Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Yahoo Re-direct / Scan keeps finding Troj/JSRedirect-O


  • Please log in to reply

#46
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,

I am not getting re-directed right now ; but it keeps coming and going.

Please let me know if it starts to re-direct you.

it freezes up quite a bit

Does it give any errors now? Or just locks up?

there are TONS of things running ( alot of which I do not recognize ) could that be an issue ?

I am not sure, I would have to know what things are running.


Have you been able to run a disk defragmenter yet?
  • 0

Advertisements


#47
ascollick

ascollick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi Jimmy,

It does not give any errors it just locks up.

It will not let me defragment ; that error message still pops up and says chkdsc/f scheduled ; and it wont let me proceed with the analyze

Is there any way I can show you the processes that are running ?

THANKS !

Hey Jimmy :) I am adding this on Tuesday ;

I am certain something is infected in my C drive which is where I publish my website from thru Frontpage

3 Customers emailed me telling me that their computers blocked my site ! Yikes ! Can you help me figure this out somehow ? How my site got infected ? When I go to the site it is sooo slow and my anti-virus blocks every page ?

I publish all my edits from my C drive ; and I am obviously not going to get any sales when the customers are told my site containts spyware ..

Thanks so much for help..my site is http://www.beanababy.com

Edited by ascollick, 19 May 2009 - 07:36 PM.

  • 0

#48
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,
I am sorry for the delay in my reply's.

Lets take another look at your computer. Please delete OTListIt2 and download and run another scan doing this.



  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Standard Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Processes, Services, Drivers and Standard Registry check All
  • And uncheck Use Company WhiteList
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Edited by Jimmy2012, 19 May 2009 - 11:02 PM.

  • 0

#49
ascollick

ascollick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hey Jimmy,

No problem I appreciate your help ; It did not create an extras.txt ?

OTlistIt.txt
OTListIt logfile created on: 5/20/2009 7:25:47 AM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Amber Scollick\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 234.20 Mb Available Physical Memory | 45.92% Memory free
1.97 Gb Paging File | 0.28 Gb Available in Paging File | 14.04% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.90 Gb Total Space | 46.03 Gb Free Space | 64.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DBCKJ981
Current User Name: Amber Scollick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: Off

========== Processes (All) ==========

PRC - [2008/04/13 19:12:36 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe
PRC - [2008/04/13 19:12:15 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 19:12:39 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009/02/06 06:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009/04/14 09:08:41 | 01,181,040 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2004/01/13 18:00:02 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2008/04/13 19:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004/01/13 17:55:51 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2005/11/28 12:11:36 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/04/24 16:53:22 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/08/19 11:13:54 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2004/09/15 12:27:54 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2009/04/02 14:29:58 | 04,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\SearchIndexer.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
PRC - [2004/10/14 19:42:54 | 01,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2003/09/03 20:12:44 | 00,221,184 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
PRC - [2005/02/23 16:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2004/09/14 08:50:48 | 00,131,072 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
PRC - [2004/09/14 08:50:48 | 00,053,248 | ---- | M] (Musicmatch Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
PRC - [2005/08/25 01:17:00 | 00,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe
PRC - [2004/12/06 01:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/01/27 01:02:00 | 00,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2003/08/20 14:57:00 | 00,221,184 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2003/08/20 16:15:48 | 00,483,328 | R--- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/07/11 14:51:16 | 00,057,344 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ybrwicon.exe
PRC - [2003/09/03 14:16:56 | 00,217,088 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ycommon.exe
PRC - [2004/01/16 05:04:08 | 00,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
PRC - [2004/01/16 05:27:30 | 00,094,208 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
PRC - [2005/09/20 09:32:24 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2005/09/20 09:36:20 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/10/07 10:23:46 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2007/08/24 07:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008/09/18 20:11:19 | 01,529,856 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2009/04/24 16:53:26 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/04/13 19:12:16 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2007/03/15 10:09:36 | 00,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/09/19 04:33:46 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2005/01/24 18:52:36 | 00,118,784 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2007/12/07 20:44:36 | 00,101,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/04/17 20:45:54 | 00,368,640 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2005/03/21 17:30:34 | 08,384,512 | ---- | M] () -- C:\Program Files\Nikon\PictureProject In Touch\PictureProjectInTouch.exe
PRC - [2006/05/16 22:15:10 | 00,071,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2003/04/30 11:26:22 | 00,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbmjswx.exe
PRC - [2008/02/29 10:14:32 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/05/26 22:18:18 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\SearchProtocolHost.exe
PRC - [2009/05/20 07:20:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amber Scollick\Desktop\OTListIt2.exe
PRC - [2008/05/26 22:17:56 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\SearchFilterHost.exe

========== Win32 Services (All) ==========

SRV - [2008/04/13 19:11:49 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter [Disabled | Stopped])
SRV - [2008/04/13 19:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe -- (ALG [On_Demand | Running])
SRV - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt [On_Demand | Stopped])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 19:11:50 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\audiosrv.dll -- (AudioSrv [Auto | Running])
SRV - [2008/04/13 19:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll -- (BITS [Auto | Running])
SRV - [2005/11/28 12:11:36 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/04/13 19:11:50 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browser.dll -- (Browser [Auto | Stopped])
SRV - [2008/04/13 19:12:14 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand | Stopped])
SRV - [2008/04/13 19:12:14 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv [Disabled | Stopped])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/04/13 19:12:17 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (COMSysApp [On_Demand | Stopped])
SRV - [2008/04/13 19:11:51 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc [Auto | Running])
SRV - [2009/02/09 07:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch [Auto | Running])
SRV - [2008/04/13 19:11:51 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp [Auto | Running])
SRV - [2008/04/13 19:12:17 | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin [On_Demand | Stopped])
SRV - [2008/04/13 19:11:52 | 00,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmserver.dll -- (dmserver [On_Demand | Stopped])
SRV - [2008/04/13 19:11:52 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache [Auto | Running])
SRV - [2008/04/13 19:11:52 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll -- (Dot3svc [On_Demand | Stopped])
SRV - [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService [On_Demand | Stopped])
SRV - [2008/04/13 19:11:52 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost [On_Demand | Stopped])
SRV - [2008/04/13 19:11:53 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ersvc.dll -- (ERSvc [Auto | Running])
SRV - [2009/02/06 06:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (Eventlog [Auto | Running])
SRV - [2008/07/07 15:26:58 | 00,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll -- (EventSystem [On_Demand | Running])
SRV - [2008/04/13 19:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (FastUserSwitchingCompatibility [On_Demand | Running])
SRV - [2008/04/13 19:12:21 | 00,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fxssvc.exe -- (Fax [Auto | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe -- (HidServ [Disabled | Stopped])
SRV - [2008/04/13 19:11:56 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll -- (hkmsvc [On_Demand | Stopped])
SRV - [2008/04/13 19:12:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll -- (HTTPFilter [On_Demand | Stopped])
SRV - [2008/04/13 19:12:22 | 00,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand | Stopped])
SRV - [2009/04/24 16:53:22 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/04/13 19:12:07 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srvsvc.dll -- (lanmanserver [Auto | Running])
SRV - [2008/04/13 19:12:09 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll -- (lanmanworkstation [Auto | Running])
SRV - [2004/01/13 18:00:02 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2008/04/13 19:11:56 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lmhsvc.dll -- (LmHosts [Auto | Running])
SRV - [2008/08/19 11:13:54 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
SRV - [2008/04/13 19:11:59 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msgsvc.dll -- (Messenger [Disabled | Stopped])
SRV - [2007/08/24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008/04/13 19:12:25 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc [On_Demand | Stopped])
SRV - [2008/04/13 19:12:27 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC [On_Demand | Stopped])
SRV - [2008/04/13 19:12:28 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe -- (MSIServer [On_Demand | Stopped])
SRV - [2008/04/13 19:12:03 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll -- (napagent [On_Demand | Stopped])
SRV - [2008/04/13 19:12:29 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDE [Disabled | Stopped])
SRV - [2008/04/13 19:12:29 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm [Disabled | Stopped])
SRV - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (Netlogon [On_Demand | Stopped])
SRV - [2008/04/13 19:12:01 | 00,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netman.dll -- (Netman [On_Demand | Running])
SRV - [2003/12/17 13:59:48 | 00,143,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc [On_Demand | Stopped])
SRV - [2008/06/20 12:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswsock.dll -- (Nla [On_Demand | Running])
SRV - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp [On_Demand | Stopped])
SRV - [2008/04/13 19:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc [On_Demand | Stopped])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/02/06 06:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (PlugPlay [Auto | Running])
SRV - [2003/05/14 07:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent [Auto | Running])
SRV - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage [Auto | Running])
SRV - [2008/04/13 19:12:03 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto [On_Demand | Stopped])
SRV - [2008/04/13 19:12:03 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmans.dll -- (RasMan [On_Demand | Running])
SRV - [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr [On_Demand | Stopped])
SRV - [2008/04/13 19:11:57 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess [Disabled | Stopped])
SRV - [2008/04/13 19:12:24 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\locator.exe -- (RpcLocator [On_Demand | Stopped])
SRV - [2009/02/09 07:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcss.dll -- (RpcSs [Auto | Running])
SRV - [2004/08/04 05:00:00 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvp.exe -- (RSVP [On_Demand | Stopped])
SRV - [2008/04/13 19:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (SamSs [Auto | Running])
SRV - [2008/04/13 19:12:33 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SCardSvr.exe -- (SCardSvr [On_Demand | Stopped])
SRV - [2008/04/13 19:12:05 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule [Auto | Running])
SRV - [2008/04/13 19:12:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\seclogon.dll -- (seclogon [Auto | Running])
SRV - [2008/04/13 19:12:05 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll -- (SENS [Auto | Running])
SRV - [2008/04/13 19:11:55 | 00,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess [Auto | Running])
SRV - [2008/04/13 19:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection [Auto | Running])
SRV - [2008/04/13 19:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler [Auto | Running])
SRV - [2008/04/13 19:12:07 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll -- (srservice [Auto | Running])
SRV - [2008/04/13 19:12:07 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV [On_Demand | Running])
SRV - [2008/04/13 19:12:08 | 00,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc [Auto | Running])
SRV - [2008/04/13 19:12:17 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (SwPrv [On_Demand | Stopped])
SRV - [2008/04/13 19:12:35 | 00,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog [On_Demand | Stopped])
SRV - [2008/04/13 19:12:07 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv [On_Demand | Running])
SRV - [2008/04/13 19:12:07 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll -- (TermService [On_Demand | Running])
SRV - [2008/04/13 19:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (Themes [Auto | Running])
SRV - [2008/04/13 19:12:07 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks [Auto | Running])
SRV - [2004/09/15 12:27:54 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2008/04/13 19:12:08 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnphost.dll -- (upnphost [On_Demand | Stopped])
SRV - [2008/04/13 19:12:38 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe -- (UPS [On_Demand | Stopped])
SRV - [2008/04/13 19:12:38 | 00,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe -- (VSS [On_Demand | Stopped])
SRV - [2008/04/13 19:12:08 | 00,175,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll -- (w32time [Auto | Running])
SRV - [2008/04/13 19:12:08 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webclnt.dll -- (WebClient [Auto | Running])
SRV - [2009/04/02 14:29:58 | 04,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])
SRV - [2008/04/13 19:12:09 | 00,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\WMIsvc.dll -- (winmgmt [Auto | Running])
SRV - [2004/09/15 12:27:52 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN [On_Demand | Stopped])
SRV - [2008/04/13 19:12:40 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv [On_Demand | Stopped])
SRV - [2009/04/14 09:08:41 | 01,181,040 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService [Auto | Running])
SRV - [2008/04/13 19:12:10 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc [Auto | Running])
SRV - [2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\SearchIndexer.exe -- (WSearch [Auto | Running])
SRV - [2008/04/13 19:12:11 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv [Auto | Running])
SRV - [2008/04/13 19:12:11 | 00,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsvc.dll -- (WZCSVC [Auto | Running])
SRV - [2008/04/13 19:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll -- (xmlprov [On_Demand | Stopped])
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Driver Services (All) ==========

DRV - File not found -- -- (Abiosdsk [Disabled | Stopped])
DRV - [2001/08/17 13:52:00 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS -- (abp480n5 [Disabled | Stopped])
DRV - [2008/04/13 13:36:35 | 00,187,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI [Boot | Running])
DRV - [2004/08/04 05:00:00 | 00,011,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC [Disabled | Stopped])
DRV - [2001/08/17 14:07:32 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/04/13 11:39:23 | 00,142,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys -- (aec [On_Demand | Stopped])
DRV - [2008/08/14 05:04:36 | 00,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD [System | Running])
DRV - [2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440 [Disabled | Stopped])
DRV - [2008/04/13 13:36:39 | 00,044,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\agpCPQ.sys -- (agpCPQ [Disabled | Stopped])
DRV - [2001/08/17 13:52:02 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\aha154x.sys -- (Aha154x [Disabled | Stopped])
DRV - [2001/08/17 14:07:36 | 00,055,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\aic78u2.sys -- (aic78u2 [Disabled | Stopped])
DRV - [2001/08/17 14:07:38 | 00,056,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\aic78xx.sys -- (aic78xx [Disabled | Stopped])
DRV - [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])
DRV - [2008/04/13 13:36:38 | 00,042,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\alim1541.sys -- (alim1541 [Disabled | Stopped])
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2001/08/17 13:52:04 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\amsint.sys -- (amsint [Disabled | Stopped])
DRV - [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/17 13:52:04 | 00,022,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\asc3350p.sys -- (asc3350p [Disabled | Stopped])
DRV - [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2005/08/25 01:17:03 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2008/04/13 13:57:27 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\asyncmac.sys -- (AsyncMac [On_Demand | Running])
DRV - [2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi [Boot | Running])
DRV - File not found -- -- (Atdisk [Disabled | Stopped])
DRV - [2008/04/13 13:51:25 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\atmarpc.sys -- (Atmarpc [On_Demand | Stopped])
DRV - [2001/08/17 13:59:44 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\audstub.sys -- (audstub [On_Demand | Running])
DRV - [2004/08/04 05:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep [System | Running])
DRV - File not found -- -- (bvrp_pci [On_Demand | Stopped])
DRV - [2001/08/17 13:52:08 | 00,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\cbidf2k.sys -- (cbidf [Disabled | Stopped])
DRV - [2001/08/17 13:52:08 | 00,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k [Disabled | Stopped])
DRV - [2001/08/17 13:52:06 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys -- (cd20xrnt [Disabled | Stopped])
DRV - [2004/08/04 05:00:00 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio [System | Stopped])
DRV - [2008/04/13 14:14:21 | 00,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs [Disabled | Running])
DRV - [2008/04/13 13:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\cdrom.sys -- (Cdrom [System | Running])
DRV - File not found -- -- (Changer [System | Stopped])
DRV - [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/17 13:52:06 | 00,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\cpqarray.sys -- (Cpqarray [Disabled | Stopped])
DRV - [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2001/08/17 13:52:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\dac960nt.sys -- (dac960nt [Disabled | Stopped])
DRV - [2008/04/13 13:40:47 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk [Boot | Running])
DRV - [2008/04/13 13:44:48 | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmboot.sys -- (dmboot [Disabled | Stopped])
DRV - [2008/04/13 13:44:46 | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio [Disabled | Stopped])
DRV - [2004/08/04 05:00:00 | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload [Disabled | Stopped])
DRV - [2008/04/13 13:45:01 | 00,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic [On_Demand | Stopped])
DRV - [2001/08/17 14:07:44 | 00,020,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\dpti2o.sys -- (dpti2o [Disabled | Stopped])
DRV - [2008/04/13 13:45:13 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud [On_Demand | Stopped])
DRV - [2004/12/01 03:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2004/11/23 02:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct [On_Demand | Running])
DRV - [2007/02/25 11:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys -- (dsunidrv [Auto | Running])
DRV - [2004/02/10 21:49:14 | 00,154,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2008/04/13 14:14:29 | 00,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat [Disabled | Stopped])
DRV - [2008/04/13 13:40:25 | 00,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fdc.sys -- (Fdc [On_Demand | Running])
DRV - [2008/04/13 13:33:28 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips [System | Running])
DRV - [2008/04/13 13:40:25 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\flpydisk.sys -- (Flpydisk [On_Demand | Stopped])
DRV - [2008/04/13 13:32:59 | 00,129,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr [Boot | Running])
DRV - [2001/08/17 13:52:50 | 00,125,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk [Boot | Running])
DRV - [2008/04/13 13:56:32 | 00,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msgpc.sys -- (Gpc [On_Demand | Running])
DRV - [2008/04/13 13:45:27 | 00,010,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\hidusb.sys -- (HidUsb [On_Demand | Running])
DRV - [2001/08/17 14:07:44 | 00,025,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\hpn.sys -- (hpn [Disabled | Stopped])
DRV - [2003/05/14 07:19:52 | 00,051,056 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2003/05/14 07:19:54 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2003/05/14 07:17:54 | 00,021,488 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2008/04/13 13:53:53 | 00,264,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\HTTP.sys -- (HTTP [On_Demand | Running])
DRV - [2008/04/13 13:41:22 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt [System | Running])
DRV - [2008/04/13 13:41:22 | 00,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\i2omp.sys -- (i2omp [Disabled | Stopped])
DRV - [2008/04/13 14:18:00 | 00,052,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\i8042prt.sys -- (i8042prt [System | Running])
DRV - [2005/09/20 10:00:54 | 01,302,332 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2008/04/13 13:40:58 | 00,042,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\imapi.sys -- (Imapi [System | Running])
DRV - [2001/08/17 13:52:08 | 00,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ini910u.sys -- (ini910u [Disabled | Stopped])
DRV - [2004/03/06 04:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys -- (IntelC51 [On_Demand | Running])
DRV - [2004/03/06 04:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys -- (IntelC52 [On_Demand | Running])
DRV - [2004/06/16 03:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys -- (IntelC53 [On_Demand | Running])
DRV - [2008/04/13 13:40:29 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\intelide.sys -- (IntelIde [Boot | Running])
DRV - [2008/04/13 13:31:32 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\intelppm.sys -- (intelppm [System | Running])
DRV - [2008/04/13 13:53:34 | 00,036,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver [On_Demand | Stopped])
DRV - [2008/04/13 13:57:07 | 00,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
DRV - [2008/04/13 13:57:15 | 00,152,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipnat.sys -- (IpNat [On_Demand | Running])
DRV - [2008/04/13 14:19:42 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipsec.sys -- (IPSec [System | Running])
DRV - [2008/04/13 13:54:28 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\irenum.sys -- (IRENUM [On_Demand | Stopped])
DRV - [2008/04/13 13:36:41 | 00,037,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp [Boot | Running])
DRV - [2008/04/13 13:39:47 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\kbdclass.sys -- (Kbdclass [System | Running])
DRV - [2008/04/13 13:45:09 | 00,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer [On_Demand | Running])
DRV - [2008/04/13 13:31:43 | 00,092,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD [Boot | Running])
DRV - File not found -- -- (lbrtfdc [System | Stopped])
DRV - [2004/08/04 05:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd [System | Running])
DRV - [2008/04/13 14:00:19 | 00,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem [On_Demand | Running])
DRV - [2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2004/03/06 04:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys -- (mohfilt [On_Demand | Running])
DRV - [2008/04/13 13:39:47 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mouclass.sys -- (Mouclass [System | Running])
DRV - [2001/08/17 13:48:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mouhid.sys -- (mouhid [On_Demand | Running])
DRV - [2008/04/13 13:39:46 | 00,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr [Boot | Running])
DRV - [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2008/07/28 17:26:30 | 00,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50 [On_Demand | Stopped])
DRV - File not found -- -- (MREMP50a64 [On_Demand | Stopped])
DRV - File not found -- -- (MREMPR5 [On_Demand | Stopped])
DRV - File not found -- -- (MRENDIS5 [On_Demand | Stopped])
DRV - [2008/07/28 17:26:30 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50 [On_Demand | Stopped])
DRV - File not found -- -- (MRESP50a64 [On_Demand | Stopped])
DRV - [2008/04/13 13:32:44 | 00,180,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mrxdav.sys -- (MRxDAV [On_Demand | Running])
DRV - [2008/10/24 06:21:09 | 00,455,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mrxsmb.sys -- (MRxSmb [System | Running])
DRV - [2008/04/13 13:32:39 | 00,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs [System | Running])
DRV - [2008/04/13 13:39:52 | 00,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV [On_Demand | Stopped])
DRV - [2008/04/13 13:39:50 | 00,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK [On_Demand | Stopped])
DRV - [2008/04/13 13:39:51 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM [On_Demand | Stopped])
DRV - [2008/04/13 13:36:46 | 00,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mssmbios.sys -- (mssmbios [On_Demand | Running])
DRV - [2008/04/13 14:17:05 | 00,105,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup [Boot | Running])
DRV - [2008/04/13 14:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS [Boot | Running])
DRV - [2008/04/13 13:57:27 | 00,010,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndistapi.sys -- (NdisTapi [On_Demand | Running])
DRV - [2008/04/13 13:55:58 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndisuio.sys -- (Ndisuio [On_Demand | Running])
DRV - [2008/04/13 14:20:42 | 00,091,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndiswan.sys -- (NdisWan [On_Demand | Running])
DRV - [2008/04/13 13:57:29 | 00,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy [On_Demand | Running])
DRV - [2008/04/13 13:56:02 | 00,034,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\netbios.sys -- (NetBIOS [System | Running])
DRV - [2008/04/13 14:21:00 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\netbt.sys -- (NetBT [System | Running])
DRV - [2008/04/13 13:32:39 | 00,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs [System | Running])
DRV - [2008/04/13 14:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs [Disabled | Running])
DRV - [2004/08/04 05:00:00 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\null.sys -- (Null [System | Running])
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
DRV - [2008/04/13 13:40:10 | 00,080,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\parport.sys -- (Parport [On_Demand | Running])
DRV - [2008/04/13 13:40:49 | 00,019,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr [Boot | Running])
DRV - [2004/08/04 05:00:00 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm [Disabled | Stopped])
DRV - [2008/04/13 13:36:44 | 00,068,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI [Boot | Running])
DRV - File not found -- -- (PCIDump [System | Stopped])
DRV - [2001/08/17 13:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde [Boot | Running])
DRV - [2008/04/13 13:36:43 | 00,120,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia [Disabled | Stopped])
DRV - File not found -- -- (PDCOMP [On_Demand | Stopped])
DRV - File not found -- -- (PDFRAME [On_Demand | Stopped])
DRV - File not found -- -- (PDRELI [On_Demand | Stopped])
DRV - File not found -- -- (PDRFRAME [On_Demand | Stopped])
DRV - [2001/08/17 14:07:40 | 00,027,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\perc2.sys -- (perc2 [Disabled | Stopped])
DRV - [2001/08/17 14:07:42 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\perc2hib.sys -- (perc2hib [Disabled | Stopped])
DRV - [2008/04/13 14:19:48 | 00,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspptp.sys -- (PptpMiniport [On_Demand | Running])
DRV - [2008/04/13 13:56:38 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\psched.sys -- (PSched [On_Demand | Running])
DRV - [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/03/29 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/17 13:52:16 | 00,033,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sys -- (Ql10wnt [Disabled | Stopped])
DRV - [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/17 13:52:16 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1240.sys -- (ql1240 [Disabled | Stopped])
DRV - [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2004/08/04 05:00:00 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rasacd.sys -- (RasAcd [System | Running])
DRV - [2008/04/13 14:19:43 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rasl2tp.sys -- (Rasl2tp [On_Demand | Running])
DRV - [2008/04/13 13:57:32 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspppoe.sys -- (RasPppoe [On_Demand | Running])
DRV - [2004/08/04 05:00:00 | 00,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspti.sys -- (Raspti [On_Demand | Running])
DRV - [2008/04/13 14:28:39 | 00,175,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rdbss.sys -- (Rdbss [System | Running])
DRV - [2004/08/04 05:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\RDPCDD.sys -- (RDPCDD [System | Running])
DRV - [2008/04/13 13:32:51 | 00,196,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rdpdr.sys -- (rdpdr [On_Demand | Stopped])
DRV - [2008/04/13 19:13:22 | 00,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD [On_Demand | Stopped])
DRV - [2008/04/13 13:40:27 | 00,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\redbook.sys -- (redbook [System | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/09/17 14:02:54 | 00,732,928 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt [On_Demand | Running])
DRV - [2008/04/13 13:40:12 | 00,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serenum.sys -- (serenum [On_Demand | Running])
DRV - [2008/04/13 14:15:45 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serial.sys -- (Serial [System | Running])
DRV - [2008/04/13 13:40:48 | 00,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy [System | Stopped])
DRV - File not found -- -- (Simbad [Disabled | Stopped])
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2005/01/27 21:31:06 | 00,260,352 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2008/04/13 13:45:07 | 00,006,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter [On_Demand | Stopped])
DRV - [2008/04/13 13:36:52 | 00,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr [Boot | Running])
DRV - [2008/12/11 05:57:09 | 00,333,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\srv.sys -- (Srv [On_Demand | Running])
DRV - [2004/07/14 11:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2009/04/02 14:30:08 | 00,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc [Boot | Running])
DRV - [2009/04/02 14:30:10 | 00,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd [Boot | Running])
DRV - [2009/04/02 14:30:12 | 00,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv [Boot | Running])
DRV - [2004/07/14 11:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2008/04/13 13:39:53 | 00,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\swenum.sys -- (swenum [On_Demand | Running])
DRV - [2008/04/13 13:45:09 | 00,056,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi [On_Demand | Stopped])
DRV - [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2008/04/13 14:15:55 | 00,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio [On_Demand | Running])
DRV - [2008/06/20 06:51:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\tcpip.sys -- (Tcpip [System | Running])
DRV - [2008/04/13 19:13:20 | 00,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE [On_Demand | Stopped])
DRV - [2008/04/13 19:13:21 | 00,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP [On_Demand | Stopped])
DRV - [2008/04/13 19:13:20 | 00,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\termdd.sys -- (TermDD [System | Running])
DRV - [2004/12/06 01:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2004/12/06 01:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2001/08/17 13:51:56 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\toside.sys -- (TosIde [Disabled | Stopped])
DRV - [2008/04/13 13:32:36 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs [Disabled | Stopped])
DRV - [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2008/04/13 13:39:46 | 00,384,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\update.sys -- (Update [On_Demand | Running])
DRV - [2008/04/13 13:45:39 | 00,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbccgp.sys -- (usbccgp [On_Demand | Running])
DRV - [2008/04/13 13:45:35 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbehci.sys -- (usbehci [On_Demand | Running])
DRV - [2008/04/13 13:45:37 | 00,059,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbhub.sys -- (usbhub [On_Demand | Running])
DRV - [2008/04/13 13:47:37 | 00,025,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbprint.sys -- (usbprint [On_Demand | Running])
DRV - [2008/04/13 13:45:34 | 00,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbscan.sys -- (usbscan [On_Demand | Running])
DRV - [2008/04/13 13:45:38 | 00,026,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS -- (USBSTOR [On_Demand | Stopped])
DRV - [2008/04/13 13:45:35 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbuhci.sys -- (usbuhci [On_Demand | Running])
DRV - [2008/04/13 13:44:40 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave [System | Running])
DRV - [2008/04/13 13:36:40 | 00,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\viaagp.sys -- (viaagp [Disabled | Stopped])
DRV - [2008/04/13 13:40:31 | 00,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\viaide.sys -- (ViaIde [Disabled | Stopped])
DRV - [2008/04/13 13:41:01 | 00,052,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap [Boot | Running])
DRV - [2008/04/13 13:57:21 | 00,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\wanarp.sys -- (Wanarp [On_Demand | Running])
DRV - File not found -- -- (wanatw [On_Demand | Stopped])
DRV - File not found -- -- (WDICA [On_Demand | Stopped])
DRV - [2008/04/13 14:17:18 | 00,083,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud [On_Demand | Running])
DRV - [2004/08/04 05:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/24 16:53:37 | 00,000,000 | ---D | M]

[2008/12/17 09:31:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\mozilla\Extensions
[2008/12/17 09:31:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/12/17 09:31:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\mozilla\Firefox\Profiles\lyeeb6ep.default\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe" (Motive Communications, Inc.)
O4 - HKLM..\Run: [dla] "C:\WINDOWS\system32\dla\tfswctrl.exe" (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" ()
O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [FaxCenterServer4_in_1] "C:\Program Files\Lexmark 4200 Series\Fax\fm3032.exe" /s ()
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" (HP)
O4 - HKLM..\Run: [HPHmon05] "C:\WINDOWS\system32\hphmon05.exe" (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] "C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" (Hewlett-Packard)
O4 - HKLM..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe" (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe" (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe" (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe" (Lexmark International, Inc.)
O4 - HKLM..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" (Musicmatch Inc.)
O4 - HKLM..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" (Musicmatch, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [RealTray] "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER (RealNetworks, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe" (Analog Devices, Inc.)
O4 - HKLM..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [YBrowser] "C:\Program Files\Yahoo!\browser\ybrwicon.exe" (Yahoo!, Inc.)
O4 - HKLM..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" (Yahoo! Inc)
O4 - HKCU..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (Gteko Ltd.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" (Yahoo! Inc)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\_vti_cnf [2008/01/02 23:07:40 | 00,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Amber Scollick\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Amber Scollick\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Amber Scollick\Start Menu\Programs\Startup\PictureProject In Touch.lnk = C:\Program Files\Nikon\PictureProject In Touch\PictureProjectInTouch.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Computer, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: beanababy.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: steelers.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://pccheckup.del...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1199311843942 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yaho...mail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[2009/05/20 07:20:03 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Amber Scollick\Desktop\OTListIt2.exe
[2009/05/18 21:02:53 | 00,031,215 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\Your order is ready 1.jpg
[2009/05/15 21:32:19 | 02,635,824 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\DSCF2551.AVI
[2009/05/15 13:10:40 | 02,635,824 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\Greenskeeper.AVI
[2009/05/14 22:00:46 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\My Documents\Janine.doc
[2009/05/14 21:19:09 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/05/14 21:15:58 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW.0.tmp
[2009/05/14 20:57:43 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/14 20:55:39 | 02,988,491 | R--- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\ComboFix.exe
[2009/05/12 11:56:59 | 00,000,000 | ---D | C] -- C:\Combo-Fix
[2009/05/12 11:26:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Amber Scollick\Local Settings\temp
[2009/05/12 11:15:47 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/11 20:12:05 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/05/11 20:12:05 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/05/11 19:22:03 | 00,031,744 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\My Documents\Sheatina.doc
[2009/05/03 11:04:03 | 00,000,000 | ---D | C] -- C:\Program Files\PCCheckupOnline
[2009/05/02 23:13:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Amber Scollick\Desktop\avz4
[2009/05/02 23:12:35 | 04,626,422 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\avz4.zip
[2009/05/02 21:21:32 | 00,016,033 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\address2.png
[2009/05/02 21:00:14 | 00,017,534 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\address2.jpg
[2009/05/02 20:59:18 | 00,019,583 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\address1.jpg
[2009/05/02 10:36:19 | 00,163,387 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\sign2.jpg
[2009/05/02 10:33:06 | 00,208,106 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\sign.jpg
[2009/05/01 21:08:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/05/01 21:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2009/05/01 21:07:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/04/25 22:47:28 | 38,235,704 | ---- | C] ( ) -- C:\Documents and Settings\Amber Scollick\Desktop\setup_7.0.0.290_26.04.2009_04-48.exe
[2009/04/25 18:32:43 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\Desktop\settings.dat
[2009/04/25 11:02:21 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/04/25 11:02:17 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/04/25 11:02:16 | 00,000,000 | ---D | C] -- C:\cmdcons
[2009/04/25 10:55:52 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/04/25 10:55:52 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/04/25 10:55:52 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/04/25 10:55:52 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/04/25 10:55:52 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/04/25 10:55:52 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/04/25 10:55:52 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/04/25 10:55:52 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/24 16:56:02 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/04/24 16:56:01 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/04/24 16:56:01 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/04/24 16:56:00 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/04/24 16:56:00 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/04/23 22:44:06 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/04/22 23:24:03 | 00,009,989 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\My Documents\scan.docx
[2009/04/22 11:10:28 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\Amber Scollick\My Documents\Seller Inspection Response.doc
[2009/04/21 14:24:10 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/04/02 14:30:04 | 00,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/07/12 20:05:00 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/03/04 08:59:27 | 00,000,654 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2006/01/17 13:38:44 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/16 13:06:53 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMON.DLL
[2006/01/16 13:06:53 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXBRPMUI.DLL
[2006/01/16 13:04:38 | 00,001,013 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/01/10 15:31:35 | 00,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2006/01/10 15:31:29 | 00,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2006/01/07 20:57:11 | 00,000,061 | ---- | C] () -- C:\WINDOWS\PrintWorkShop2006.ini
[2005/12/18 21:38:21 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/11/03 13:27:19 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/09/02 09:34:20 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/09/02 09:34:20 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\A5B7C537E9.sys
[2005/08/25 01:30:55 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/25 01:20:02 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/25 00:50:56 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/08/25 00:50:40 | 00,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 08:08:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 00,000,884 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:51:28 | 00,000,552 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 12:51:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/01/13 18:06:46 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBMLCNP.DLL
[2003/06/13 06:53:38 | 00,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbmcoin.ini
[2002/11/13 10:40:22 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbmvs.dll
[1999/01/22 06:46:56 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/20 07:20:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amber Scollick\Desktop\OTListIt2.exe
[2009/05/20 02:55:24 | 00,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/05/20 01:00:10 | 00,001,650 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_LA52014E956244F98ACB8DEB6167137AF.job
[2009/05/18 21:02:57 | 00,031,215 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\Your order is ready 1.jpg
[2009/05/18 20:36:43 | 00,027,648 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\Applicants Names.doc
[2009/05/18 08:35:06 | 00,111,671 | ---- | M] () -- C:\logfile
[2009/05/18 08:31:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/18 08:31:07 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Amber Scollick\Local Settings\desktop.ini
[2009/05/18 08:31:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/15 21:31:29 | 02,635,824 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\DSCF2551.AVI
[2009/05/15 15:00:29 | 00,001,013 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/05/15 13:10:55 | 02,635,824 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\Greenskeeper.AVI
[2009/05/15 12:50:36 | 00,447,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/14 22:18:56 | 00,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/14 22:00:47 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\Janine.doc
[2009/05/14 21:23:30 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/14 21:03:24 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/14 20:55:39 | 02,988,491 | R--- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\ComboFix.exe
[2009/05/14 20:36:26 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\Coston.doc
[2009/05/14 19:10:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/05/11 20:12:05 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/11 20:12:05 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/05/11 19:22:06 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\Sheatina.doc
[2009/05/07 02:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/02 23:12:45 | 04,626,422 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\avz4.zip
[2009/05/02 22:37:25 | 00,001,930 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AT&T Self Support Tool.lnk
[2009/05/02 22:14:13 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/02 21:21:55 | 00,017,534 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\address2.jpg
[2009/05/02 21:21:32 | 00,016,033 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\address2.png
[2009/05/02 20:59:18 | 00,019,583 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\address1.jpg
[2009/05/02 20:51:56 | 00,163,387 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\sign2.jpg
[2009/05/02 10:33:08 | 00,208,106 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\sign.jpg
[2009/05/01 20:25:14 | 00,000,884 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2009/04/25 22:47:30 | 38,235,704 | ---- | M] ( ) -- C:\Documents and Settings\Amber Scollick\Desktop\setup_7.0.0.290_26.04.2009_04-48.exe
[2009/04/25 18:32:43 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\Desktop\settings.dat
[2009/04/25 11:02:21 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/04/24 16:53:16 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/04/24 16:53:16 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/04/24 16:53:15 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/04/24 16:53:14 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/04/24 16:53:07 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/04/22 23:24:05 | 00,009,989 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\scan.docx
[2009/04/22 11:10:49 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\Amber Scollick\My Documents\Seller Inspection Response.doc
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

========== LOP Check ==========

[2009/05/01 21:08:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/01/02 23:07:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\_vti_cnf
[2006/03/21 20:27:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4200Series
[2008/01/02 23:07:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4200Series(2)
[2007/01/29 09:35:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/01/21 09:27:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2006/09/15 14:58:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2008/01/24 19:22:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2005/09/25 20:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FaxCtr
[2008/11/18 21:57:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2005/08/25 01:26:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2005/08/25 01:14:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2008/02/18 20:26:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/11/29 22:11:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2009/04/19 20:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/02 22:50:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/01/18 12:46:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/05/14 22:33:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/04/12 21:41:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2007/01/19 17:01:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2008/01/02 23:07:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/08/10 13:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/03/17 17:20:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/02 03:25:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/05/02 09:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2006/04/16 02:07:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2007/04/05 21:36:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/14 09:18:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2006/12/16 10:19:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/19 22:59:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yahoo!
[2009/04/19 23:24:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/04/19 20:30:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Amber Scollick\Application Data
[2008/01/02 23:07:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\_vti_cnf
[2008/01/02 23:07:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\4200Series
[2006/07/12 20:08:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\acccore
[2008/09/02 17:10:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Adobe
[2008/11/19 19:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\AdobeUM
[2007/09/30 06:11:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Corel
[2008/01/02 23:07:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Digital Album Organizer
[2008/01/02 23:07:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\FaxCtr
[2008/06/01 21:46:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Google
[2007/04/23 17:52:34 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Gtek
[2009/05/03 10:37:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\gtk-2.0
[2005/11/14 12:38:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Help
[2005/09/07 13:52:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Hewlett-Packard
[2004/08/10 13:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Identities
[2008/11/27 22:08:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\InstallShield
[2008/02/25 11:01:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Intuit
[2008/01/04 15:10:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Jasc Software Inc
[2005/11/14 22:24:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Leadertech
[2005/08/30 15:45:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Macromedia
[2009/04/19 20:30:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Malwarebytes
[2009/03/22 22:51:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Microsoft
[2006/01/17 13:35:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Microsoft Web Folders
[2009/04/12 21:44:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Motive
[2008/12/17 09:31:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Mozilla
[2008/01/02 23:07:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\muvee Technologies
[2007/07/20 18:33:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Nikon
[2008/01/02 23:08:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Nvu
[2005/11/14 22:24:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Sonic
[2008/11/30 11:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Sony Corporation
[2005/08/25 01:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Sun
[2005/08/30 15:35:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Symantec
[2007/02/21 14:32:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Viewpoint
[2009/04/14 09:07:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Webroot
[2009/01/18 13:13:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Windows Desktop Search
[2009/01/18 14:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Windows Search
[2008/10/24 06:55:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Amber Scollick\Application Data\Yahoo!
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2007/11/29 22:00:56 | 00,000,468 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2007/11/29 22:00:31 | 00,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2009/04/13 20:29:06 | 00,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7600#MY39S331J7K3.job
[2009/05/18 08:31:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/20 02:55:24 | 00,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job
[2009/05/20 01:00:10 | 00,001,650 | ---- | M] () -- C:\WINDOWS\Tasks\wrSpySweeper_LA52014E956244F98ACB8DEB6167137AF.job

========== Purity Check ==========

< End of report >
  • 0

#50
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,

It did not create an extras.txt ?

That's no problem. :)


Have you tryed to run the chkdsk/f command and see if that help with the disk defragmenter? If you need any help doing this, please let me know.
  • 0

#51
ascollick

ascollick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi Jimmy :)

The chkdsc/f will not run and neither will defragment

So..I just found out yesterday by contacting my hosting company that someone had hacked my website ; so the virus / problems were re-loading every time I went to my site.

I have re-done the site and I think they are all clear.

Today ; just now I ran my Webroot Scan and it found 3 viruses ;
Troj/daonol-fam
TROJ/pdfex-bb
TROJ/pdfex-az

The internet is still soooooooooooo slow :)

Now that I wont be re-infecting where should we start ?? THANKS FOR ALL YOUR HELP !
  • 0

#52
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,

So..I just found out yesterday by contacting my hosting company that someone had hacked my website ; so the virus / problems were re-loading every time I went to my site.

Sorry to hear that, but glad you found the problem. :)

Today ; just now I ran my Webroot Scan and it found 3 viruses ;
Troj/daonol-fam
TROJ/pdfex-bb
TROJ/pdfex-az

Could you please tell me where it found these at?

Edited by Jimmy2012, 24 May 2009 - 12:32 AM.

  • 0

#53
ascollick

ascollick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi Jimmy,

They are all in my C drive for the most part ?

C:\windows|sijwop.knxxxxx ( tons of x's ) this comes up at least 20 times
C:\local settings\temp\acr9a77.tmp
C:\temporary internet files

Also..some of the really strange processes I was telling you all start running and make the computer soo hard to log onto. To get to my email ; it took 25 minutes tonight for the computer to load the main yahoo page ???

wuauclt.exe
ashwebsv.exe
wrconsumerservice.exe
isass.exe
jas.exe

Those are just a few but there are tons running. At least 50

Thanks ! Amber
  • 0

#54
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,

Since you took care of the virus in your website reinfecting you, please try the following again.



Please delete ComboFix.exe before doing the following.




Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#55
ascollick

ascollick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi Jimmy : ) Here is the log ; if you think I am virus free what should I do about not being able to defrag etc ? and the slowness ? Thanks ! Amber


ComboFix 09-05-25.A2 - Amber Scollick 05/26/2009 11:56.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.162 [GMT -5:00]
Running from: c:\documents and settings\Amber Scollick\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090525-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Webroot AntiVirus with AntiSpyware *On-access scanning disabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
FW: Webroot AntiVirus with AntiSpyware *disabled* {63671000-11A2-46DD-BADD-A084CABCDEAE}
.

((((((((((((((((((((((((( Files Created from 2009-04-26 to 2009-05-26 )))))))))))))))))))))))))))))))
.

2009-05-21 18:55 . 2009-02-05 21:06 23152 ----a-w c:\windows\system32\drivers\aswRdr.sys
2009-05-21 18:55 . 2009-02-05 21:06 51376 ----a-w c:\windows\system32\drivers\aswTdi.sys
2009-05-21 18:55 . 2009-02-05 21:05 26944 ----a-w c:\windows\system32\drivers\aavmker4.sys
2009-05-21 18:55 . 2009-02-05 21:04 97480 ----a-w c:\windows\system32\AvastSS.scr
2009-05-21 18:55 . 2009-02-05 21:07 114768 ----a-w c:\windows\system32\drivers\aswSP.sys
2009-05-21 18:55 . 2009-02-05 21:07 20560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
2009-05-21 18:55 . 2009-02-05 21:08 93296 ----a-w c:\windows\system32\drivers\aswmon.sys
2009-05-21 18:55 . 2009-02-05 21:08 94032 ----a-w c:\windows\system32\drivers\aswmon2.sys
2009-05-21 18:54 . 2009-02-05 21:11 1256296 ----a-w c:\windows\system32\aswBoot.exe
2009-05-21 15:35 . 2009-04-24 21:57 202 ----a-w c:\documents and settings\Amber Scollick\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-541f58c7-n\_vti_cnf\Decora-D3D.dll
2009-05-21 15:35 . 2009-04-24 21:57 202 ----a-w c:\documents and settings\Amber Scollick\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-6dabdfb1-n\_vti_cnf\Decora-SSE.dll
2009-05-21 15:35 . 2009-04-24 21:57 203 ----a-w c:\documents and settings\Amber Scollick\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-770b5e9a-n\_vti_cnf\jogl_cg.dll
2009-05-03 16:06 . 2009-05-03 16:06 -------- d-----w c:\documents and settings\Amber Scollick\Local Settings\Application Data\Dell
2009-05-03 16:04 . 2009-05-03 16:04 -------- d-----w c:\documents and settings\Amber Scollick\Local Settings\Application Data\SupportSoft
2009-05-03 16:04 . 2009-05-03 16:04 -------- d-----w c:\program files\PCCheckupOnline
2009-05-03 15:57 . 2009-05-03 15:58 -------- d-----w c:\temp\_vti_cnf
2009-05-02 02:08 . 2009-05-21 05:19 -------- d-----w c:\documents and settings\All Users\Application Data\SITEguard
2009-05-02 02:07 . 2009-05-02 02:07 -------- d-----w c:\program files\Common Files\iS3
2009-05-02 02:07 . 2009-05-21 05:19 -------- d-----w c:\documents and settings\All Users\Application Data\STOPzilla!
2009-05-01 04:37 . 2009-05-21 15:35 -------- d-sh--w c:\documents and settings\Amber Scollick\IECompatCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 02:05 . 2007-12-15 01:37 -------- d-----w c:\documents and settings\Amber Scollick\Application Data\gtk-2.0
2009-05-21 15:35 . 2009-01-18 18:13 -------- d-----w c:\documents and settings\Amber Scollick\Application Data\Windows Desktop Search
2009-05-21 05:19 . 2005-11-03 18:33 -------- d-----w c:\documents and settings\All Users\Application Data\Motive
2009-05-15 15:35 . 2005-10-09 13:53 152496 -c--a-w c:\documents and settings\Amber Scollick\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-15 03:33 . 2009-01-18 16:31 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-03 16:05 . 2005-08-25 05:53 -------- d-----w c:\program files\Dell
2009-05-03 03:50 . 2008-01-05 20:48 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-05-03 02:58 . 2006-01-08 01:57 -------- d-----w c:\program files\Print Workshop 2006
2009-05-01 14:16 . 2009-04-20 04:55 -------- d-----w c:\program files\CA Yahoo! Anti-Spy
2009-04-24 21:53 . 2009-04-24 21:56 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-24 21:52 . 2005-08-25 06:08 -------- d-----w c:\program files\Java
2009-04-24 21:49 . 2009-05-21 15:35 203 ----a-w c:\documents and settings\Amber Scollick\Application Data\Sun\Java\jre1.6.0_13\_vti_cnf\lzma.dll
2009-04-24 21:49 . 2009-04-24 21:49 152576 ----a-w c:\documents and settings\Amber Scollick\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-21 19:24 . 2009-04-21 19:24 -------- d-----w c:\program files\Alwil Software
2009-04-20 04:55 . 2009-04-20 04:55 -------- d-----w c:\program files\Common Files\Scanner
2009-04-20 04:24 . 2009-04-20 03:59 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-04-20 03:59 . 2006-03-22 01:16 -------- d-----w c:\documents and settings\All Users\Application Data\yahoo!
2009-04-20 03:59 . 2005-11-03 18:22 -------- d-----w c:\program files\Yahoo!
2009-04-20 01:30 . 2009-04-20 01:30 -------- d-----w c:\documents and settings\Amber Scollick\Application Data\Malwarebytes
2009-04-20 01:30 . 2009-04-20 01:30 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-18 03:57 . 2009-04-18 03:57 9924040 ----a-w C:\windowsremoval.exe
2009-04-14 14:18 . 2009-04-14 14:07 -------- d-----w c:\documents and settings\All Users\Application Data\Webroot
2009-04-14 14:07 . 2009-04-14 14:07 -------- d-----w c:\program files\Webroot
2009-04-14 14:07 . 2009-04-14 14:07 -------- d-----w c:\documents and settings\Amber Scollick\Application Data\Webroot
2009-04-14 14:03 . 2009-04-14 14:03 164 ----a-w c:\windows\install.dat
2009-04-13 02:44 . 2006-01-18 17:00 -------- d-----w c:\documents and settings\Amber Scollick\Application Data\Motive
2009-04-13 02:43 . 2009-04-13 02:41 -------- d-----w c:\program files\ATT-SST
2009-04-13 02:43 . 2005-11-03 18:33 -------- d-----w c:\program files\Common Files\Motive
2009-04-13 02:42 . 2005-11-03 18:32 -------- d-----w c:\program files\SBC Self Support Tool
2009-04-06 18:32 . 2009-04-14 14:07 1563008 ----a-w c:\windows\WRSetup.dll
2009-04-02 19:30 . 2009-04-02 19:30 176752 ----a-w c:\windows\system32\drivers\ssidrv.sys
2009-04-02 19:30 . 2009-04-02 19:30 23152 ----a-w c:\windows\system32\drivers\sshrmd.sys
2009-04-02 19:30 . 2009-04-02 19:30 29808 ----a-w c:\windows\system32\drivers\ssfs0bbc.sys
2009-03-23 03:58 . 2009-03-23 03:58 531270 ----a-w C:\flower-pink-fresh.zip
2009-03-23 03:52 . 2009-03-23 03:52 22 ----a-w C:\pink.zip
2009-03-08 09:34 . 2004-08-10 17:51 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 09:34 . 2004-08-10 17:51 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 09:33 . 2004-08-10 17:50 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 09:33 . 2004-08-10 17:51 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 09:32 . 2004-08-10 17:50 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 09:32 . 2004-08-10 17:51 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 09:31 . 2004-08-10 17:51 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 09:31 . 2004-08-10 17:51 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 09:31 . 2004-08-10 17:51 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 09:22 . 2004-08-10 17:51 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-10 17:51 284160 ----a-w c:\windows\system32\pdh.dll
2009-01-15 22:50 . 2005-09-02 14:34 56 --sh--r c:\windows\system32\A5B7C537E9.sys
2009-01-15 22:50 . 2005-09-02 14:34 2516 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-05-12_16.33.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-26 16:33 . 2009-05-26 16:33 16384 c:\windows\Temp\Perflib_Perfdata_a90.dat
+ 2009-05-26 16:33 . 2009-05-26 16:33 16384 c:\windows\Temp\Perflib_Perfdata_664.dat
+ 2006-07-24 15:50 . 2006-07-24 15:50 39728 c:\windows\system32\SCP32.DLL
+ 2005-08-30 20:19 . 2009-05-26 16:33 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2005-08-30 20:19 . 2009-05-12 16:29 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2005-08-30 20:19 . 2009-05-12 16:29 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2005-08-30 20:19 . 2009-05-26 16:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2005-08-30 20:19 . 2009-05-26 16:33 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2005-08-30 20:19 . 2009-05-12 16:29 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-01-18 16:40 . 2009-04-30 08:03 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-08-23 06:19 . 2007-08-23 06:19 79776 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWSTRUCT.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 22416 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWRECS.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 54152 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWRECE.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 30096 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWORIENT.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 60800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWLAY32.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 90504 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWCUTLIN.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 32608 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\THOCRAPI.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 22416 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\REVERSE.DLL
+ 2007-08-24 10:50 . 2007-08-24 10:50 41832 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\REFEDIT.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 79784 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\PSOM.DLL
+ 2007-08-24 08:37 . 2007-08-24 08:37 68464 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\NAME.DLL
+ 2007-08-24 10:50 . 2007-08-24 10:50 29576 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSOEURO.DLL
+ 2007-08-29 04:20 . 2007-08-29 04:20 17304 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSOCFU.DLL
+ 2007-08-24 10:17 . 2007-08-24 10:17 69520 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSAEXP30.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 36216 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESYSTEMMODE.DLL
+ 2007-08-24 12:01 . 2007-08-24 12:01 19328 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESTDURLLAUNCHER.EXE
+ 2007-08-24 12:00 . 2007-08-24 12:00 25448 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVENEW.DLL
+ 2007-08-24 12:00 . 2007-08-24 12:00 33648 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEMONITOR.EXE
+ 2007-08-24 11:59 . 2007-08-24 11:59 36208 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECLEAN.EXE
+ 2007-08-29 05:24 . 2007-08-29 05:24 36216 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEAUTOPROXY.DLL
+ 2007-08-24 11:59 . 2007-08-24 11:59 68464 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEAUDITSERVICE.EXE
+ 2007-08-23 06:19 . 2007-08-23 06:19 78728 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\FORM.DLL
+ 2007-08-24 10:38 . 2007-08-24 10:38 67952 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\COLLIMP.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 58760 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACERCLR.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 17800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEODTXT.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 17800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEODPDX.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 17800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEODEXL.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 17800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEODDBS.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 50616 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEERR.DLL
+ 2004-01-07 15:21 . 2005-03-01 16:27 245408 c:\windows\system32\unicows.dll
+ 2004-08-10 17:57 . 2009-05-15 17:50 447696 c:\windows\system32\FNTCACHE.DAT
- 2009-01-18 16:40 . 2009-04-30 08:03 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-01-18 19:48 . 2009-01-18 19:48 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-05-15 03:19 . 2009-05-15 03:19 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2007-08-23 06:19 . 2007-08-23 06:19 535448 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\XPAGE3C.DLL
+ 2007-08-23 06:19 . 2007-08-23 06:19 129936 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\TWCUTCHR.DLL
+ 2007-06-08 00:51 . 2007-06-08 00:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\SSGEN.DLL
+ 2007-08-24 10:17 . 2007-08-24 10:17 505240 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\SOA.DLL
+ 2007-09-02 06:55 . 2007-09-02 06:55 442240 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\SETUP.EXE
+ 2007-09-06 22:55 . 2007-09-06 22:55 505752 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\SELFCERT.EXE
+ 2007-08-24 10:43 . 2007-08-24 10:43 747448 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\REGFORM.EXE
+ 2007-09-06 22:50 . 2007-09-06 22:50 485232 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\PORTCONN.DLL
+ 2007-06-08 00:51 . 2007-06-08 00:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OUTLFLTR.DLL
+ 2007-08-29 05:31 . 2007-08-29 05:31 785352 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ONSYNCPC.DLL
+ 2007-08-29 05:49 . 2007-08-29 05:49 667544 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ONBTTNOL.DLL
+ 2007-08-24 09:06 . 2007-08-24 09:06 288152 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OISGRAPH.DLL
+ 2007-08-24 09:06 . 2007-08-24 09:06 277384 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OIS.EXE
+ 2007-09-02 06:55 . 2007-09-02 06:55 235456 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ODEPLOY.EXE
+ 2007-08-29 05:46 . 2007-08-29 05:46 542568 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSTORES.DLL
+ 2007-08-29 05:45 . 2007-08-29 05:45 835952 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSTORDB.EXE
+ 2007-08-23 06:12 . 2007-08-23 06:12 507768 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSSOAP30.DLL
+ 2007-08-24 08:40 . 2007-08-24 08:40 674664 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSQRY32.EXE
+ 2007-08-29 05:18 . 2007-08-29 05:18 439160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSORUN.DLL
+ 2007-09-06 22:55 . 2007-09-06 22:55 431456 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSODCW.DLL
+ 2007-08-29 04:20 . 2007-08-29 04:20 163712 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSOCF.DLL
+ 2007-08-29 05:52 . 2007-08-29 05:52 120704 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSCONV97.DLL
+ 2007-08-29 05:45 . 2007-08-29 05:45 831856 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MEDCAT.DLL
+ 2007-08-24 10:43 . 2007-08-24 10:43 179616 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\IPOLK.DLL
+ 2007-08-24 08:36 . 2007-08-24 08:36 175968 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\IEAWSDC.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 632696 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEWEBSERVICES.DLL
+ 2007-08-24 12:02 . 2007-08-24 12:02 573832 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEWEBPLATFORMSERVICES.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 269184 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEWEBBROWSERTOOL2.DLL
+ 2007-08-24 12:02 . 2007-08-24 12:02 959848 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEUTIL.DLL
+ 2007-08-24 12:01 . 2007-08-24 12:01 224128 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESYSTEMSERVICES.DLL
+ 2007-08-24 12:01 . 2007-08-24 12:01 364920 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESKETCHTOOL.DLL
+ 2007-08-24 12:00 . 2007-08-24 12:00 225664 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEPROJECTTOOLSET.DLL
+ 2007-08-24 12:00 . 2007-08-24 12:00 320376 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEMIGRATOR.EXE
+ 2007-08-24 12:00 . 2007-08-24 12:00 200048 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEGAMES.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 287104 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEFETCHSERVICES.DLL
+ 2007-08-24 12:00 . 2007-08-24 12:00 378752 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEDATAVIEWERTOOL.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 769400 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECOMPONENTMGR.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 118688 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2007-08-29 05:24 . 2007-08-29 05:24 301944 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECALENDARTOOL.DLL
+ 2007-08-29 05:24 . 2007-08-29 05:24 286064 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEAUDIO.DLL
+ 2007-08-29 05:23 . 2007-08-29 05:23 340856 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVE.EXE
+ 2007-08-29 04:45 . 2007-08-29 04:45 985496 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\FPWEC.DLL
+ 2007-08-24 08:18 . 2007-08-24 08:18 437160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\DWTRIG20.EXE
+ 2007-08-24 08:18 . 2007-08-24 08:18 442208 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\DWDCW20.DLL
+ 2007-08-24 11:58 . 2007-08-24 11:58 237424 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\DRAT.EXE
+ 2007-08-24 08:36 . 2007-08-24 08:36 192400 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\CONTACTPICKER.DLL
+ 2007-08-24 08:45 . 2007-08-24 08:45 208256 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\CLVIEW.EXE
+ 2007-08-29 05:53 . 2007-08-29 05:53 402784 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\CDLMSO.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 374200 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEXBE.DLL
+ 2007-08-29 05:52 . 2007-08-29 05:52 201664 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEWSS.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 226744 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACETXT.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 554440 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEREP.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 292288 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACER3X.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 263616 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACER2X.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 394688 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEPDE.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 390600 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEOLEDB.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 281992 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEODBC.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 210368 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACELTS.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 632248 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEEXCL.DLL
+ 2007-08-24 08:46 . 2007-08-24 08:46 341440 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEEXCH.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 193992 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEES.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 579008 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACEDAO.DLL
+ 2007-08-24 10:17 . 2007-08-24 10:17 165256 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACCWIZ.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 579008 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACACEDAO.DLL
+ 2009-03-05 23:12 . 2009-03-05 23:12 458456 c:\windows\Downloaded Program Files\PCPitstop.dll
+ 2009-05-13 15:14 . 2009-05-13 15:14 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2009-01-18 16:40 . 2009-04-30 08:03 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-01-18 16:40 . 2009-04-30 08:03 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-01-18 16:40 . 2009-05-15 03:32 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2007-08-23 06:19 . 2007-08-23 06:19 1198496 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\XIMAGE3B.DLL
+ 2007-08-24 12:10 . 2007-08-24 12:10 3735424 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\VVIEWER.DLL
+ 2007-08-24 12:10 . 2007-08-24 12:10 1846160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\VVIEWDWG.DLL
+ 2007-08-29 04:28 . 2007-08-29 04:28 2330024 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\STSLIST.DLL
+ 2007-08-29 05:38 . 2007-08-29 05:38 2016656 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\PPTVIEW.EXE
+ 2007-09-02 06:55 . 2007-09-02 06:55 6540656 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OSETUP.DLL
+ 2007-08-24 09:06 . 2007-08-24 09:06 1000848 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OISAPP.DLL
+ 2007-08-29 05:37 . 2007-08-29 05:37 7039888 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OFFOWC.DLL
+ 2007-10-03 00:51 . 2007-10-03 00:51 8436776 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OARTCONV.DLL
+ 2007-08-28 01:20 . 2007-08-28 01:20 6637960 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSORES.DLL
+ 2007-10-06 01:31 . 2007-10-06 01:31 5287984 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\IPEDITOR.DLL
+ 2007-10-06 01:30 . 2007-10-06 01:30 5460528 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\IPDESIGN.DLL
+ 2007-10-06 01:30 . 2007-10-06 01:30 1443880 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\INFOPATH.EXE
+ 2007-08-29 05:26 . 2007-08-29 05:26 1398136 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEUIFRAMEWORK.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 4747128 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVETRANSCEIVER.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 1165176 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVETEXTTOOLS.DLL
+ 2007-08-29 05:26 . 2007-08-29 05:26 2740600 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESTORAGEMGR.DLL
+ 2007-08-24 12:01 . 2007-08-24 12:01 2212224 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVESHELLEXTENSIONS.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 7053680 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVERESOURCE.DLL
+ 2007-08-24 12:00 . 2007-08-24 12:00 1562472 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEMISC.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 3073928 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEDOCUMENTSHARETOOL.DLL
+ 2007-08-29 05:25 . 2007-08-29 05:25 1362288 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECRYPTO.DLL
+ 2007-08-29 05:24 . 2007-08-29 05:24 3514768 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2007-08-29 05:24 . 2007-08-29 05:24 2690944 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVECOMMONCOMPONENTS.DLL
+ 2007-08-29 05:23 . 2007-08-29 05:23 6192504 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GROOVEACCOUNTMGR.DLL
+ 2007-10-03 00:45 . 2007-10-03 00:45 2530864 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\GRAPH.EXE
+ 2007-08-26 00:11 . 2007-08-26 00:11 1685896 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\FPSRVUTL.DLL
+ 2007-08-23 06:03 . 2007-08-23 06:03 1195888 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\FM20.DLL
+ 2007-08-29 04:22 . 2007-08-29 04:22 1754536 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\ACECORE.DLL
+ 2009-01-27 16:16 . 2009-01-27 16:16 3063536 c:\windows\Downloaded Program Files\PCPitstop3D.dll
+ 2005-11-03 17:36 . 2009-05-07 07:16 24699336 c:\windows\system32\MRT.exe
+ 2007-10-06 01:44 . 2007-10-06 01:44 14168600 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OART.DLL
+ 2007-08-29 04:13 . 2007-08-29 04:13 10367352 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSACCESS.EXE
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-04-06 18:26 238968 ----a-w c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2004-09-14 131072]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2004-09-14 53248]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-08-25 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-08-25 98304]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"HPHUPD05"="c:\program files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-20 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-08-20 221184]
"HPHmon05"="c:\windows\system32\hphmon05.exe" [2003-08-20 483328]
"YBrowser"="c:\program files\Yahoo!\browser\ybrwicon.exe" [2003-07-11 57344]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-25 188416]
"Lexmark 4200 Series"="c:\program files\Lexmark 4200 Series\lxbmbmgr.exe" [2004-01-16 57344]
"FaxCenterServer4_in_1"="c:\program files\Lexmark 4200 Series\Fax\fm3032.exe" [2004-01-22 151552]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\McciTrayApp.exe" [2008-09-19 1529856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-24 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-04-06 6345840]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

c:\documents and settings\Amber Scollick\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-11-27 368640]
PictureProject In Touch.lnk - c:\program files\Nikon\PictureProject In Touch\PictureProjectInTouch.exe [2005-3-21 8384512]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-9-19 282624]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-1-15 118784]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/2/2009 2:30 PM 29808]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/21/2009 1:55 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/21/2009 1:55 PM 20560]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [4/14/2009 9:08 AM 1181040]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder

2009-04-14 c:\windows\Tasks\HP DArC Task 2003-08-20 09:23ewlett-Packard76002003-08-20 19:57Y39S331J7K3.job
- c:\program files\HP\hpcoretech\comp\hpdarc.exe [2003-08-20 19:57]

2009-05-26 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-08-25 17:24]

2009-05-26 c:\windows\Tasks\wrSpySweeper_LA52014E956244F98ACB8DEB6167137AF.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-04-14 18:32]

2009-05-26 c:\windows\Tasks\wrSpySweeper_LA52014E956244F98ACB8DEB6167137AF.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-04-14 18:32]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: beanababy.com\www
Trusted Zone: steelers.com\www
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-26 12:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3524)
c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
.
Completion time: 2009-05-26 12:07
ComboFix-quarantined-files.txt 2009-05-26 17:06
ComboFix2.txt 2009-05-15 02:27
ComboFix3.txt 2009-05-12 17:05
ComboFix4.txt 2009-04-25 16:26

Pre-Run: 48,507,314,176 bytes free
Post-Run: 49,014,063,104 bytes free

394 --- E O F --- 2009-05-13 15:14
  • 0

Advertisements


#56
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ascollick,

Please do the following and see if it helps any.



I see that you have two anti-virus programs running, I need you to remove one of them. Running two anti-virus programs at the same time can slow your computer down and also the anti-virus programs can conflict with each other. These are the two I see you have running.
Avast and Webroot
If you need help removing one of them please let me know.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP