Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Citrix Gateway won't Launch / Possible Malware-Tronjan , Etc. [Clo

Started by CEEV , Apr 25 2009 12:17 AM

  • This topic is locked This topic is locked

#1
CEEV
Posted 25 April 2009 - 12:17 AM

CEEV

    Member

  • Member
  • PipPip
  • 16 posts
:) Hi:

I want to thank you in advance for your help.

I have two at home jobs and one of them, in order to connect to their network in one of them, I need to do it through Citrix Gateway V2.

I had this problem for couple months, sometimes Citrix will Lauch and I'm able to work, but not lately. I had follow all the requirements for my work at home company and sometimes the only thing that works is only if I un-install Citrix and re-install it, which is totally a pain if I need to do this everyday.

My work at home company has a limited Technical support and I have been with them, several times, they had connected to my PC and re-set settings make sure all the firewalls were disable etc.

For the last two months I have not been able to work this job, the only thing I had done is t/s my PC. The last Technical support guy worked around my PC for about 3 hours checking everything. He could not find anything wrong with my pc, however he did not have any idea why I'm not able to connect to the Gateway. One Technical support agent said is possible a Malware/trojan preventing Citrix to RUN.

Every month I have a minimum set hours that I'm required to fulfill, which I was not able to do for the month of March and Got a slip for this. This month my supervisor said that I need to do something about this or I could be let go.

I have 3 jobs ( 1 out side of the house and 2 at home jobs ), even this one is my back up and I work less hours than the other two, I really do not want to lose it.

I have MS Windows XP SP3, Intel Pentium 4 CPU, 3.00 GHz, 512 MB RAM, Intel 82865G Graphics Controller.

P.S. Excuse my English, but this is my second language.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:19:34, on 4/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\common files\aol\1103757878\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1103757878\EE\aolsoftware.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.west.com
O15 - Trusted Zone: *.westathome.com
O15 - Trusted Zone: *.westathome.net
O15 - Trusted Zone: *.workathomeagent.net
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...t/PCPitStop.CAB
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmar...martActivia.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.s...abs/tgctlsr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase5483.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1232598630437
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.ado...obat/nos/gp.cab
O16 - DPF: {FAE28553-6D86-4EFB-ACA9-05A8ACEBDEE4} (Explorador de Fotos Rollpix v2.0) - http://ww1.fotobenav...ploradorv20.ocx
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 8577 bytes

Edited by CEEV, 25 April 2009 - 09:30 PM.

  • 0

Advertisements

#2
Jimmy2012
Posted 29 April 2009 - 06:42 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello CEEV and welcome to Geeks to go. :)
Sorry about the delay.



  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#3
CEEV
Posted 29 April 2009 - 09:06 PM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thanks so much for you time. My PC is starting to really slow down and I don't know what is it, but is disabeling my windows firewall. This starting to happend before I saw your post.

Here is what you ask for:

OTListIt logfile created on: 4/29/2009 10:47:19 PM - Run 1OTListIt2 by OldTimer - Version 2.0.14.0     Folder = C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46YWindows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.13)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 164.30 Mb Available Physical Memory | 32.22% Memory free1.22 Gb Paging File | 0.48 Gb Available in Paging File | 39.56% Paging File freePaging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 70.94 Gb Total Space | 52.38 Gb Free Space | 73.84% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: D1R74361Current User Name: VanDerMark FamilyLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userOutput = MinimalFile Age = 30 DaysCompany Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)PRC - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)PRC - C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)PRC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe (America Online Inc)PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)PRC - C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe (Logitech, Inc.)PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)PRC - C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe (Logitech, Inc.)PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)PRC - c:\program files\common files\aol\1103757878\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe ()PRC - C:\Program Files\Common Files\AOL\1103757878\EE\aolsoftware.exe (AOL LLC)PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)PRC - C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y\OTListIt2[1].exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (0116081232684624mcinstcleanup [Disabled | Stopped]) --  File not foundSRV - (a2free [Auto | Running]) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)SRV - (AOL ACS [Auto | Running]) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)SRV - (AOL TopSpeedMonitor [Auto | Running]) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)SRV - (Apple Mobile Device [Disabled | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)SRV - (avast! Web Scanner [On_Demand | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)SRV - (DSBrokerService [Disabled | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)SRV - (getPlus® Helper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)SRV - (Lavasoft Ad-Aware Service [On_Demand | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)SRV - (WANMiniportService [Auto | Running]) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)DRV - (BrScnUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrScnUsb.sys (Brother Industries Ltd.)DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys (Intel Corporation)DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys (Intel Corporation)DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys (Intel Corporation)DRV - (L8042Kbd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)DRV - (L8042mou [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)DRV - (LBeepKE [Auto | Running]) -- C:\WINDOWS\System32\Drivers\LBeepKE.sys (Logitech, Inc.)DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)DRV - (LMouKE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)DRV - (MCSTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys (Intel Corporation)DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)DRV - (PCTCore [Boot | Running]) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.aol.com/"]http://www.aol.com/[/url]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/11/08 09:32:07 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/03 12:03:54 | 00,000,000 | ---D | M]  O1 HOSTS File: (738 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1       localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not foundO3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - Reg Error: Key error. File not foundO3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - Reg Error: Key error. File not foundO3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Value error. File not foundO4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)O4 - HKCU..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b (AOL, LLC.)O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)O15 - HKCU\..Trusted Sites: west.com ([]* in Trusted sites)O15 - HKCU\..Trusted Sites: westathome.com ([]* in Trusted sites)O15 - HKCU\..Trusted Sites: westathome.net ([]* in Trusted sites)O15 - HKCU\..Trusted Sites: workathomeagent.net ([]* in Trusted sites)O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} [url="http://www.pcpitstop.com/betapit/PCPitStop.CAB"]http://www.pcpitstop.com/betapit/PCPitStop.CAB[/url] (PCPitstop Utility)O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://download.macromedia.com/pub/shockwa...director/sw.cab[/url] (Shockwave ActiveX Control)O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [url="http://photos.walmart.com/WalmartActivia.cab"]http://photos.walmart.com/WalmartActivia.cab[/url] (Snapfish Activia)O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} [url="https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab"]https://www-secure.symantec.com/techsupp/as...abs/tgctlsr.cab[/url] (Reg Error: Key error.)O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [url="http://download.bitdefender.com/resources/scan8/oscan8.cab"]http://download.bitdefender.com/resources/scan8/oscan8.cab[/url] (BDSCANONLINE Control)O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} [url="http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab"]http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab[/url] (Windows Live Safety Center Base Module)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [url="http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232598630437"]http://www.update.microsoft.com/windowsupd...b?1232598630437[/url] (WUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url] (Java Plug-in 1.6.0_13)O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [url="http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab"]http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab[/url] (Reg Error: Key error.)O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab"]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url] (Reg Error: Key error.)O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url] (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url] (Java Plug-in 1.6.0_13)O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [url="http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab"]http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab[/url] (get_atlcom Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab[/url] (Shockwave Flash Object)O16 - DPF: {FAE28553-6D86-4EFB-ACA9-05A8ACEBDEE4} [url="http://ww1.fotobenavides.com/MisFotos/ExploradorNuevo/Exploradorv20.ocx"]http://ww1.fotobenavides.com/MisFotos/Expl...ploradorv20.ocx[/url] (Explorador de Fotos Rollpix v2.0)O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} [url="http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll"]http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll[/url] (PCPitstop Exam)O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Value error. File not foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - Autorun File - C:\autoexec.001 () - [ NTFS ]O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]O32 - Autorun File - C:\autorun.PNF () - [ NTFS ]O33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell - "" = AutoRunO33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell\AutoRun - "" = Auto&PlayO34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not foundO34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () ========== Files/Folders - Created Within 30 Days ========== [1 C:\*.tmp files][3 C:\WINDOWS\System32\*.tmp files][2 C:\WINDOWS\*.tmp files][2009/04/29 13:38:51 | 00,000,098 | ---- | C] () -- C:\index.ini[2009/04/29 13:24:21 | 00,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com[2009/04/29 11:31:38 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk[2009/04/29 11:31:28 | 00,000,000 | ---D | C] -- C:\ISeeYouXP[2009/04/29 10:06:34 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys[2009/04/29 10:06:23 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys[2009/04/29 10:06:23 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys[2009/04/29 10:06:10 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk[2009/04/29 10:06:06 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys[2009/04/29 10:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools[2009/04/29 10:05:44 | 00,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk[2009/04/29 10:05:42 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\STKIT432.DLL[2009/04/29 10:05:38 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic[2009/04/29 09:58:13 | 00,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk[2009/04/29 09:58:11 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared HiJackFree[2009/04/29 00:02:03 | 00,086,912 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg[2009/04/27 21:16:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search[2009/04/27 13:21:51 | 00,008,396 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf[2009/04/26 17:19:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\My Albums[2009/04/25 14:10:39 | 53,482,7008 | -HS- | C] () -- C:\hiberfil.sys[2009/04/25 13:51:15 | 00,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\a-squared Free[2009/04/25 11:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Citrix[2009/04/25 11:02:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search[2009/04/25 11:01:39 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search[2009/04/25 11:00:00 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll[2009/04/25 11:00:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll[2009/04/25 10:59:59 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll[2009/04/25 10:59:47 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll[2009/04/25 10:59:18 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2[2009/04/25 10:57:11 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF[2009/04/25 09:51:21 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe[2009/04/17 23:49:51 | 00,000,000 | ---D | C] -- C:\Program Files\FaceDub[2009/04/16 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Updater5[2009/04/15 01:19:34 | 00,000,220 | -HS- | C] () -- C:\WINDOWS\dwin.sys[2009/04/15 01:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\avlocks3[2009/04/14 22:46:00 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll[2009/04/14 22:46:00 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll[2009/04/14 22:46:00 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll[2009/04/14 22:46:00 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll[2009/04/14 22:46:00 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe[2009/04/14 22:46:00 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe[2009/04/14 22:45:59 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll[2009/04/14 22:45:59 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll[2009/04/14 22:45:59 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll[2009/04/14 22:45:13 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb[2009/04/14 22:45:13 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe[2009/04/14 22:45:13 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll[2009/04/13 22:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\FLEX Spreadsheet[2009/04/12 14:29:38 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc[2009/04/09 16:47:15 | 01,289,163 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg[2009/04/09 12:52:50 | 00,000,932 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg[2009/04/08 21:46:57 | 01,277,680 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe[2009/04/06 22:10:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache[2009/04/06 22:10:53 | 00,000,000 | ---D | C] -- C:\Program Files\Coupons[2009/04/06 02:26:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP[2009/04/05 16:07:10 | 00,000,000 | ---D | C] -- C:\VundoFix Backups[2009/04/05 15:57:07 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk[2009/04/05 15:57:07 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner[2009/04/05 12:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Info Virus-Trojas-Spy[2009/04/04 21:44:10 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe[2009/04/04 21:44:10 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe[2009/04/04 21:44:10 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe[2009/04/03 12:02:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer[2009/04/03 12:02:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild[2009/04/03 12:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies[2009/04/03 11:23:11 | 00,280,576 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\VanDerMark Family\Desktop\framework_cleanup_tool.exe[2009/04/01 14:53:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8[2009/04/01 09:53:34 | 15,477,248 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi[2009/03/31 16:04:17 | 00,000,917 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk[2009/03/31 16:04:16 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group[2009/03/31 13:37:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates[2009/03/31 13:36:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM[2009/03/31 13:34:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7[2009/03/31 13:34:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$[2009/03/31 13:33:56 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$[2009/03/31 13:31:00 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll[2009/03/31 13:30:59 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll[2009/03/31 13:30:59 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll[2009/03/31 13:30:59 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll[2009/03/31 13:30:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll[2009/03/31 13:30:59 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe[2009/03/31 13:30:58 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat[2009/03/31 13:30:58 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui[2009/03/31 13:30:57 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll[2009/02/27 10:21:41 | 00,000,122 | -HS- | C] () -- C:\WINDOWS\System32\ofatugil.ini[2009/02/12 01:35:41 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll[2008/03/15 18:34:59 | 00,000,819 | ---- | C] () -- C:\WINDOWS\Start.INI[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini[2007/05/16 21:11:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini[2007/05/16 21:11:10 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini[2006/12/28 19:09:20 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll[2006/09/18 16:57:12 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini[2006/08/11 13:41:56 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll[2006/08/11 13:41:41 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll[2006/08/03 21:08:30 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL[2006/08/03 21:08:29 | 00,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI[2006/03/05 20:26:50 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini[2005/09/07 16:43:29 | 00,000,126 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI[2005/07/08 08:42:26 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini[2005/06/22 11:04:50 | 00,000,694 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini[2005/01/09 17:26:22 | 00,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL[2005/01/09 17:26:22 | 00,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll[2005/01/09 17:26:22 | 00,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL[2005/01/09 17:26:22 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll[2005/01/09 17:26:22 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll[2005/01/09 17:26:22 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll[2004/12/08 07:57:41 | 00,000,099 | ---- | C] () -- C:\WINDOWS\upst.ini[2004/12/08 07:57:41 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini[2004/11/20 19:47:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini[2004/11/20 18:51:56 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini[2004/11/20 18:27:41 | 00,000,843 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini[2004/11/20 18:27:41 | 00,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini[2004/11/20 18:27:41 | 00,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini[2004/11/20 18:27:41 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI[2004/11/11 04:40:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini[2004/11/11 04:30:07 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2004/11/11 03:57:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI[2004/09/16 00:03:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini[2004/08/10 15:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI[2004/08/10 15:04:08 | 00,000,799 | ---- | C] () -- C:\WINDOWS\WIN.INI[2004/08/10 14:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI[2004/08/04 07:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI[2003/11/16 05:48:02 | 00,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll[2003/11/16 05:48:00 | 01,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll[2003/11/15 12:54:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll[2002/10/06 18:42:58 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll[2002/03/29 14:45:56 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\wwnet32i.dll[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini[1980/01/01 02:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll ========== Files - Modified Within 30 Days ========== [1 C:\*.tmp files][3 C:\WINDOWS\System32\*.tmp files][2 C:\WINDOWS\*.tmp files][2009/04/29 22:42:02 | 00,053,096 | ---- | M] () -- C:\VETlog.dmp[2009/04/29 22:40:46 | 00,000,799 | ---- | M] () -- C:\WINDOWS\WIN.INI[2009/04/29 22:29:54 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009/04/29 22:29:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT[2009/04/29 22:29:43 | 53,482,7008 | -HS- | M] () -- C:\hiberfil.sys[2009/04/29 14:36:34 | 00,000,098 | ---- | M] () -- C:\index.ini[2009/04/29 11:31:39 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk[2009/04/29 10:06:10 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk[2009/04/29 10:05:44 | 00,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk[2009/04/29 09:58:13 | 00,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk[2009/04/29 00:02:59 | 00,086,912 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg[2009/04/27 21:20:22 | 00,054,986 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Application Data\wklnhst.dat[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job[2009/04/27 13:21:51 | 00,008,396 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf[2009/04/27 12:32:29 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Word.lnk[2009/04/25 13:51:15 | 00,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk[2009/04/25 11:12:15 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb[2009/04/25 11:12:15 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb[2009/04/25 11:01:39 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk[2009/04/25 11:01:36 | 00,544,866 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009/04/25 11:01:36 | 00,463,070 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT[2009/04/25 11:01:36 | 00,078,728 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT[2009/04/25 10:59:28 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Windows Media Player.lnk[2009/04/25 10:57:11 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf[2009/04/25 10:52:14 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL[2009/04/25 10:41:26 | 02,359,296 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money.mny[2009/04/25 10:41:22 | 02,360,254 | R--- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money Backup.mbf[2009/04/25 09:51:38 | 00,002,530 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2009/04/23 15:43:15 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job[2009/04/15 01:19:34 | 00,000,220 | -HS- | M] () -- C:\WINDOWS\dwin.sys[2009/04/12 14:29:39 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc[2009/04/09 12:54:18 | 00,000,932 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg[2009/04/09 12:49:24 | 01,289,163 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg[2009/04/08 21:47:38 | 01,277,680 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe[2009/04/05 15:57:08 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk[2009/04/03 12:12:52 | 00,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2009/04/03 12:05:42 | 00,112,488 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Local Settings\Application Data\GDIPFONTCACHEV1.DAT[2009/04/03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys[2009/04/01 09:53:34 | 15,477,248 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi[2009/03/31 16:04:17 | 00,000,917 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk[2009/03/31 13:59:43 | 00,000,088 | -HS- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\DESKTOP.INI[2009/03/31 11:28:18 | 00,000,131 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\DESKTOP.INI ========== LOP Check ========== [2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data[2009/02/05 16:39:01 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}[2009/01/28 11:03:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe[2008/11/24 22:26:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL[2008/01/04 00:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads[2007/11/25 11:00:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP[2007/12/12 23:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple[2008/01/10 14:46:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer[2008/10/25 14:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications[2004/11/20 18:24:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother[2004/11/11 04:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink[2008/01/28 21:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell[2008/03/30 22:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google[2007/11/04 14:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gtek[2006/09/17 15:51:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP[2008/08/04 06:01:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft[2008/12/05 09:43:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd[2008/12/05 09:33:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech[2007/11/25 11:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia[2008/11/05 14:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2009/01/23 00:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee[2007/03/27 22:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com[2009/04/25 11:01:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft[2006/08/11 13:41:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive[2006/08/11 19:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs[2009/02/25 01:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton[2009/01/23 14:02:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller[2008/12/03 11:10:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools[2009/02/09 13:19:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop[2007/01/19 20:50:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst[2004/12/22 19:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks[2004/11/11 04:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime[2007/01/18 19:48:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI[2009/01/29 22:15:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor[2006/12/13 19:16:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic[2008/03/07 00:52:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com[2008/01/28 21:03:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft[2009/04/29 22:31:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP[2006/12/04 21:38:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia[2008/11/07 10:43:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint[2006/04/26 21:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage[2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data[2006/05/13 13:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\acccore[2008/12/03 11:19:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Adobe[2008/11/25 10:10:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AdobeUM[2006/05/11 19:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Aim[2008/01/07 08:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AOL[2009/02/06 23:09:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Apple Computer[2004/11/29 00:44:25 | 00,000,000 | R--D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Brother[2004/11/20 19:10:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\CyberLink[2006/12/23 17:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Google[2007/11/04 14:56:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\GTek[2004/11/21 14:09:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Help[2006/12/13 19:27:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\HP[2009/03/31 16:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ICAClient[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Identities[2008/01/16 00:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Image Zone Express[2004/11/11 04:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Jasc Software Inc[2005/03/28 22:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Leadertech[2006/12/22 14:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\LimeWire[2008/12/05 09:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Logitech[2007/03/20 16:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Macromedia[2008/11/05 14:29:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Malwarebytes[2008/08/04 00:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee[2004/11/21 21:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee.com[2008/12/13 21:45:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Microsoft[2005/10/18 15:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\MSNInstaller[2006/11/18 16:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Musicmatch[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools[2007/01/19 21:32:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PlayFirst[2007/12/14 19:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Printer Info Cache[2006/11/18 16:18:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Real[2009/04/05 15:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ScanSoft[2009/02/12 01:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Simply Super Software[2006/12/13 20:39:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Snapfish[2004/11/11 04:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sonic[2004/11/11 04:25:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sun[2009/02/12 01:43:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\SUPERAntiSpyware.com[2009/01/23 22:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\U3[2007/12/13 21:05:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Uniblue[2007/01/23 15:01:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Viewpoint[2009/04/25 11:02:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search[2009/04/27 21:16:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search[2005/11/13 12:46:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Yahoo![2004/12/22 19:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\You've Got Pictures Screensaver[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job[2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job ========== Purity Check ==========  ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9< End of report >

  • 0

#4
CEEV
Posted 29 April 2009 - 09:09 PM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
OTListIt logfile created on: 4/29/2009 10:47:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 164.30 Mb Available Physical Memory | 32.22% Memory free
1.22 Gb Paging File | 0.48 Gb Available in Paging File | 39.56% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 52.38 Gb Free Space | 73.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D1R74361
Current User Name: VanDerMark Family
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe (America Online Inc)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe (Logitech, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
PRC - C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe (Logitech, Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - c:\program files\common files\aol\1103757878\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe ()
PRC - C:\Program Files\Common Files\AOL\1103757878\EE\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y\OTListIt2[1].exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (0116081232684624mcinstcleanup [Disabled | Stopped]) -- File not found
SRV - (a2free [Auto | Running]) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (AOL ACS [Auto | Running]) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
SRV - (AOL TopSpeedMonitor [Auto | Running]) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
SRV - (Apple Mobile Device [Disabled | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [Disabled | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (getPlus® Helper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [On_Demand | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WANMiniportService [Auto | Running]) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (BrScnUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (L8042Kbd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (L8042mou [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LBeepKE [Auto | Running]) -- C:\WINDOWS\System32\Drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (MCSTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PCTCore [Boot | Running]) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/11/08 09:32:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/03 12:03:54 | 00,000,000 | ---D | M]


O1 HOSTS File: (738 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b (AOL, LLC.)
O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Sites: west.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: westathome.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: westathome.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: workathomeagent.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1232598630437 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FAE28553-6D86-4EFB-ACA9-05A8ACEBDEE4} http://ww1.fotobenav...ploradorv20.ocx (Explorador de Fotos Rollpix v2.0)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\autoexec.001 () - [ NTFS ]
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.PNF () - [ NTFS ]
O33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell - "" = AutoRun
O33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[3 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/29 13:38:51 | 00,000,098 | ---- | C] () -- C:\index.ini
[2009/04/29 13:24:21 | 00,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com
[2009/04/29 11:31:38 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk
[2009/04/29 11:31:28 | 00,000,000 | ---D | C] -- C:\ISeeYouXP
[2009/04/29 10:06:34 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/04/29 10:06:23 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/04/29 10:06:23 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/04/29 10:06:10 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/04/29 10:06:06 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/04/29 10:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/04/29 10:05:44 | 00,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/04/29 10:05:42 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\STKIT432.DLL
[2009/04/29 10:05:38 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2009/04/29 09:58:13 | 00,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk
[2009/04/29 09:58:11 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared HiJackFree
[2009/04/29 00:02:03 | 00,086,912 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg
[2009/04/27 21:16:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search
[2009/04/27 13:21:51 | 00,008,396 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf
[2009/04/26 17:19:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\My Albums
[2009/04/25 14:10:39 | 53,482,7008 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/25 13:51:15 | 00,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\a-squared Free
[2009/04/25 11:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Citrix
[2009/04/25 11:02:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search
[2009/04/25 11:01:39 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/04/25 11:00:00 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/04/25 11:00:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/04/25 10:59:59 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/04/25 10:59:47 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/25 10:59:18 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/04/25 10:57:11 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/04/25 09:51:21 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/04/17 23:49:51 | 00,000,000 | ---D | C] -- C:\Program Files\FaceDub
[2009/04/16 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Updater5
[2009/04/15 01:19:34 | 00,000,220 | -HS- | C] () -- C:\WINDOWS\dwin.sys
[2009/04/15 01:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\avlocks3
[2009/04/14 22:46:00 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/14 22:46:00 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/14 22:46:00 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/14 22:46:00 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/14 22:46:00 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/14 22:46:00 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/14 22:45:59 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/14 22:45:59 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/14 22:45:59 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/14 22:45:13 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/14 22:45:13 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 22:45:13 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/13 22:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\FLEX Spreadsheet
[2009/04/12 14:29:38 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc
[2009/04/09 16:47:15 | 01,289,163 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg
[2009/04/09 12:52:50 | 00,000,932 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg
[2009/04/08 21:46:57 | 01,277,680 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe
[2009/04/06 22:10:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009/04/06 22:10:53 | 00,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/04/06 02:26:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2009/04/05 16:07:10 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/04/05 15:57:07 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk
[2009/04/05 15:57:07 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/05 12:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Info Virus-Trojas-Spy
[2009/04/04 21:44:10 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/04/04 21:44:10 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/04/04 21:44:10 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/04/03 12:02:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/03 12:02:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/03 12:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/03 11:23:11 | 00,280,576 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\VanDerMark Family\Desktop\framework_cleanup_tool.exe
[2009/04/01 14:53:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/04/01 09:53:34 | 15,477,248 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi
[2009/03/31 16:04:17 | 00,000,917 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk
[2009/03/31 16:04:16 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2009/03/31 13:37:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/31 13:36:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/31 13:34:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/31 13:34:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/31 13:33:56 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/31 13:31:00 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/31 13:30:59 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/31 13:30:59 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/31 13:30:59 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/31 13:30:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/31 13:30:59 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/31 13:30:58 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/31 13:30:58 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/31 13:30:57 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/02/27 10:21:41 | 00,000,122 | -HS- | C] () -- C:\WINDOWS\System32\ofatugil.ini
[2009/02/12 01:35:41 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008/03/15 18:34:59 | 00,000,819 | ---- | C] () -- C:\WINDOWS\Start.INI
[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/05/16 21:11:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/05/16 21:11:10 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/12/28 19:09:20 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/09/18 16:57:12 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/08/11 13:41:56 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/08/11 13:41:41 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/08/03 21:08:30 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/08/03 21:08:29 | 00,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/03/05 20:26:50 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2005/09/07 16:43:29 | 00,000,126 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2005/07/08 08:42:26 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2005/06/22 11:04:50 | 00,000,694 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/01/09 17:26:22 | 00,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2005/01/09 17:26:22 | 00,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2005/01/09 17:26:22 | 00,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2005/01/09 17:26:22 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2005/01/09 17:26:22 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2005/01/09 17:26:22 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2004/12/08 07:57:41 | 00,000,099 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/12/08 07:57:41 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/11/20 19:47:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2004/11/20 18:51:56 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2004/11/20 18:27:41 | 00,000,843 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2004/11/20 18:27:41 | 00,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2004/11/20 18:27:41 | 00,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2004/11/20 18:27:41 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2004/11/11 04:40:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/11 04:30:07 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/11 03:57:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/16 00:03:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 15:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 15:04:08 | 00,000,799 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/08/10 14:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2004/08/04 07:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/11/16 05:48:02 | 00,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2003/11/16 05:48:00 | 01,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003/11/15 12:54:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/10/06 18:42:58 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/03/29 14:45:56 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\wwnet32i.dll
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1980/01/01 02:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[3 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/29 22:42:02 | 00,053,096 | ---- | M] () -- C:\VETlog.dmp
[2009/04/29 22:40:46 | 00,000,799 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/04/29 22:29:54 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/29 22:29:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/04/29 22:29:43 | 53,482,7008 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/29 14:36:34 | 00,000,098 | ---- | M] () -- C:\index.ini
[2009/04/29 11:31:39 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk
[2009/04/29 10:06:10 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/04/29 10:05:44 | 00,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/04/29 09:58:13 | 00,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk
[2009/04/29 00:02:59 | 00,086,912 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg
[2009/04/27 21:20:22 | 00,054,986 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Application Data\wklnhst.dat
[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/27 13:21:51 | 00,008,396 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf
[2009/04/27 12:32:29 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Word.lnk
[2009/04/25 13:51:15 | 00,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2009/04/25 11:12:15 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/25 11:12:15 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/25 11:01:39 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/04/25 11:01:36 | 00,544,866 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/25 11:01:36 | 00,463,070 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/04/25 11:01:36 | 00,078,728 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/04/25 10:59:28 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Windows Media Player.lnk
[2009/04/25 10:57:11 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/04/25 10:52:14 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/04/25 10:41:26 | 02,359,296 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money.mny
[2009/04/25 10:41:22 | 02,360,254 | R--- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money Backup.mbf
[2009/04/25 09:51:38 | 00,002,530 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/23 15:43:15 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/04/15 01:19:34 | 00,000,220 | -HS- | M] () -- C:\WINDOWS\dwin.sys
[2009/04/12 14:29:39 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc
[2009/04/09 12:54:18 | 00,000,932 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg
[2009/04/09 12:49:24 | 01,289,163 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg
[2009/04/08 21:47:38 | 01,277,680 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/05 15:57:08 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk
[2009/04/03 12:12:52 | 00,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/03 12:05:42 | 00,112,488 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/04/01 09:53:34 | 15,477,248 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi
[2009/03/31 16:04:17 | 00,000,917 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk
[2009/03/31 13:59:43 | 00,000,088 | -HS- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\DESKTOP.INI
[2009/03/31 11:28:18 | 00,000,131 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\DESKTOP.INI

========== LOP Check ==========

[2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/02/05 16:39:01 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/01/28 11:03:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/24 22:26:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/01/04 00:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/11/25 11:00:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2007/12/12 23:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/01/10 14:46:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/10/25 14:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2004/11/20 18:24:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2004/11/11 04:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/28 21:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2008/03/30 22:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/11/04 14:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gtek
[2006/09/17 15:51:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/08/04 06:01:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/12/05 09:43:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008/12/05 09:33:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2007/11/25 11:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2008/11/05 14:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/01/23 00:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2007/03/27 22:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/04/25 11:01:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2006/08/11 13:41:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/08/11 19:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
[2009/02/25 01:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/01/23 14:02:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2008/12/03 11:10:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/02/09 13:19:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2007/01/19 20:50:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2004/12/22 19:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2004/11/11 04:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2007/01/18 19:48:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/01/29 22:15:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2006/12/13 19:16:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/03/07 00:52:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/01/28 21:03:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/04/29 22:31:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/12/04 21:38:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/11/07 10:43:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/04/26 21:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data
[2006/05/13 13:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\acccore
[2008/12/03 11:19:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Adobe
[2008/11/25 10:10:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AdobeUM
[2006/05/11 19:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Aim
[2008/01/07 08:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AOL
[2009/02/06 23:09:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Apple Computer
[2004/11/29 00:44:25 | 00,000,000 | R--D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Brother
[2004/11/20 19:10:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\CyberLink
[2006/12/23 17:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Google
[2007/11/04 14:56:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\GTek
[2004/11/21 14:09:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Help
[2006/12/13 19:27:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\HP
[2009/03/31 16:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ICAClient
[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Identities
[2008/01/16 00:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Image Zone Express
[2004/11/11 04:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Jasc Software Inc
[2005/03/28 22:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Leadertech
[2006/12/22 14:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\LimeWire
[2008/12/05 09:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Logitech
[2007/03/20 16:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Macromedia
[2008/11/05 14:29:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Malwarebytes
[2008/08/04 00:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee
[2004/11/21 21:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee.com
[2008/12/13 21:45:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Microsoft
[2005/10/18 15:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\MSNInstaller
[2006/11/18 16:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Musicmatch
[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools
[2007/01/19 21:32:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PlayFirst
[2007/12/14 19:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Printer Info Cache
[2006/11/18 16:18:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Real
[2009/04/05 15:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ScanSoft
[2009/02/12 01:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Simply Super Software
[2006/12/13 20:39:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Snapfish
[2004/11/11 04:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sonic
[2004/11/11 04:25:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sun
[2009/02/12 01:43:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\SUPERAntiSpyware.com
[2009/01/23 22:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\U3
[2007/12/13 21:05:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Uniblue
[2007/01/23 15:01:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Viewpoint
[2009/04/25 11:02:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search
[2009/04/27 21:16:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search
[2005/11/13 12:46:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Yahoo!
[2004/12/22 19:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\You've Got Pictures Screensaver
[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >
  • 0

#5
CEEV
Posted 29 April 2009 - 09:10 PM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
OTListIt Extras logfile created on: 4/29/2009 10:47:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 164.30 Mb Available Physical Memory | 32.22% Memory free
1.22 Gb Paging File | 0.48 Gb Available in Paging File | 39.56% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 52.38 Gb Free Space | 73.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D1R74361
Current User Name: VanDerMark Family
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Localcai\Bin\wsdriver.exe (NCSLearn)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
C:\Program Files\Common Files\AOL\1103757878\EE\AOLServiceHost.exe:*:Enabled:AOL Services (America Online, Inc.)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger File not found
C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) File not found
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL (AOL LLC)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL (AOL LLC)
C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon (America Online, Inc)
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed (America Online Inc)
C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL (AOL LLC)
C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL (Gteko Ltd.)
C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0c\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\America Online 9.0d\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger File not found
C:\Program Files\Common Files\AOL\1103757878\ee\aolservicehost.exe:*:Enabled:AOL Services (America Online, Inc.)
C:\Program Files\Common Files\AOL\1103757878\EE\aolsoftware.exe:*:Enabled:AOL Services (AOL LLC)
C:\Program Files\Common Files\AOL\1103757878\EE\aim6.exe:*:Enabled:AIM (America Online, Inc.)
C:\Documents and Settings\Kirsten VanDerMark\My Documents\My Music\My Playlists\LimeWire\LimeWire.exe:*:Enabled:LimeWire File not found
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ()
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe ()
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe (Hewlett-Packard Co.)
C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) File not found
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed (AOL LLC)
C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1 (AOL, LLC.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Standard
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}" = iTunes
"{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 13
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{30C2FCD0-FF7B-4FFA-8DDE-43A22E01A1E7}" = Rhapsody Player Engine
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v5.0 ActiveX Control
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{3FCBB6AA-F54E-4839-A5C9-0E8817C964D3}" = SMeCourseware
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{61CF89F5-5175-4b3b-ABB8-C89821252D50}" = HP Photosmart Cameras 6.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{8704D51E-25B7-4F23-81E7-AA4F54790210}" = Microsoft Streets and Trips 2004
"{89C3F5BC-EA96-4C1B-A868-DF0AC504E03E}_is1" = Weight Watchers FLEX Plan Spreadsheet
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A639BD63-8CE6-11D5-B4CC-00105A07274A}" = REXplorer Component Upgrade
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A98AFBC7-D5A7-46A1-8795-EABE2F55A7D6}" = Microsoft Office Live Meeting 2007
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B5C209B1-8DDB-4642-A573-375B951514CB}" = Apple Mobile Device Support
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C5A5C573-FB6D-48d8-9F7F-08FC4AD4B488}" = CameraUserGuides
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Web Only
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F876A4EC-DD7A-4bf8-A169-E4FD6C60BA3F}" = CameraDrivers
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 5.0 Limited Edition" = Adobe Photoshop 5.0 Limited Edition
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AOL Deskbar" = AOL Deskbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"AolCoach2_en" = AOL Coach Version 2.0(Build:20041026.5 en)
"a-squared Free_is1" = a-squared Free 4.0
"a-squared HiJackFree_is1" = a-squared HiJackFree 3.1
"avast!" = avast! Antivirus
"BellsouthHelpCenter4_is1" = BellSouth® FastAccess® DSL Help Center 4.0
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"FaceDub" = FaceDub
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"Malware Destroyer_is1" = Malware Destroyer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Memories Viewer 6" = Memories Viewer 6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PackMaster 2006" = PackMaster 2006
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"Port Magic" = Pure Networks Port Magic
"PROSet" = Intel® PRO Network Adapters and Drivers
"Registry Easy_is1" = Registry Easy v4.7
"Registry Mechanic_is1" = Registry Mechanic 8.0
"Revo Uninstaller" = Revo Uninstaller 1.80
"Rhapsody" = Rhapsody
"Shockwave" = Shockwave
"Spyware Doctor" = Spyware Doctor 6.0
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"149ac67ef2b5bcb7" = WAH Assist
"37ed8834b576af58" = West At Home Gateway V2
"a72945872b58a728" = WAH Assistant
"Windows System Scanner" = Windows System Scanner

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 4/3/2009 5:09:54 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chestOpenListLoc Error 5.

Error - 4/3/2009 5:09:54 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: AddSystemFiles Error 5.

Error - 4/4/2009 8:59:54 AM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chestOpenListLoc Error 5.

Error - 4/4/2009 8:59:54 AM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: AddSystemFiles Error 5.

Error - 4/4/2009 10:49:49 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chestOpenListLoc Error 5.

Error - 4/4/2009 10:49:49 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: AddSystemFiles Error 5.

Error - 4/5/2009 9:49:43 AM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chestOpenListLoc Error 5.

Error - 4/5/2009 9:49:44 AM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: AddSystemFiles Error 5.

Error - 4/5/2009 11:12:40 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: chestOpenListLoc Error 5.

Error - 4/5/2009 11:12:40 PM | Computer Name = D1R74361 | Source = avast! | ID = 33554522
Description = Error in aswChestS: AddSystemFiles Error 5.

[ Application Events ]
Error - 4/28/2009 1:36:11 PM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 4/28/2009 1:36:13 PM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 4/28/2009 1:36:13 PM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

Error - 4/29/2009 8:44:05 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 4/29/2009 8:44:19 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 4/29/2009 8:44:19 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

Error - 4/29/2009 11:27:16 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 4/29/2009 11:27:37 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 4/29/2009 11:27:37 AM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

Error - 4/29/2009 4:40:17 PM | Computer Name = D1R74361 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog

[ System Events ]
Error - 4/29/2009 10:34:59 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 4/29/2009 10:35:42 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.

Error - 4/29/2009 10:35:42 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 4/29/2009 10:36:22 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.

Error - 4/29/2009 10:36:22 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 4/29/2009 10:37:02 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.

Error - 4/29/2009 10:37:02 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 4/29/2009 10:37:32 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.

Error - 4/29/2009 10:37:33 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 4/29/2009 10:41:43 PM | Computer Name = D1R74361 | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).


< End of report >
  • 0

#6
Jimmy2012
Posted 30 April 2009 - 12:41 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello CEEV,

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:

    • C:\WINDOWS\System32\ofatugil.ini
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.





Please click Start>Control Panel>Add or Remove Programs. And remove the following programs.(if present)
Viewpoint Manager
ViewpointMediaPlayer



  • Please open OTListIt2.exe
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :OTLI
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - Reg Error: Key error. File not found

:Files
C:\Program Files\Viewpoint

:Commands
[purity]
[emptytemp]
[reboot]
  • Return to OTListIt2, right click in the "Custom Scans/fixes" window (under the light blue bar) and choose Paste.
  • Click the Run Fix button.
  • Let the program run until it is finished, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.
~~~~~~~~~~~~~~
In your next reply please have these logs.
The VirScan log
And the OTListIt2 log
  • 0

#7
CEEV
Posted 30 April 2009 - 05:50 PM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thanks so much for your help.




VirSCAN.org Scanned Report :
Scanned time : 2009/04/30 18:47:35 (EDT)
Scanner results: 13% Scanner(5/38) found malware!
File Name : ofatugil.ini
File Size : 122 byte
File Type : data
MD5 : edba9cac432001b3dca2408760d78b66
SHA1 : 9b0bb0720d1b0a3a98ac11d2f0ab7e300998707e
Online report : http://virscan.org/r...ada74e2cc8.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.0.0.32 20090430161054 2009-04-30 3.41 -
AhnLab V3 2009.04.30.02 2009.04.30 2009-04-30 0.62 -
AntiVir 7.9.0.160 7.1.3.139 2009-04-30 2.02 -
Antiy 2.0.18 20090430.2323543 2009-04-30 0.12 -
Arcavir 2009 200904301024 2009-04-30 0.02 -
Authentium 5.1.1 200904300340 2009-04-30 1.10 -
AVAST! 3.0.1 090430-0 2009-04-30 0.92 -
AVG 7.5.52.442 270.12.11/2089 2009-04-30 2.02 -
BitDefender 7.81008.2855073 7.25107 2009-05-01 2.65 -
CA (VET) 9.0.0.143 31.6.6483 2009-04-30 5.48 Win32/Vundo!data trojan.
ClamAV 0.95 9307 2009-04-30 0.00 -
Comodo 3.8 1141 2009-04-29 0.64 Unclassified Malware
CP Secure 1.1.0.715 2009.04.30 2009-04-30 8.64 -
Dr.Web 4.44.0.9170 2009.04.30 2009-04-30 4.47 -
F-Prot 4.4.4.56 20090429 2009-04-29 1.10 -
F-Secure 5.51.6100 2009.04.30.07 2009-04-30 6.12 -
Fortinet 2.81-3.117 10.338 2009-04-30 0.16 -
GData 19.4949/19.315 20090430 2009-04-30 5.71 -
ViRobot 20090429 2009.04.29 2009-04-29 0.40 -
Ikarus T3.1.01.49 2009.04.30.72653 2009-04-30 2.75 -
JiangMin 11.0.706 2009.04.30 2009-04-30 1.72 -
Kaspersky 5.5.10 2009.04.30 2009-04-30 0.02 -
KingSoft 2009.2.5.15 2009.4.30.21 2009-04-30 0.70 -
McAfee 5.3.00 5601 2009-04-30 2.80 Vundo!grb
Microsoft 1.4602 2009.05.01 2009-05-01 4.83 -
mks_vir 2.01 2009.04.30 2009-04-30 2.74 -
Norman 6.00.06 6.00.00 2009-04-28 10.01 Vundo.FBW
Panda 9.05.01 2009.04.30 2009-04-30 2.23 -
Trend Micro 8.700-1004 6.102.03 2009-04-30 0.02 -
Quick Heal 10.00 2009.04.30 2009-04-30 1.08 -
Rising 20.0 21.27.31.00 2009-04-30 0.35 -
Sophos 2.86.0 4.41 2009-05-01 2.16 -
Sunbelt 5114 5114 2009-04-29 3.43 Virtumonde.Traces (v)
Symantec 1.3.0.24 20090430.018 2009-04-30 0.26 -
nProtect 20090430.01 3509144 2009-04-30 10.24 -
The Hacker 6.3.4.1 v00317 2009-04-30 1.04 -
VBA32 3.12.10.4 20090429.1234 2009-04-29 1.82 -
VirusBuster 4.5.11.10 10.105.11/1314916 2009-04-30 1.59 -
  • 0

#8
Jimmy2012
Posted 30 April 2009 - 09:53 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello CEEV,

Would you please finish the rest of my last reply and post the OTListIt log when ready. :)
  • 0

#9
CEEV
Posted 01 May 2009 - 05:06 AM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Hello CEEV,

Would you please finish the rest of my last reply and post the OTListIt log when ready. :)


Jimmy2012:

Thanks, I have been trying to run the OTListIL2.exe but I did copy and paste what you told me and did RUN FIX but it strated around after 11:00 PM last night and the before I went to bed it said processing, I just got up and was the same way the hour glass, so I did CRTL + ATL DEL and it said OTListIT2 Not responding. I just Tried again and the same thing. Let me keep trying. Thanks for your time.
  • 0

#10
CEEV
Posted 01 May 2009 - 11:20 AM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Jimmy:

I Did this previoulsy to do the OTLIstIT2:

Please click Start>Control Panel>Add or Remove Programs. And remove the following programs.(if present)
Viewpoint Manager
ViewpointMediaPlayer


I had reboot my pc and clean the cookies etc. and Tried to Do the Fix that you instructed me with OTListIT2.exe but once after I did the paste of the instructions and click Run Fix , it saids proceesing, but nothings happends.

When I do Crt + Alt + Del it shows OTListIT2 not responding . I had done this like 5 times.

Please advise?

Thanks
  • 0

Advertisements

#11
Jimmy2012
Posted 01 May 2009 - 05:13 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello CEEV,
Please see if this works.


  • Please open OTListIt2.exe
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :OTLI
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - Reg Error: Key error. File not found

:Files
C:\Program Files\Viewpoint
C:\WINDOWS\System32\ofatugil.ini
  • Return to OTListIt2, right click in the "Custom Scans/fixes" window (under the light blue bar) and choose Paste.
  • Click the Run Fix button.
  • Let the program run until it is finished, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.

  • 0

#12
CEEV
Posted 02 May 2009 - 06:28 AM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Jimmy2012:

Thanks, for the reply still have the same problem I had tried several times. Here is a screen view before I click RUN FIXbeforerunningfix.JPG
  • 0

#13
CEEV
Posted 02 May 2009 - 06:29 AM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Here is the view after I Clicked RUN FIX

afterrunningfix.JPG
  • 0

#14
CEEV
Posted 02 May 2009 - 07:50 AM

CEEV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
taskmanagererror.JPG
  • 0

#15
Jimmy2012
Posted 02 May 2009 - 03:00 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello CEEV,

Please try it this way.


  • Please open OTListIt2.exe
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :Files
C:\Program Files\Viewpoint
C:\WINDOWS\System32\ofatugil.ini

:Commands
[purity]
[emptytemp]
[reboot]
  • Return to OTListIt2, right click in the "Custom Scans/fixes" window (under the light blue bar) and choose Paste.
  • Click the Run Fix button.
  • Let the program run until it is finished, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP