OTL logfile created on: 12/28/2009 8:42:30 PM - Run 2
OTL by OldTimer - Version 3.1.20.1     Folder = C:\Users\MICHELLE\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.74 Gb Total Space | 26.37 Gb Free Space | 26.44% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.38 Gb Free Space | 43.84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MICHELLE-PC
Current User Name: MICHELLE
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/12/28 20:38:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\MICHELLE\Desktop\OTL.exe
PRC - [2009/12/23 22:48:34 | 00,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2009/12/03 16:14:02 | 00,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/03 07:06:31 | 00,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/19 13:47:28 | 00,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdrcoms.exe
PRC - [2009/07/27 15:54:44 | 00,345,392 | ---- | M] (Yapta, Inc.) -- C:\Program Files\Yapta\YaptaClient.exe
PRC - [2009/07/15 18:33:15 | 00,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/04/11 01:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/07 16:43:36 | 00,809,488 | ---- | M] (Logitech, Inc.) -- C:\Users\MICHELLE\Desktop\SetPoint\SetPoint.exe
PRC - [2008/11/07 16:39:36 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/09/10 05:24:21 | 00,676,520 | ---- | M] () -- C:\Program Files\Lexmark 4900 Series\lxdrmon.exe
PRC - [2008/09/10 05:24:18 | 00,025,256 | ---- | M] () -- C:\Program Files\Lexmark 4900 Series\lxdrmsdmon.exe
PRC - [2008/05/02 11:40:34 | 00,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\providerComcast\bin\tgsrvc.exe
PRC - [2008/01/19 02:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2007/08/08 18:28:48 | 00,028,672 | ---- | M] (WebGuide LLC) -- C:\Program Files\WebGuide\WebGuide4\bin\WebGuideServiceMonitor.exe
PRC - [2007/08/08 18:28:42 | 00,040,960 | ---- | M] (WebGuide LLC) -- C:\Program Files\WebGuide\WebGuide4\bin\WebGuideTranscodeService.exe
PRC - [2007/03/14 17:53:10 | 00,569,344 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007/02/08 00:11:04 | 00,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/02/07 23:06:10 | 00,049,152 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/21 20:09:02 | 00,842,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2006/11/17 18:52:40 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/11/11 18:10:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2006/11/02 19:40:12 | 00,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2006/10/13 11:31:34 | 00,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/10/03 11:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/05/09 18:16:15 | 00,192,512 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2009/12/28 20:38:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\MICHELLE\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (stllssvr)
SRV - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/16 15:49:48 | 00,094,208 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdrserv.exe -- (lxdrCATSCustConnectService)
SRV - [2009/10/03 07:06:31 | 00,056,680 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/16 10:23:32 | 00,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/19 13:47:28 | 00,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdrcoms.exe -- (lxdr_device)
SRV - [2009/07/15 18:33:15 | 00,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/26 19:13:04 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/07 16:40:52 | 00,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/05/02 11:40:34 | 00,398,704 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/05/02 11:40:34 | 00,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\providerComcast\bin\tgsrvc.exe -- (tgsrvc_providercomcast) SupportSoft Repair Service (providercomcast)
SRV - [2008/03/20 21:58:24 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\508\g2aservice.exe -- (GoToAssist)
SRV - [2008/02/28 10:53:18 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/02/28 10:53:18 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/01/18 23:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/08 18:28:42 | 00,040,960 | ---- | M] (WebGuide LLC) [Auto | Running] -- C:\Program Files\WebGuide\WebGuide4\bin\WebGuideTranscodeService.exe -- (WebGuideTranscode)
SRV - [2007/03/14 17:53:10 | 00,569,344 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2007/02/07 23:06:10 | 00,049,152 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe -- (UltiDev Cassini Web Server for ASP.NET 2.0)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/11 18:10:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2006/11/02 19:40:12 | 00,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/aolcom/search?invocationType=tbff50ie7&query="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.comcast.net/"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.27
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..keyword.URL: "http://search.aol.com/aolcom/search?invocationType=TB50TRFF;homepage=no;search=yesab&query="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2007/03/22 05:16:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/22 05:39:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/22 05:39:21 | 00,000,000 | ---D | M]
 
[2008/12/18 05:05:50 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Extensions
[2009/12/24 09:47:02 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\extensions
[2009/12/21 06:12:27 | 00,000,000 | ---D | M] (NoScript) -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2008/11/18 20:05:19 | 00,000,000 | ---D | M] (No name found) -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2009/11/15 08:25:15 | 00,000,000 | ---D | M] (WOT) -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2008/10/17 16:09:23 | 00,001,901 | ---- | M] () -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\searchplugins\aimsearch.xml
[2009/12/20 07:06:41 | 00,001,218 | ---- | M] () -- C:\Users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\searchplugins\comcast.xml
[2009/11/09 21:02:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/18 05:05:42 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/11/19 17:16:28 | 00,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/11/19 17:16:29 | 00,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2008/10/09 19:16:49 | 00,001,982 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\AIM Search.xml
[2008/12/01 11:50:26 | 00,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml
 
O1 HOSTS File: (810 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications.                )
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications.                )
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [lxdramon] C:\Program Files\Lexmark 4900 Series\lxdramon.exe ()
O4 - HKLM..\Run: [lxdrmon.exe] C:\Program Files\Lexmark 4900 Series\lxdrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Yapta Tracker] C:\Program Files\Yapta\YaptaClient.exe (Yapta, Inc.)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Yapta - {0094A600-9BDD-4019-BAFE-487284F7D476} - C:\Program Files\Yapta\YaptaSidebar.dll (Yapta, Inc.)
O9 - Extra 'Tools' menuitem : Yapta... - {0094A600-9BDD-4019-BAFE-487284F7D476} - Reg Error: Value error. File not found
O9 - Extra Button: Yapta Settings - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe (Yapta, Inc.)
O9 - Extra 'Tools' menuitem : Yapta Settings... - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe (Yapta, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: comcastsupport.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: gameinformer.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: gameinformer.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: msgtag.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 3 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {3527C5BD-4A46-4362-94B6-12341D087A4B} http://echospin.com/wizard/files/esWizard.cab (esProxy.GeneralHandler)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (Reg Error: Key error.)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/static/m/cab/2.8.1/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/09/23 00:23:39 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
OTL cannot create restorepoints on Vista OSs!
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2009/12/28 20:37:56 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\MICHELLE\Desktop\OTL.exe
[2009/12/26 23:01:58 | 00,000,000 | ---D | C] -- C:\Users\MICHELLE\Desktop\Microsoft
[2009/12/24 17:58:09 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/12/19 13:43:27 | 00,093,056 | ---- | C] (GMER) -- C:\uwlcqkow.sys
[2009/12/19 11:39:40 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/15 21:21:49 | 00,000,000 | ---D | C] -- C:\Program Files\Seagate
[2009/10/15 21:32:46 | 00,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxdrcoin.dll
[2009/09/10 22:24:54 | 00,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdrpmui.dll
[2009/09/10 22:24:46 | 00,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdrcomm.dll
[2009/07/28 20:37:00 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\MICHELLE\AppData\Roaming\pcouffin.sys
[2009/03/12 20:01:01 | 00,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDRhcp.dll
[2009/03/12 20:01:00 | 00,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdrusb1.dll
[2009/03/12 20:01:00 | 00,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdrinpa.dll
[2009/03/12 20:01:00 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdriesc.dll
[2009/03/12 20:00:59 | 01,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdrserv.dll
[2009/03/12 20:00:59 | 00,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdrlmpm.dll
[2009/03/12 20:00:57 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxdrhbn3.dll
[2009/03/12 20:00:55 | 00,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxdrcomc.dll
[2008/04/30 16:04:31 | 00,008,192 | ---- | C] ( ) -- C:\Windows\System32\cshost.dll
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\MICHELLE\Desktop\*.tmp files -> C:\Users\MICHELLE\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2009/12/28 20:46:00 | 00,000,390 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4EF27C85-EE55-495F-80F8-3060E4B8A57A}.job
[2009/12/28 20:45:08 | 00,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{43A518E6-C34F-4385-927F-75DDE5105BDE}.job
[2009/12/28 20:45:00 | 00,000,390 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5F21486F-FCF4-4E72-B917-B2262D5A96A6}.job
[2009/12/28 20:42:33 | 07,602,176 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat
[2009/12/28 20:38:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\MICHELLE\Desktop\OTL.exe
[2009/12/28 20:30:33 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/12/28 20:29:59 | 00,028,163 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2009/12/28 20:27:42 | 00,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\Rpcnet.dll
[2009/12/28 20:27:42 | 00,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2009/12/28 20:27:33 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/28 20:27:33 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/28 20:27:26 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/28 20:27:22 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/28 20:27:15 | 00,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2009/12/28 19:24:26 | 00,293,376 | ---- | M] () -- C:\Users\MICHELLE\Desktop\gmer.exe
[2009/12/28 19:24:19 | 00,284,915 | ---- | M] () -- C:\Users\MICHELLE\Desktop\gmer.zip
[2009/12/28 19:10:47 | 00,524,288 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548af-bd86-11dc-8f61-0019b9602971}.TMContainer00000000000000000001.regtrans-ms
[2009/12/28 19:10:47 | 00,065,536 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548af-bd86-11dc-8f61-0019b9602971}.TM.blf
[2009/12/28 19:10:38 | 02,765,348 | -H-- | M] () -- C:\Users\MICHELLE\AppData\Local\IconCache.db
[2009/12/28 08:05:50 | 00,002,587 | ---- | M] () -- C:\Users\MICHELLE\Desktop\WORD.lnk
[2009/12/28 01:17:43 | 00,000,526 | ---- | M] () -- C:\Windows\tasks\Malwarebytes' Scheduled Scan for MICHELLE.job
[2009/12/28 01:00:10 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\Malwarebytes' Scheduled Update for MICHELLE.job
[2009/12/27 23:34:00 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/12/24 19:52:57 | 00,002,191 | ---- | M] () -- C:\Users\MICHELLE\Desktop\iTunes.lnk
[2009/12/21 07:48:00 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/21 07:48:00 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/21 07:48:00 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/19 14:01:04 | 30,015,3808 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/12/19 13:46:40 | 01,048,576 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.2.regtrans-ms
[2009/12/19 13:46:40 | 01,048,576 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.1.regtrans-ms
[2009/12/19 13:46:40 | 01,048,576 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.0.regtrans-ms
[2009/12/19 13:46:40 | 00,065,536 | -HS- | M] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.blf
[2009/12/19 13:43:27 | 00,093,056 | ---- | M] (GMER) -- C:\uwlcqkow.sys
[2009/12/15 01:00:02 | 00,000,346 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\MICHELLE\Desktop\*.tmp files -> C:\Users\MICHELLE\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009/12/28 19:24:26 | 00,293,376 | ---- | C] () -- C:\Users\MICHELLE\Desktop\gmer.exe
[2009/12/28 19:24:19 | 00,284,915 | ---- | C] () -- C:\Users\MICHELLE\Desktop\gmer.zip
[2009/12/24 19:52:52 | 00,002,191 | ---- | C] () -- C:\Users\MICHELLE\Desktop\iTunes.lnk
[2009/12/19 13:46:40 | 01,048,576 | -HS- | C] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.2.regtrans-ms
[2009/12/19 13:46:40 | 01,048,576 | -HS- | C] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.1.regtrans-ms
[2009/12/19 13:46:40 | 01,048,576 | -HS- | C] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.0.regtrans-ms
[2009/12/19 13:46:40 | 00,065,536 | -HS- | C] () -- C:\Users\MICHELLE\ntuser.dat{c0c548ae-bd86-11dc-8f61-0019b9602971}.TxR.blf
[2009/10/20 22:39:23 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/19 12:05:21 | 00,373,802 | ---- | C] () -- C:\ProgramData\lxdrJSW.log
[2009/09/10 22:24:29 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdrgrd.dll
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/28 21:15:07 | 00,001,044 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\vso_ts_preview.xml
[2009/07/28 20:38:18 | 00,000,033 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\pcouffin.log
[2009/07/28 20:37:00 | 00,007,887 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\pcouffin.cat
[2009/07/28 20:37:00 | 00,001,144 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\pcouffin.inf
[2009/06/06 15:00:58 | 00,000,004 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\576CB6
[2009/06/06 15:00:57 | 00,870,128 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\mcs.rma
[2009/05/28 19:59:01 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/03/16 16:49:08 | 00,000,532 | ---- | C] () -- C:\ProgramData\lxdr.log
[2009/03/15 12:29:53 | 00,000,691 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\GetValue.vbs
[2009/03/15 12:29:53 | 00,000,035 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\SetValue.bat
[2009/03/12 22:00:31 | 00,000,187 | ---- | C] () -- C:\ProgramData\lxdrDiagnostics.log
[2009/03/12 20:09:49 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdrvs.dll
[2009/03/12 20:06:38 | 00,081,920 | ---- | C] () -- C:\Windows\System32\lxdrcaps.dll
[2009/03/12 20:06:38 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdrcnv4.dll
[2009/03/12 20:06:37 | 01,036,288 | ---- | C] () -- C:\Windows\System32\lxdrdrs.dll
[2009/03/12 20:03:48 | 00,000,044 | ---- | C] () -- C:\Windows\System32\lxdrrwrd.ini
[2009/03/12 20:01:01 | 00,389,120 | ---- | C] () -- C:\Windows\System32\LXDRinst.dll
[2009/03/12 19:58:11 | 00,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt
[2009/03/10 18:54:58 | 00,008,619 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/02/14 22:59:27 | 00,000,177 | ---- | C] () -- C:\Users\MICHELLE\AppData\Local\LaunchHomeCenter.log
[2009/02/14 21:20:12 | 00,442,870 | ---- | C] () -- C:\Users\MICHELLE\AppData\Local\installer.log
[2008/10/09 19:41:04 | 00,000,124 | ---- | C] () -- C:\Users\MICHELLE\AppData\Roaming\Au_.txt
[2008/03/22 22:58:27 | 00,000,008 | ---- | C] () -- C:\ProgramData\DragToDiscUserNameE.txt
[2008/02/09 15:39:05 | 00,000,069 | ---- | C] () -- C:\Windows\SONIC.INI
[2007/11/14 20:24:14 | 00,003,584 | ---- | C] () -- C:\Windows\System32\wceprv.dll
[2007/09/03 14:41:23 | 00,000,008 | RHS- | C] () -- C:\Windows\System32\DB460FB393.sys
[2007/09/03 14:41:22 | 00,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/09/03 14:38:55 | 01,300,048 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2007/06/17 20:39:11 | 00,000,073 | ---- | C] () -- C:\Windows\FaceFun.INI
[2007/05/13 18:58:44 | 00,098,304 | ---- | C] () -- C:\Windows\System32\resourceGeneric.dll
[2007/04/06 16:59:49 | 00,008,268 | ---- | C] () -- C:\Users\MICHELLE\AppData\Local\d3d9caps.dat
[2007/04/05 18:11:39 | 00,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[2007/04/05 18:11:34 | 00,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2007/04/05 17:51:52 | 00,000,464 | ---- | C] () -- C:\Windows\SIERRA.INI
[2007/03/25 12:01:20 | 00,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2007/03/24 06:31:05 | 00,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2007/03/20 17:54:38 | 00,072,192 | ---- | C] () -- C:\Users\MICHELLE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/16 02:39:57 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/03/16 02:39:38 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/03/16 02:39:28 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/15 19:07:17 | 00,000,444 | ---- | C] () -- C:\Windows\wininit.ini
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1997/11/17 16:13:16 | 00,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2007/08/03 23:40:28 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\aignes
[2009/05/30 21:26:14 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\CallingID
[2007/10/15 16:30:26 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\CNN
[2008/12/19 23:01:54 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/10/09 20:25:49 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Comcast
[2009/12/22 21:42:29 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\ComcastToolbar
[2008/11/15 22:10:18 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\CVS
[2009/12/03 21:41:25 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Datel
[2009/06/19 04:29:35 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\GARMIN
[2009/09/19 18:53:23 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\GetRightToGo
[2007/12/22 17:53:59 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Image Zone Express
[2009/09/20 13:17:42 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\KeePass
[2009/03/23 18:26:19 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Lexmark Productivity Studio
[2008/10/26 04:53:34 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Morpheus Software
[2009/06/18 20:14:55 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Panasonic
[2007/04/08 15:39:38 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Sammsoft
[2008/10/09 19:41:04 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Simple Star
[2009/03/18 21:47:40 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Temp
[2009/03/15 13:01:09 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Thinstall
[2009/07/29 22:35:23 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Vso
[2008/04/10 19:20:49 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\W Photo Studio Viewer
[2009/07/17 18:28:44 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\WebGuide
[2009/07/28 19:07:19 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\WinFF
[2008/02/15 05:18:25 | 00,000,000 | ---D | M] -- C:\Users\MICHELLE\AppData\Roaming\Yapta
[2009/12/27 23:34:00 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/12/15 01:00:02 | 00,000,346 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2009/12/01 01:00:29 | 00,000,338 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2009/12/28 19:11:02 | 00,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/28 20:45:08 | 00,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{43A518E6-C34F-4385-927F-75DDE5105BDE}.job
[2009/12/28 20:46:00 | 00,000,390 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4EF27C85-EE55-495F-80F8-3060E4B8A57A}.job
[2009/12/28 20:45:00 | 00,000,390 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5F21486F-FCF4-4E72-B917-B2262D5A96A6}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/03/16 02:38:48 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\ERDNT\cache\AGP440.sys
[2007/03/16 02:38:48 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007/03/16 02:38:48 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007/03/16 02:38:48 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/03/16 02:38:48 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/03/16 02:39:24 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/03/16 02:39:24 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/03/16 02:39:24 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/02/15 05:26:39 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/15 05:26:39 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/15 05:26:37 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 04:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\ERDNT\cache\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\ERDNT\cache\scecli.dll
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/04/11 01:28:17 | 00,800,768 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\advapi32.dll
[2009/04/11 01:28:18 | 01,209,856 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\comsvcs.dll
[2009/04/11 01:28:18 | 00,168,448 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dnsapi.dll
[2009/04/11 01:28:19 | 00,297,472 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\gdi32.dll
[2009/04/11 01:28:20 | 00,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll
[2009/04/11 01:28:20 | 00,891,392 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll
[2009/06/15 09:52:42 | 00,023,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\lpk.dll
[2009/04/11 01:28:20 | 00,807,424 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\msctf.dll
[2009/04/11 01:28:22 | 00,679,936 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\msvcrt.dll
[2008/01/19 02:35:57 | 00,008,192 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\nsi.dll
[2009/04/11 01:27:49 | 01,202,168 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ntdll.dll
[2009/04/11 01:28:23 | 01,316,864 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ole32.dll
[2009/04/23 07:15:07 | 00,784,896 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rpcrt4.dll
[2009/04/11 01:27:47 | 00,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009/06/15 09:53:43 | 00,072,704 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\secur32.dll
[2009/04/11 01:28:24 | 11,584,000 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\shell32.dll
[2009/04/11 01:28:24 | 00,353,280 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\shlwapi.dll
[2009/04/11 01:28:23 | 00,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
[2009/04/11 01:28:25 | 00,627,712 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\user32.dll
[2009/04/11 01:28:25 | 00,108,544 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\userenv.dll
[2009/04/11 01:28:25 | 00,502,272 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\usp10.dll
[2008/01/19 02:37:09 | 00,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Users\MICHELLE\Documents\TuneClone:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\MICHELLE\Documents\My Snapfire Shows:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\MICHELLE\Documents\Downloaded Program Updates:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\MICHELLE\Documents\Billy_Joel-8-We_Didn't_Start_The_Fire.wma:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\MICHELLE\Desktop\TRAVEL:Roxio EMC Stream
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B174FAE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:70B3C619
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >