun
[2013/07/28 23:43:06 | 000,191,488 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\hlvdd.dll
[2013/07/28 23:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cibercut 5.6
[2013/07/28 23:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cibercut 5.5
[2013/07/28 23:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Cibercat
[2005/08/15 19:49:56 | 000,054,272 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\GoLive 6.0.exe
[2005/08/15 19:49:56 | 000,036,864 | ---- | C] (Adobe Systems) -- C:\Program Files\Setup.exe
[2005/02/01 23:58:14 | 000,598,016 | ---- | C] (Horbra GmbH) -- C:\Program Files\WinMip2.exe
[2005/02/01 23:58:11 | 002,826,786 | ---- | C] (e-merge GmbH) -- C:\Program Files\wace22.exe
[2005/02/01 23:58:06 | 001,481,504 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mmssetup.exe
[2005/02/01 23:58:05 | 000,433,936 | ---- | C] (Microsoft Corporation) -- C:\Program Files\fp98bupd.exe
[39 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Aaron Burnette\Desktop\*.tmp files -> C:\Documents and Settings\Aaron Burnette\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/27 20:19:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{697E4988-2836-470C-AB95-AFCE832778E0}.job
[2013/08/27 20:14:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aaron Burnette\Desktop\OTL.exe
[2013/08/27 20:06:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/27 19:56:18 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3245643686-3712474248-3003149531-1005.job
[2013/08/27 19:56:18 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3245643686-3712474248-3003149531-1005.job
[2013/08/27 19:56:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2013/08/27 19:54:54 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3245643686-3712474248-3003149531-1005.job
[2013/08/27 19:54:54 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2013/08/27 19:54:52 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/27 19:54:52 | 000,000,380 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/27 19:54:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/08/27 19:54:33 | 3219,062,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/27 19:48:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/27 18:18:50 | 001,928,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/27 14:54:06 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Aaron Burnette\Desktop\aswclear.exe
[2013/08/27 14:08:32 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\qooejn.sys
[2013/08/27 13:30:56 | 000,000,220 | RHS- | M] () -- C:\BOOT.INI
[2013/08/27 13:19:37 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk
[2013/08/27 12:06:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3245643686-3712474248-3003149531-1005.job
[2013/08/27 02:36:03 | 000,008,668 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/08/20 04:57:22 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/08/20 04:57:22 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/08/20 04:57:22 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/20 04:57:22 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/20 04:57:22 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/20 04:57:22 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/08/20 04:57:08 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2013/08/20 04:54:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/20 04:54:16 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/08/20 04:22:46 | 003,561,325 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\FLYERS.CT5
[2013/08/20 04:10:59 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cibercut MAX 5.5.lnk
[2013/08/20 03:46:39 | 003,358,988 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\FLYERS.ck5
[2013/08/20 03:46:00 | 000,969,474 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\xs.eps
[2013/08/20 03:02:28 | 000,562,618 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2013/08/20 03:02:28 | 000,114,654 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2013/08/20 02:47:16 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\Desktop\Shortcut to ccutmx55.lnk
[2013/08/20 02:24:54 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cibercut MAX 5.6.lnk
[2013/08/20 00:03:01 | 000,365,331 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\4 car.ait
[2013/08/19 23:56:58 | 000,289,540 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\4 car.pdf
[2013/08/19 17:36:48 | 000,923,136 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\Desktop\RogueKiller.exe
[2013/08/19 17:14:03 | 011,316,371 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 20.CT5
[2013/08/19 15:02:34 | 042,819,552 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 19.CT5
[2013/08/19 15:01:32 | 008,626,182 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\cat.CT5
[2013/08/19 15:00:55 | 005,462,194 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\L.C FAIR SIGNS.CT5
[2013/08/19 14:59:29 | 026,618,697 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\MUSTANG.CT5
[2013/08/19 14:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/08/15 23:17:53 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ATT416.lnk
[2013/08/15 22:54:38 | 000,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/08/15 22:15:31 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Printer Internet.lnk
[2013/08/15 17:31:26 | 002,929,671 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\motorcycle decals.CT5
[2013/08/15 17:29:45 | 000,104,085 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\mid state.CT5
[2013/08/14 17:21:28 | 018,891,774 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\go kart 4.CT5
[2013/08/14 16:13:39 | 035,714,692 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GRPC.CT5
[2013/08/14 15:36:22 | 010,813,998 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\In memory.CT5
[2013/08/13 16:58:37 | 000,642,212 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Flames for truck.CT5
[2013/08/13 10:36:17 | 027,460,282 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JOHNSON.CT5
[2013/08/13 01:38:44 | 014,422,481 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\t3.CT5
[2013/08/06 19:51:20 | 017,927,537 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\55.CT5
[2013/08/06 18:18:03 | 001,423,246 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\257.CT5
[2013/08/02 14:29:37 | 010,292,510 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\17 wilson.CT5
[2013/07/31 07:22:52 | 001,625,402 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ARBYS.CT5
[2013/07/29 21:54:36 | 003,480,347 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lch.CT5
[2013/07/29 03:03:10 | 002,496,310 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\a&a.CT5
[2013/07/29 03:00:08 | 002,210,157 | ---- | M] () -- C:\Documents and Settings\Aaron Burnette\My Documents\duste.CT5
[2013/07/28 23:43:07 | 000,191,488 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\hlvdd.dll
[2013/07/28 23:37:39 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\config.hsp
[2013/07/28 22:53:52 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[39 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Aaron Burnette\Desktop\*.tmp files -> C:\Documents and Settings\Aaron Burnette\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/27 19:54:33 | 3219,062,784 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/27 18:18:04 | 001,928,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/27 14:19:35 | 000,618,227 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Desktop\adwcleaner.exe
[2013/08/27 14:19:34 | 000,923,136 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Desktop\RogueKiller.exe
[2013/08/27 14:08:32 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qooejn.sys
[2013/08/27 13:30:47 | 000,002,169 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
[2013/08/27 13:30:47 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2013/08/27 12:40:21 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2013/08/27 12:40:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2013/08/27 12:40:21 | 000,021,360 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2013/08/27 12:40:19 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2013/08/27 12:40:19 | 000,203,336 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013/08/27 12:40:19 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2013/08/20 04:57:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/20 04:57:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/20 04:57:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/08/20 04:57:12 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/20 04:57:11 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/08/20 04:57:08 | 000,000,380 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/20 04:54:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/20 04:54:16 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/08/20 04:54:15 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/08/20 04:46:40 | 000,000,440 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{697E4988-2836-470C-AB95-AFCE832778E0}.job
[2013/08/20 04:04:32 | 023,303,349 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Xtreme style.CT5
[2013/08/20 04:04:28 | 026,453,757 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\window logo Xtreme Style.CT5
[2013/08/20 04:04:27 | 008,221,091 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\WESTWOOD.CT5
[2013/08/20 04:04:25 | 005,783,467 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\WELL-PICT 5.CT5
[2013/08/20 04:04:25 | 002,414,524 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\WAS.CT5
[2013/08/20 04:04:25 | 000,837,068 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\we box.CT5
[2013/08/20 04:04:25 | 000,525,105 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\w9.CT5
[2013/08/20 04:04:23 | 006,758,201 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\VTX.CT5
[2013/08/20 04:04:20 | 019,991,914 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\VICTOR LEE 2013.CT5
[2013/08/20 04:04:17 | 012,039,246 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Victor Lee.CT5
[2013/08/20 04:04:08 | 037,028,358 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\USWF.CT5
[2013/08/20 04:04:07 | 002,178,195 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\TTHeart.CT5
[2013/08/20 04:04:07 | 000,248,113 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\uk.CT5
[2013/08/20 04:03:54 | 026,266,052 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\TSHIRT 2.CT5
[2013/08/20 04:03:50 | 007,782,264 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\TSHIRT.CT5
[2013/08/20 04:03:48 | 006,388,492 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\todd pizza 2.CT5
[2013/08/20 04:03:48 | 000,798,890 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\TNT.CT5
[2013/08/20 04:03:42 | 012,892,150 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\things.CT5
[2013/08/20 04:03:37 | 011,316,371 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 20.CT5
[2013/08/20 04:03:29 | 042,819,552 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 19.CT5
[2013/08/20 04:03:25 | 030,111,579 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 18.CT5
[2013/08/20 04:03:24 | 012,616,875 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 17.CT5
[2013/08/20 04:03:22 | 020,500,664 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 16.CT5
[2013/08/20 04:03:21 | 021,778,157 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 15.CT5
[2013/08/20 04:03:19 | 016,055,986 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 14.CT5
[2013/08/20 04:03:17 | 035,003,583 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 13.CT5
[2013/08/20 04:03:15 | 021,812,630 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 12.CT5
[2013/08/20 04:03:13 | 022,703,682 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 11.CT5
[2013/08/20 04:03:11 | 012,845,697 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 10.CT5
[2013/08/20 04:03:09 | 018,321,456 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 9.CT5
[2013/08/20 04:03:08 | 003,329,584 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\tHing 8.CT5
[2013/08/20 04:03:07 | 015,232,821 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Thing 7.CT5
[2013/08/20 04:03:07 | 005,298,804 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Thing 6.CT5
[2013/08/20 04:03:06 | 005,458,575 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\THING 5.CT5
[2013/08/20 04:03:05 | 005,380,416 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 3.CT5
[2013/08/20 04:03:05 | 002,385,378 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\THING 4.CT5
[2013/08/20 04:03:03 | 008,088,450 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\thing 2.CT5
[2013/08/20 04:03:03 | 002,827,427 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\TARTER.CT5
[2013/08/20 04:03:03 | 000,518,574 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\tattoo.CT5
[2013/08/20 04:03:01 | 014,422,481 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\t3.CT5
[2013/08/20 04:03:01 | 001,015,564 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\snow.CT5
[2013/08/20 04:03:01 | 000,882,517 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ss.CT5
[2013/08/20 04:03:01 | 000,604,273 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\snack shack.CT5
[2013/08/20 04:03:01 | 000,212,814 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Somerset oil.CT5
[2013/08/20 04:03:00 | 009,206,868 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Smith 7.CT5
[2013/08/20 04:03:00 | 005,020,365 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Singleton.CT5
[2013/08/20 04:03:00 | 001,447,489 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Shell Marathon.CT5
[2013/08/20 04:03:00 | 001,355,248 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Signs for mike.CT5
[2013/08/20 04:03:00 | 000,433,203 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\sindey.CT5
[2013/08/20 04:03:00 | 000,280,152 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\SHERIFF.CT5
[2013/08/20 04:03:00 | 000,253,359 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Sign1.CT5
[2013/08/20 04:02:59 | 004,225,101 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\shear Designs.CT5
[2013/08/20 04:02:59 | 001,788,131 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\severry.CT5
[2013/08/20 04:02:59 | 000,674,933 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Seth.CT5
[2013/08/20 04:02:58 | 009,466,536 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\scott a.CT5
[2013/08/20 04:02:58 | 002,092,663 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\School.CT5
[2013/08/20 04:02:57 | 011,214,168 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Sarah Names.CT5
[2013/08/20 04:02:55 | 025,418,212 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Sandy`s Surprises.CT5
[2013/08/20 04:02:54 | 007,435,739 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\s4.CT5
[2013/08/20 04:02:52 | 026,058,886 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\RZR.CT5
[2013/08/20 04:02:52 | 001,671,575 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Ruck trucks.CT5
[2013/08/20 04:02:51 | 007,512,767 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\RIGHTEOUS PILGRIM.CT5
[2013/08/20 04:02:50 | 011,000,979 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\RICHMOND.CT5
[2013/08/20 04:02:48 | 015,931,724 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\revel race cars.CT5
[2013/08/20 04:02:48 | 012,972,292 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\RC.CT5
[2013/08/20 04:02:47 | 011,024,107 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ray middelton.CT5
[2013/08/20 04:02:47 | 002,944,461 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Randy`s 1.CT5
[2013/08/20 04:02:47 | 001,211,728 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\R&R.CT5
[2013/08/20 04:02:46 | 002,983,594 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Quality.CT5
[2013/08/20 04:02:46 | 002,609,679 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\r25.CT5
[2013/08/20 04:02:46 | 002,098,664 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\QUALITY TRUCK.CT5
[2013/08/20 04:02:46 | 001,897,395 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\R14.CT5
[2013/08/20 04:02:45 | 002,624,169 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\pulaski steel.CT5
[2013/08/20 04:02:45 | 001,723,004 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Puckett.CT5
[2013/08/20 04:02:45 | 001,017,969 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\produce.CT5
[2013/08/20 04:02:45 | 000,776,059 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\POWDER COATING.CT5
[2013/08/20 04:02:45 | 000,623,924 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\PS.CT5
[2013/08/20 04:02:45 | 000,204,595 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Proto Place.CT5
[2013/08/20 04:02:44 | 011,220,033 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Ponderosa speedway.CT5
[2013/08/20 04:02:41 | 025,937,674 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\plumber.CT5
[2013/08/20 04:02:41 | 000,782,405 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\pennzoil oil and lube sign.CT5
[2013/08/20 04:02:41 | 000,709,837 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\PCC SOFTBALL CHAMPS.CT5
[2013/08/20 04:02:41 | 000,656,897 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\peddlers pardise.CT5
[2013/08/20 04:02:41 | 000,368,322 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\peddlers paradise booth stickers.CT5
[2013/08/20 04:02:41 | 000,237,395 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Performance food.CT5
[2013/08/20 04:02:40 | 012,635,193 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\nos.CT5
[2013/08/20 04:02:39 | 011,286,108 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\NEW T Shirt.CT5
[2013/08/20 04:02:38 | 014,330,273 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\new 4.CT5
[2013/08/20 04:02:36 | 009,947,598 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Neighborhood.CT5
[2013/08/20 04:02:36 | 001,839,588 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\NEAT TRUCKS.CT5
[2013/08/20 04:02:36 | 000,783,691 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\neat 41.CT5
[2013/08/20 04:02:33 | 026,618,697 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\MUSTANG.CT5
[2013/08/20 04:02:33 | 000,231,080 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Music factory.CT5
[2013/08/20 04:02:32 | 002,929,671 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\motorcycle decals.CT5
[2013/08/20 04:02:32 | 000,479,463 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\MORSE BASEBALL.CT5
[2013/08/20 04:02:24 | 057,980,125 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\MOM.CT5
[2013/08/20 04:02:24 | 013,132,810 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\micheal.CT5
[2013/08/20 04:02:24 | 008,301,270 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\matt cox.CT5
[2013/08/20 04:02:24 | 000,104,085 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\mid state.CT5
[2013/08/20 04:02:23 | 001,994,789 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\matt.CT5
[2013/08/20 04:02:23 | 000,584,167 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Mark.CT5
[2013/08/20 04:02:22 | 004,271,070 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LOGO.bmp
[2013/08/20 04:02:22 | 004,173,580 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LMGRAY.CT5
[2013/08/20 04:02:22 | 004,026,821 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LOTS FOR SALE.CT5
[2013/08/20 04:02:22 | 001,303,022 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\logan`s.CT5
[2013/08/20 04:02:22 | 000,623,784 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\live.CT5
[2013/08/20 04:02:17 | 044,643,818 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LIT CARS.CT5
[2013/08/20 04:02:15 | 006,933,033 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lincoln county 4.CT5
[2013/08/20 04:02:14 | 003,174,469 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Lincoln County.CT5
[2013/08/20 04:02:14 | 001,316,429 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lily manor.CT5
[2013/08/20 04:02:14 | 000,442,884 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LILLAMBS.CT5
[2013/08/20 04:02:13 | 006,915,207 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Legends.CT5
[2013/08/20 04:02:13 | 004,444,308 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lee.CT5
[2013/08/20 04:02:13 | 003,649,850 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lcscc.CT5
[2013/08/20 04:02:13 | 000,295,116 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LICENSE PLATES.CT5
[2013/08/20 04:02:12 | 005,555,068 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\LCM.CT5
[2013/08/20 04:02:12 | 003,480,347 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lch.CT5
[2013/08/20 04:02:11 | 008,531,878 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\lc speedway.CT5
[2013/08/20 04:02:10 | 005,462,194 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\L.C FAIR SIGNS.CT5
[2013/08/20 04:02:09 | 002,335,887 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\L8.CT5
[2013/08/20 04:02:07 | 030,805,321 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Koontz 22.CT5
[2013/08/20 04:02:03 | 011,991,949 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\kenny`s.CT5
[2013/08/20 04:02:03 | 002,243,762 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Karl.CT5
[2013/08/20 04:02:02 | 000,563,061 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Karaoke Kid.CT5
[2013/08/20 04:02:01 | 017,606,383 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\k9.CT5
[2013/08/20 04:01:59 | 010,524,439 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JT Ayres 28.CT5
[2013/08/20 04:01:59 | 005,239,556 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Josh G.CT5
[2013/08/20 04:01:59 | 000,788,946 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JT AYRES.CT5
[2013/08/20 04:01:50 | 027,460,282 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JOHNSON.CT5
[2013/08/20 04:01:50 | 002,304,850 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JLK.CT5
[2013/08/20 04:01:50 | 001,753,834 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\jj trailor.CT5
[2013/08/20 04:01:50 | 001,348,452 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\jeffery.CT5
[2013/08/20 04:01:50 | 000,800,186 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\joes.CT5
[2013/08/20 04:01:50 | 000,427,118 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JEFF WATSON.CT5
[2013/08/20 04:01:50 | 000,342,291 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\jenny`s.CT5
[2013/08/20 04:01:50 | 000,300,819 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\john.CT5
[2013/08/20 04:01:50 | 000,209,236 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Jerry Body Shop.CT5
[2013/08/20 04:01:49 | 004,145,108 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Jeff S.CT5
[2013/08/20 04:01:49 | 000,602,245 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Jeff Hb.CT5
[2013/08/20 04:01:48 | 004,236,327 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\jame.CT5
[2013/08/20 04:01:45 | 003,563,811 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\JAKE 3D.CT5
[2013/08/20 04:01:44 | 010,813,998 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\In memory.CT5
[2013/08/20 04:01:44 | 002,259,820 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\J14.CT5
[2013/08/20 04:01:43 | 007,162,124 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\HORSES.CT5
[2013/08/20 04:01:43 | 002,811,717 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\HOLE.CT5
[2013/08/20 04:01:43 | 000,856,234 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Hoss.CT5
[2013/08/20 04:01:43 | 000,254,920 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Horsetrailers.CT5
[2013/08/20 04:01:42 | 000,498,659 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\HD.CT5
[2013/08/20 04:01:40 | 010,437,711 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\h.v.a.c..CT5
[2013/08/20 04:01:40 | 003,262,064 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\h35.CT5
[2013/08/20 04:01:40 | 001,219,633 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\h3.CT5
[2013/08/20 04:01:40 | 000,540,296 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GRYPHON ARMS DOOR.CT5
[2013/08/20 04:01:34 | 035,714,692 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GRPC.CT5
[2013/08/20 04:01:34 | 009,186,546 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Grover.CT5
[2013/08/20 04:01:33 | 007,716,849 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\greens.CT5
[2013/08/20 04:01:26 | 025,228,688 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Graphic1.pdf
[2013/08/20 04:01:26 | 021,099,215 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GO-KART.CT5
[2013/08/20 04:01:26 | 000,976,925 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Golf Rules.CT5
[2013/08/20 04:01:25 | 003,285,264 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\go kart h2.CT5
[2013/08/20 04:01:20 | 018,891,774 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\go kart 4.CT5
[2013/08/20 04:01:20 | 018,129,313 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\go kart 5.CT5
[2013/08/20 04:01:18 | 009,298,419 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\go kart 3.CT5
[2013/08/20 04:01:18 | 003,589,067 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GERALD.CT5
[2013/08/20 04:01:18 | 002,075,810 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\GIFFORD.CT5
[2013/08/20 04:01:18 | 000,115,601 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Frosty Wheels.pdf
[2013/08/20 04:01:17 | 001,645,275 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\FORM POUR.CT5
[2013/08/20 04:01:16 | 012,865,420 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Flyer bdh.CT5
[2013/08/20 04:01:15 | 003,097,344 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\flyer.CT5
[2013/08/20 04:01:15 | 000,642,212 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Flames for truck.CT5
[2013/08/20 04:01:15 | 000,398,611 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Faulconer.CT5
[2013/08/20 04:01:14 | 002,115,107 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Farley.CT5
[2013/08/20 04:01:14 | 001,799,001 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\eye health of stanford.CT5
[2013/08/20 04:01:14 | 000,214,677 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ESTES.CT5
[2013/08/20 04:01:12 | 014,944,601 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\EDWARDS.CT5
[2013/08/20 04:01:12 | 002,210,157 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\duste.CT5
[2013/08/20 04:01:12 | 000,379,635 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\DUB.CT5
[2013/08/20 04:01:11 | 003,716,652 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\don2.CT5
[2013/08/20 04:01:11 | 001,878,867 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Dirty.CT5
[2013/08/20 04:01:10 | 003,024,605 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\DANVILLE SMILE CENTER.CT5
[2013/08/20 04:01:07 | 010,091,708 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\D2.CT5
[2013/08/20 04:01:07 | 005,196,435 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\CR.CT5
[2013/08/20 04:01:07 | 003,488,552 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\COS.CT5
[2013/08/20 04:01:07 | 003,168,253 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\clay city.CT5
[2013/08/20 04:01:07 | 001,759,721 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\CKSS.CT5
[2013/08/20 04:01:07 | 001,177,768 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\cpmm.CT5
[2013/08/20 04:01:07 | 000,633,689 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\CINDY'S.CT5
[2013/08/20 04:01:02 | 021,787,211 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Chris Terry.CT5
[2013/08/20 04:01:02 | 008,626,182 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\cat.CT5
[2013/08/20 04:01:02 | 003,592,081 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\CCS.CT5
[2013/08/20 04:01:02 | 001,333,362 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\chad scott.CT5
[2013/08/20 04:01:02 | 000,808,337 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Car things.CT5
[2013/08/20 04:00:44 | 099,336,865 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\camper.CT5
[2013/08/20 04:00:42 | 015,188,035 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\c store.CT5
[2013/08/20 04:00:42 | 004,953,173 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BUZZ B30.CT5
[2013/08/20 04:00:41 | 002,547,077 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\brian.CT5
[2013/08/20 04:00:38 | 009,090,765 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Boyle Co.CT5
[2013/08/20 04:00:38 | 001,886,867 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Boards.CT5
[2013/08/20 04:00:38 | 001,819,886 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\bob.CT5
[2013/08/20 04:00:38 | 000,498,212 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BOOK.CT5
[2013/08/20 04:00:37 | 006,144,087 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Bj Barber.CT5
[2013/08/20 04:00:37 | 002,682,939 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BLUEGRASS.CT5
[2013/08/20 04:00:33 | 024,285,361 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Big T.CT5
[2013/08/20 04:00:33 | 007,356,532 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BIG DADDY`S.CT5
[2013/08/20 04:00:33 | 000,874,166 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BFI.CT5
[2013/08/20 04:00:31 | 011,292,091 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\BARREN COUNTY SPEEDWAY.CT5
[2013/08/20 04:00:27 | 013,537,969 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\barnyard.CT5
[2013/08/20 04:00:27 | 004,410,889 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Baker.CT5
[2013/08/20 04:00:27 | 001,625,402 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ARBYS.CT5
[2013/08/20 04:00:27 | 001,033,134 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\b&b.CT5
[2013/08/20 04:00:27 | 000,998,598 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Auto Glass.CT5
[2013/08/20 04:00:27 | 000,631,152 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Barber shop.CT5
[2013/08/20 04:00:27 | 000,601,184 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\bad.CT5
[2013/08/20 04:00:26 | 000,797,592 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\APPLE FEST 5K vl.CT5
[2013/08/20 04:00:24 | 005,150,800 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Animal.CT5
[2013/08/20 04:00:24 | 000,745,926 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\AMVETS.CT5
[2013/08/20 04:00:24 | 000,549,927 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\AMERICAN.CT5
[2013/08/20 04:00:22 | 013,565,257 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\ALL CUT UP.CT5
[2013/08/20 04:00:21 | 002,531,416 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\Aaron Coffey.CT5
[2013/08/20 04:00:20 | 002,496,310 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\a&a.CT5
[2013/08/20 04:00:18 | 006,587,669 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\2012 car.CT5
[2013/08/20 04:00:15 | 027,860,980 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\2008 LCSD.CT5
[2013/08/20 04:00:15 | 001,423,246 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\257.CT5
[2013/08/20 04:00:15 | 000,964,270 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\316.CT5
[2013/08/20 04:00:14 | 002,980,925 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\117.CT5
[2013/08/20 04:00:13 | 000,083,064 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\113.CT5
[2013/08/20 04:00:10 | 015,176,421 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\99.CT5
[2013/08/20 04:00:10 | 011,598,531 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\82.CT5
[2013/08/20 04:00:10 | 003,609,926 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\93.CT5
[2013/08/20 04:00:10 | 003,210,700 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\88.CT5
[2013/08/20 04:00:10 | 001,085,571 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\89.CT5
[2013/08/20 04:00:10 | 000,601,521 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\75.CT5
[2013/08/20 04:00:09 | 001,493,509 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\71.CT5
[2013/08/20 04:00:09 | 001,163,157 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\61J.CT5
[2013/08/20 04:00:09 | 000,914,057 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\69.CT5
[2013/08/20 04:00:08 | 001,919,083 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\55 mod.CT5
[2013/08/20 04:00:04 | 017,927,537 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\55.CT5
[2013/08/20 04:00:04 | 000,603,422 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\50.CT5
[2013/08/20 04:00:04 | 000,492,252 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\48.CT5
[2013/08/20 04:00:02 | 005,438,273 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\45.CT5
[2013/08/20 04:00:02 | 000,659,413 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\44.CT5
[2013/08/20 04:00:01 | 001,922,198 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\41 modified.CT5
[2013/08/20 04:00:00 | 005,162,158 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\39.CT5
[2013/08/20 03:59:57 | 019,708,302 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\35.CT5
[2013/08/20 03:59:54 | 035,363,683 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\33 josh.CT5
[2013/08/20 03:59:54 | 005,193,679 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\33.CT5
[2013/08/20 03:59:54 | 000,814,967 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\31.CT5
[2013/08/20 03:59:54 | 000,807,030 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\33 H.CT5
[2013/08/20 03:59:51 | 007,363,805 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\30 kathy.CT5
[2013/08/20 03:59:51 | 006,177,388 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\28p.CT5
[2013/08/20 03:59:51 | 004,940,830 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\25.CT5
[2013/08/20 03:59:51 | 001,516,015 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\29t.CT5
[2013/08/20 03:59:51 | 001,215,738 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\29.CT5
[2013/08/20 03:59:51 | 001,009,620 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\24 Chevette.CT5
[2013/08/20 03:59:51 | 000,775,261 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\23.CT5
[2013/08/20 03:59:51 | 000,471,472 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\24 mod.CT5
[2013/08/20 03:59:49 | 002,252,575 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\22.CT5
[2013/08/20 03:59:49 | 000,579,188 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\21T.CT5
[2013/08/20 03:59:48 | 000,238,740 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\21 mod.CT5
[2013/08/20 03:59:47 | 002,042,950 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\21.CT5
[2013/08/20 03:59:45 | 010,292,510 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\17 wilson.CT5
[2013/08/20 03:59:45 | 006,427,166 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\20.CT5
[2013/08/20 03:59:45 | 000,747,586 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\18.CT5
[2013/08/20 03:59:44 | 005,343,333 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\17.CT5
[2013/08/20 03:59:44 | 003,727,525 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\14.CT5
[2013/08/20 03:59:44 | 000,172,634 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\15.CT5
[2013/08/20 03:59:42 | 006,267,517 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\13.CT5
[2013/08/20 03:59:42 | 005,671,944 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\11b.CT5
[2013/08/20 03:59:42 | 004,249,891 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\13w.CT5
[2013/08/20 03:59:42 | 002,252,906 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\12.CT5
[2013/08/20 03:59:40 | 003,383,087 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\11.CT5
[2013/08/20 03:59:40 | 002,188,394 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\8 chevette.CT5
[2013/08/20 03:59:39 | 001,850,724 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\08 4.CT5
[2013/08/20 03:59:38 | 009,050,744 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\3d.CT5
[2013/08/20 03:59:38 | 004,966,132 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\6 CAR.CT5
[2013/08/20 03:59:38 | 002,203,244 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\07.CT5
[2013/08/20 03:59:38 | 002,109,206 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\5.CT5
[2013/08/20 03:59:38 | 001,281,914 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\3 cole.CT5
[2013/08/20 03:59:38 | 001,101,396 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\6T.CT5
[2013/08/20 03:59:38 | 000,609,421 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\4C.CT5
[2013/08/20 03:59:38 | 000,570,579 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\6.CT5
[2013/08/20 03:59:38 | 000,012,826 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\2 d.CT5
[2013/08/20 03:59:37 | 001,780,475 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\2.CT5
[2013/08/20 03:59:36 | 001,865,885 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\1X.CT5
[2013/08/20 03:59:35 | 005,702,205 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\1c.CT5
[2013/08/20 03:59:35 | 001,457,281 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\1c cox.CT5
[2013/08/20 03:59:35 | 000,623,128 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\1 shelton.CT5
[2013/08/20 03:59:34 | 004,002,861 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\1.CT5
[2013/08/20 03:59:34 | 000,976,298 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\01.CT5
[2013/08/20 03:46:38 | 003,358,988 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\FLYERS.ck5
[2013/08/20 03:32:48 | 003,561,325 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\FLYERS.CT5
[2013/08/20 02:47:14 | 000,000,436 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Desktop\Shortcut to ccutmx55.lnk
[2013/08/20 02:13:25 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/20 00:51:53 | 000,969,474 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\xs.eps
[2013/08/20 00:03:01 | 000,365,331 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\4 car.ait
[2013/08/19 23:48:19 | 000,289,540 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\My Documents\4 car.pdf
[2013/08/19 20:36:07 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\e1e5132.din
[2013/08/15 23:17:53 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ATT416.lnk
[2013/08/15 22:15:31 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Printer Internet.lnk
[2013/07/28 23:43:01 | 000,002,543 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Cibercut MAX 5.6.lnk
[2013/07/28 23:37:32 | 000,002,539 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Cibercut MAX 5.5.lnk
[2013/07/28 23:37:32 | 000,000,331 | ---- | C] () -- C:\WINDOWS\cibercat.lic
[2013/07/28 22:53:52 | 000,004,128 | ---- | C] () -- C:\INFCACHE.1
[2012/10/23 12:41:56 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\.recently-used.xbel
[2012/02/16 13:04:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/07/22 13:08:58 | 000,001,099 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\PRINTSERVER-NetTool.ini
[2010/04/27 13:34:15 | 004,452,352 | ---- | C] () -- C:\Program Files\Skillsaw Designs (Backup Apr 27,2010 01 33 PM).QBB
[2007/03/16 13:41:51 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\InterCon-NetTool.ini
[2006/01/19 17:56:51 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Application Data\PFP120JPR.{PB
[2006/01/19 17:56:51 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Application Data\PFP120JCM.{PB
[2005/08/15 19:49:56 | 000,007,569 | ---- | C] () -- C:\Program Files\shkgl601.nfo
[2005/08/15 19:49:56 | 000,001,037 | ---- | C] () -- C:\Program Files\pbox.nfo
[2005/08/15 19:49:56 | 000,000,088 | ---- | C] () -- C:\Program Files\Setup.ini
[2005/08/01 02:32:17 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Local Settings\Application Data\fusioncache.dat
[2005/07/28 10:43:05 | 000,006,128 | ---- | C] () -- C:\Program Files\Abcpy.ini
[2005/02/01 23:58:41 | 001,306,744 | ---- | C] () -- C:\Program Files\zmodeler_v106.exe
[2005/02/01 23:58:32 | 000,707,072 | ---- | C] () -- C:\Program Files\ws_ftple.exe
[2005/02/01 23:58:22 | 000,944,797 | ---- | C] () -- C:\Program Files\wrar300.exe
[2005/02/01 23:58:10 | 000,044,544 | ---- | C] () -- C:\Program Files\rescrack.exe
[2005/02/01 23:58:08 | 000,884,818 | ---- | C] () -- C:\Program Files\PapyBmp.exe
[2005/02/01 23:58:06 | 000,068,076 | ---- | C] () -- C:\Program Files\Ironwork.ttf
[2005/02/01 23:58:06 | 000,064,012 | ---- | C] () -- C:\Program Files\IRONGATE.ttf
[2005/02/01 23:58:04 | 000,528,384 | ---- | C] () -- C:\Program Files\dxtex.exe
[2005/02/01 23:58:03 | 000,502,968 | ---- | C] () -- C:\Program Files\accountwizardinstaller.exe
[2005/02/01 22:47:14 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Aaron Burnette\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2004/08/11 19:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/07/16 07:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Aim
[2013/08/27 15:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Azureus
[2011/02/04 12:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Blackberry Desktop
[2009/07/19 09:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\FedEx
[2009/07/17 18:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\FedExDesktop.026F9BDCA0F141E500950436A5D33181EE6B8EF5.1
[2013/03/12 13:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\FileZilla
[2011/06/13 13:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\FrostWire
[2010/02/16 12:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\inkscape
[2010/04/22 21:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\InterTrust
[2005/07/05 22:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Jasc
[2005/02/01 22:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Leadertech
[2010/07/21 20:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Linksys
[2007/02/02 14:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\MSNInstaller
[2005/06/02 08:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Musicmatch
[2006/02/12 15:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Opera
[2006/09/23 23:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Quark
[2013/07/23 15:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\Research In Motion
[2010/07/22 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aaron Burnette\Application Data\VirtualStore
[2013/07/23 15:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2007/12/06 00:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2013/08/20 04:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2005/01/20 10:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/04/20 19:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/07/22 12:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2005/02/19 21:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2007/10/31 00:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2006/09/23 23:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quark
[2012/02/16 17:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/04/20 20:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2007/10/31 00:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/22 10:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/02 19:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/16 13:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B7A015B7-4802-4678-8CEC-700380BA9AFD}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D29BF00

< End of report >





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




OTL Extras logfile created on: 8/27/2013 8:17:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aaron Burnette\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 79.06% Memory free
6.82 Gb Paging File | 6.20 Gb Available in Paging File | 90.85% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 295.29 Gb Total Space | 226.21 Gb Free Space | 76.61% Space Free | Partition Type: NTFS

Computer Name: SKILLSAW | User Name: Aaron Burnette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Adobe\Adobe GoLive CS2\GoLive.exe" "%1" (Adobe Systems Incorporated)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AIM95\aim.exe" = C:\Program Files\AIM95\aim.exe:*:Enabled:AOL Instant Messenger
"C:\Program Files\Common Files\AOL\1133079588\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1133079588\ee\AOLServiceHost.exe:*:Enabled:AOL Services
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\MSMSGS.EXE" = C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\AIM95\aim.exe" = C:\Program Files\AIM95\aim.exe:*:Enabled:AOL Instant Messenger
"C:\Program Files\Common Files\AOL\1133079588\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1133079588\ee\AOLServiceHost.exe:*:Enabled:AOL Services
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" = C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2 -- (Adobe Systems Incorporated)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Blubster\Blubster.exe" = C:\Program Files\Blubster\Blubster.exe:*:Enabled:Blubster
"C:\Program Files\CallWave\IAM.exe" = C:\Program Files\CallWave\IAM.exe:*:Enabled:CallWave
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server -- (SafeNet, Inc.)
"C:\Program Files\VE LXi Master + 6\Program\App2.exe" = C:\Program Files\VE LXi Master + 6\Program\App2.exe:*:Enabled:Production -- ()
"C:\Program Files\VE LXi Master + 6\Program\App.exe" = C:\Program Files\VE LXi Master + 6\Program\App.exe:*:Enabled:FlexiSIGN-PRO -- (Amiable Technologies Inc.)
"C:\Program Files\SignWarehouse\SignWarehouse Production Suite1\Program\app2.exe" = C:\Program Files\SignWarehouse\SignWarehouse Production Suite1\Program\app2.exe:*:Enabled:Production Manager 8.5v1 -- (SA International)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{03281928-96C3-4AC4-8BD8-79C8347B920F}" = PRINTSERVER-NetTool
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0928B2C5-0B16-C2FB-7BAE-A25901414687}" = ATI Catalyst Install Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1047106F-3AED-4661-B919-6D377BF641CF}" = RangeMax™ NEXT Wireless Adapter WN311B
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1774C3D2-30FF-70EE-A1AF-1B771E2D2D33}" = ccc-utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE9594B-E51F-9845-0466-C0D1D915FBB5}" = Catalyst Control Center InstallProxy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"{31DDEBE2-0F7D-A4AA-B8A9-9E1FD795FC2A}" = CCC Help English
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{40280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9535BF-CC90-4158-AF32-CAF57A8820CA}" = Macromedia Contribute 3.11
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7BF7113C-6351-4B2D-BA87-8FEEC8E8B98E}" = Cibercut MAX 5.5
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{87841AF8-C785-42FF-A76E-CC0F0C2816CC}" = ATI Catalyst Control Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{950D665C-94CC-410B-9139-25BF699E6F52}" = SignWarehouse Production Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97E38F11-0FBE-4BC2-9EE1-5B1421C76F27}" = Adobe GoLive 6.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9ED71778-0E56-4760-9FC6-2C29D75100C5}" = Radioshack USB-to-Serial Cable Driver Installer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A10F0085-D206-42EF-A3D6-70F6CC7788A7}" = Roland VersaWorks
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3E77D20-647C-40E2-B69B-C120D4D58190}" = G5a922EN
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BEAED2F4-04C7-95C4-7D8F-500EFE6CD1F9}" = ccc-core-static
"{BEBAEA33-ADC5-4B04-BA67-AA345C3195B5}" = SignWarehouse Production Suite1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{CA687F4A-651E-4CB6-A958-E4C6200111D0}" = NavStudio
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE567716-7997-E0AE-DD81-1A5D49A5FB25}" = Catalyst Control Center Graphics Previews Common
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D3A5B9DB-6EF7-4358-9121-B88AC7FE4869}" = Cibercut MAX 5.6
"{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Gigabit Adapter
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E82BF103-904F-49C0-B77F-6EC110B71E87}" = Sound Blaster Audigy 2
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD9BCB6B-588D-48B5-9A26-3935B5D9E9E2}" = SEH InterCon-NetTool 1.8.27
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"166" = VE LXi Master + 6.6v1
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Eye Candy 4000" = Eye Candy 4000
"GTRemote Client" = TechConnect
"HASP Device Driver" = HASP Device Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"InstallShield_{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Smart Wizard Utility
"Intel® 537EP V9x DFV PCI Modem" = Intel® 537EP V9x DFV PCI Modem
"LMS" = C-Dilla Licence Management System
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PHP 5.0.4" = PHP 5.0.4
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 16.0" = RealPlayer
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TopStyle Lite (Version 3.0)" = TopStyle Lite (Version 3.0)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/27/2013 2:17:02 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 2:32:23 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 2:48:18 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 3:07:57 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 6:23:04 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 7:28:37 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 7:55:22 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1000
Description = Faulting application swtrayv4.exe, version 4.2.0.145, faulting module
swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Error - 8/27/2013 7:56:09 PM | Computer Name = SKILLSAW | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.2.131:5353 18 131.2.168.192.in-addr.arpa.
PTR Skillsaw-2.local.

Error - 8/27/2013 7:56:09 PM | Computer Name = SKILLSAW | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 16 131.2.168.192.in-addr.arpa.
PTR Skillsaw.local.

Error - 8/27/2013 7:56:24 PM | Computer Name = SKILLSAW | Source = Application Error | ID = 1001
Description = Fault bucket 03362236.

[ System Events ]
Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The Cdralw2k service failed to start due to the following error: %%1275

Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The XCP CD Proxy service failed to start due to the following error:
%%2

Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Google Update Service
(gupdate) service to connect.

Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%1053

Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The Par1284 service failed to start due to the following error: %%20

Error - 8/27/2013 1:05:09 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The Trend Micro Central Control Component service failed to start
due to the following error: %%3

Error - 8/27/2013 1:05:20 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
$sys$cor $sys$crater

Error - 8/27/2013 1:06:02 AM | Computer Name = SKILLSAW | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/27/2013 1:08:02 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The $sys$oct service failed to start due to the following error: %%3

Error - 8/27/2013 1:08:11 AM | Computer Name = SKILLSAW | Source = Service Control Manager | ID = 7000
Description = The $sys$oct service failed to start due to the following error: %%3


< End of report >
  • 0

#68
JSntgRvr
Posted 27 August 2013 - 06:54 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the entire content of the quote box (except the word quote) below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\$sys$filesystem\oct.sys -- ($sys$oct)
    DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
    DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\$sys$cor.sys -- ($sys$cor)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - No CLSID value found.
    O4 - HKLM..\Run: [] winlog.exe File not found
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
    O4 - HKLM..\RunServices: [] winlog.exe File not found
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = File not found
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
    O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
    O4 - HKLM..\Run: [SideWinderTrayV4] C:\Program Files\Microsoft Hardware\Game Controllers\Common\SWTrayV4.EXE (Microsoft Corporation)

    :Commands
    [EMPTYTEMP]
    [EMPTYJAVA]
    [REBOOT]

  • Return to OTL, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • The computer will restart
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder. Open that report and post its contents in a reply.


Download the Event Viewer Tool by Vino Rosso and post its report.
  • 0

#69
Theoutdoorsman
Posted 27 August 2013 - 06:54 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
It is possible this could be the culprit.

DRV - [2000/06/20 13:23:32 | 000,021,913 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)


However, that Sony Rootkit is still plaguing the machine too .... :huh: .... I'm interested in how you will attack this mess.
  • 0

#70
Theoutdoorsman
Posted 27 August 2013 - 07:01 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
The reason I mention that line is only because Windows is complaining about an installed application of this kind. Also, here is a short list of applications I know he won't be needing:

  • Musicmatch Jukebox
  • Realplayer
  • Trend Micro
  • Symantec
  • America Online, Inc

  • 0

Advertisements

#71
JSntgRvr
Posted 27 August 2013 - 07:03 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

It is possible this could be the culprit.

DRV - [2000/06/20 13:23:32 | 000,021,913 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)


However, that Sony Rootkit is still plaguing the machine too .... :huh: .... I'm interested in how you will attack this mess.


That file is a Media Player Plugin. I don't see a problem with it. With the event viewer, if recorded, I may be able to see the conflict.
  • 0

#72
JSntgRvr
Posted 27 August 2013 - 07:05 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

The reason I mention that line is only because Windows is complaining about an installed application of this kind. Also, here is a short list of applications I know he won't be needing:

  • Musicmatch Jukebox
  • Realplayer
  • Trend Micro
  • Symantec
  • America Online, Inc

Use the Control Panel to remove those programs.
  • 0

#73
Theoutdoorsman
Posted 27 August 2013 - 07:14 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
Here is the OTL Fix Log. I will download the Event Viewer Tool by Vino Rosso and post its report as soon as I finish uninstalling those programs for you:




All processes killed
========== OTL ==========
Service $sys$oct stopped successfully!
Service $sys$oct deleted successfully!
File C:\WINDOWS\system32\$sys$filesystem\oct.sys not found.
Service $sys$crater stopped successfully!
Service $sys$crater deleted successfully!
File C:\WINDOWS\system32\$sys$filesystem\crater.sys not found.
Service $sys$cor stopped successfully!
Service $sys$cor deleted successfully!
File System32\Drivers\$sys$cor.sys not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCAC5586-44D7-4c43-B64A-F042461A97D2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCAC5586-44D7-4c43-B64A-F042461A97D2}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\ deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\musicmatch.com\online\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SideWinderTrayV4 deleted successfully.
C:\Program Files\Microsoft Hardware\Game Controllers\Common\SWTrayV4.EXE moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Aaron Burnette
->Temp folder emptied: 2896 bytes
->Temporary Internet Files folder emptied: 11795218 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 23514654 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 80950272 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3555 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 11199 bytes

Total Files Cleaned = 111.00 mb


[EMPTYJAVA]

User: Aaron Burnette
->Java cache emptied: 0 bytes

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08272013_210522

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#74
Theoutdoorsman
Posted 27 August 2013 - 07:47 PM

Theoutdoorsman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 230 posts
The AOL Uninstaller does not list any applications it can install. This line may need to be included in your next fix:

DRV - [2003/01/10 19:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw)



Also, are you familiar with these programs?

  • Unity Web Player
  • Classic Phone Tools
  • C-Dilla Licence (notice the spelling there?) Managament System



Here is the log you've requested. I hope this is the correct one. You didn't give me a link to anything specific. At any rate, :




Vino's Event Viewer v01c run on Windows XP in English
Report run at 27/08/2013 9:43:35 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/08/2013 7:56:24 PM
Type: error Category: 0
Event: 1001 Source: Application Error
Fault bucket 03362236.

Log: 'Application' Date/Time: 27/08/2013 7:56:09 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 16 131.2.168.192.in-addr.arpa. PTR Skillsaw.local.

Log: 'Application' Date/Time: 27/08/2013 7:56:09 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.2.131:5353 18 131.2.168.192.in-addr.arpa. PTR Skillsaw-2.local.

Log: 'Application' Date/Time: 27/08/2013 7:55:22 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 7:28:37 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 6:23:04 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 3:07:57 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 2:48:18 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 2:32:23 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 2:17:02 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 27/08/2013 1:39:19 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application swtrayv4.exe, version 4.2.0.145, faulting module swtrayv4.exe, version 4.2.0.145, fault address 0x00001504.

Log: 'Application' Date/Time: 20/08/2013 3:50:56 AM
Type: error Category: 100
Event: 1000 Source: Application Error
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x1301cbb0.

Log: 'Application' Date/Time: 20/08/2013 1:59:26 AM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 16 149.1.168.192.in-addr.arpa. PTR Skillsaw.local.

Log: 'Application' Date/Time: 20/08/2013 1:59:26 AM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.1.149:5353 18 149.1.168.192.in-addr.arpa. PTR Skillsaw-2.local.

Log: 'Application' Date/Time: 19/08/2013 8:42:49 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application helpctr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 25/07/2013 4:04:02 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application AcroRd32.exe, version 10.1.7.27, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 25/07/2013 1:27:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 16 7.1.168.192.in-addr.arpa. PTR Skillsaw.local.

Log: 'Application' Date/Time: 25/07/2013 1:27:33 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.1.7:5353 18 7.1.168.192.in-addr.arpa. PTR Skillsaw-2.local.

Log: 'Application' Date/Time: 24/07/2013 1:26:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 16 7.1.168.192.in-addr.arpa. PTR Skillsaw.local.

Log: 'Application' Date/Time: 24/07/2013 1:26:17 PM
Type: error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.1.7:5353 18 7.1.168.192.in-addr.arpa. PTR Skillsaw-2.local.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/08/2013 7:22:45 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 7:22:45 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 6:18:55 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 6:18:54 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 3:02:02 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 3:02:02 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 2:41:51 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 2:41:51 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 2:26:19 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 2:26:19 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 2:10:45 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 2:10:45 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 1:33:01 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 1:33:01 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 12:44:07 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 12:44:07 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 12:19:57 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 12:19:57 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 27/08/2013 1:05:07 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 27/08/2013 1:05:07 AM
Type: warning Category: 1
Event: 32066 Source: Microsoft Fax
At least one of the devices in the outgoing routing group is not valid. Group name: '<All devices>'

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/08/2013 1:08:11 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The $sys$oct service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 27/08/2013 1:08:02 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The $sys$oct service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 27/08/2013 1:06:02 AM
Type: error Category: 6
Event: 16 Source: Windows Update Agent
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Log: 'System' Date/Time: 27/08/2013 1:05:20 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: $sys$cor $sys$crater

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Trend Micro Central Control Component service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Par1284 service failed to start due to the following error: The system cannot find the device specified.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The XCP CD Proxy service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Cdralw2k service failed to start due to the following error: This driver has been blocked from loading

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Plug and Play Device Manager service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 27/08/2013 1:05:09 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The tmcomm service failed to start due to the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 27/08/2013 1:04:51 AM
Type: error Category: 0
Event: 876 Source: Application Popup
Driver Cdralw2k.SYS has been blocked from loading.

Log: 'System' Date/Time: 27/08/2013 12:53:13 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD Fips i8042prt IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip tmtdi

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 27/08/2013 12:50:42 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/08/2013 1:07:24 AM
Type: warning Category: 0
Event: 27 Source: e1express
Intel® 82566DC-2 Gigabit Network Connection Link has been disconnected.
  • 0

#75
JSntgRvr
Posted 27 August 2013 - 08:23 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
I have addressed most of these errors. JRT should reset the Event Viewer. Run also OTL to look for those orphans. In regard to the programs you mention,

Unity Web Player - Program to create 3D games
Classic Phone Tools - Computer fax and phone software
C-Dilla Licence (notice the spelling there?) Managament System - MacroVision’s SafeCast copy protection software which enables other software manufacturers to protect their products from illegal copying. (Keep this one)


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP