Palladium
Started by
patfan4lif
, Jan 04 2011 11:44 AM
-
This topic is locked
#31
Posted 16 January 2011 - 08:28 AM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
#32
Posted 17 January 2011 - 02:59 PM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
try this
open notepad ( not a file )
click on file > open and select any .txt file and see if it opens from there.
try this
open notepad ( not a file )
click on file > open and select any .txt file and see if it opens from there.
#33
Posted 17 January 2011 - 03:54 PM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
yes they open from note pad
#34
Posted 20 January 2011 - 08:07 AM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
open My Computer then click on tools > folder options > file types and chose Notepad for .log and .txt files
also right click the .txt file > open with and click chose default program
make sure to select Notepad and the the always use the selected program is checked.
see if that solves this program.
open My Computer then click on tools > folder options > file types and chose Notepad for .log and .txt files
also right click the .txt file > open with and click chose default program
make sure to select Notepad and the the always use the selected program is checked.
see if that solves this program.
#35
Posted 20 January 2011 - 06:00 PM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
I can now open txt. files on my desktop
#36
Posted 21 January 2011 - 11:09 AM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
open OTL, click Run Fix, it will prompt you to select a fix file, select Fix.txt
then click Run Fix
open OTL again, click the Quick Scan button and post the log it produces
open OTL, click Run Fix, it will prompt you to select a fix file, select Fix.txt
then click Run Fix
open OTL again, click the Quick Scan button and post the log it produces
#37
Posted 21 January 2011 - 07:09 PM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
The best way to describe what happens is to show the screen. I try to run OTL as you instructed but this is what I get.
Attached Thumbnails
#38
Posted 22 January 2011 - 06:57 AM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
that is because you did NOT save fix.txt on desktop, you will of course get that error.
if you saved fix.txt in another location you should be at that location when opening it, or else move it to the desktop and proceed again.
that is because you did NOT save fix.txt on desktop, you will of course get that error.
if you saved fix.txt in another location you should be at that location when opening it, or else move it to the desktop and proceed again.
#39
Posted 22 January 2011 - 07:04 AM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
Sorry, I'm not as good at this as I thought.. That worked. Here is the log.
Error: Unable to interpret <[2009/06/27 18:46:59 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩> in the current context!
Error: Unable to interpret <[2009/06/27 18:46:59 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩> in the current context!
OTL by OldTimer - Version 3.2.20.1 log created on 01222011_080537
Error: Unable to interpret <[2009/06/27 18:46:59 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩> in the current context!
Error: Unable to interpret <[2009/06/27 18:46:59 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩> in the current context!
OTL by OldTimer - Version 3.2.20.1 log created on 01222011_080537
#41
Posted 22 January 2011 - 01:45 PM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
This is the new one.
========== OTL ==========
C:\WINDOWS\SYSTEM32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩 moved successfully.
File C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩 not found.
OTL by OldTimer - Version 3.2.20.1 log created on 01222011_144711
========== OTL ==========
C:\WINDOWS\SYSTEM32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩 moved successfully.
File C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩 not found.
OTL by OldTimer - Version 3.2.20.1 log created on 01222011_144711
#42
Posted 28 January 2011 - 01:00 PM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
really sorry for the long delay but my internet was down and was restored today.
how is your system running any problems?
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
really sorry for the long delay but my internet was down and was restored today.
how is your system running any problems?
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
#43
Posted 28 January 2011 - 04:50 PM
patfan4lif
- Topic Starter
-
- Member
-
- 78 posts
Member
Everything seems to be running normal. I always think it should be running faster. This is a family PC and gets a lot use.
Thanks
Bob
OTL logfile created on: 1/28/2011 5:28:38 PM - Run 7
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\joann.HOMER33.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 32.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 0.20 Gb Free Space | 0.28% Space Free | Partition Type: NTFS
Drive D: | 250.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: BRIAN | User Name: joann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/01/07 22:35:52 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
PRC - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2010/10/05 15:34:08 | 000,835,584 | ---- | M] () -- C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe
PRC - [2010/10/05 15:33:44 | 000,163,840 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Media Manager\Release\VZVideoAgent.exe
PRC - [2010/09/30 12:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/01 16:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2005/06/01 06:47:49 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
PRC - [2003/08/28 13:01:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
PRC - [2003/01/10 18:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/09/17 17:31:26 | 000,053,248 | ---- | M] (Fellowes, Inc.) -- C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
========== Modules (SafeList) ==========
MOD - [2011/01/04 17:38:44 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2002/09/17 17:28:16 | 000,090,112 | ---- | M] (Fellowes, Inc.) -- C:\Program Files\Fellowes\MediaFACE 4.0\MFHookManager.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/08/31 15:50:40 | 000,041,776 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2008/04/13 19:12:35 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\skeys.exe -- (SerialKeys)
SRV - [2007/03/20 07:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer)
SRV - [2004/07/01 15:45:46 | 000,421,888 | ---- | M] (Dell) [Disabled | Stopped] -- C:\WINDOWS\System32\dlbucoms.exe -- (dlbu_device)
SRV - [2003/08/28 13:01:22 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon)
SRV - [2003/01/10 18:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\WscNetDr.sys -- (WscNetDr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JOANNH~1.000\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -- (mfebopk)
DRV - [2010/09/07 11:27:20 | 000,036,352 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/09/29 00:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/12 09:07:42 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/12 09:06:53 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/12 09:06:53 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/12 09:06:53 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/12 09:06:52 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/12 09:06:16 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/12 09:03:54 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/12 09:03:53 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/12 09:03:53 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/12 09:00:09 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/12 08:56:47 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/12 08:56:06 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/12 08:55:49 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/12 08:55:49 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/12 08:55:47 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 13:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys -- (P17)
DRV - [2004/05/20 00:58:54 | 000,379,456 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.sys -- (PRISM_A02)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 09:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 09:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys -- (PfModNT)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 14:05:44 | 000,141,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Icam3.sys -- (ICAM3NT5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C AE 97 2E 82 41 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.m...en-US:official"
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\FF2
FF - HKLM\software\mozilla\Firefox\Extensions\\{57B77092-0906-48E7-B331-8DD09B5FA6BA}: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\{57B77092-0906-48E7-B331-8DD09B5FA6BA}
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/01/26 07:17:04 | 000,000,000 | ---D | M]
[2009/07/14 23:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Extensions
[2009/07/14 23:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Extensions\[email protected]
[2010/12/11 22:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions
[2008/04/03 08:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions\staged-xpis
[2010/12/11 22:19:45 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions\vshare@toolbar
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/07 11:55:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (Real Networks Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
O1 HOSTS File: ([2011/01/05 22:27:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Oryte Games 1.6 Toolbar) - {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20101031082050.dll (McAfee, Inc.)
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Oryte Games 1.6 Toolbar) - {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Search) - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1.6 Toolbar) - {3F5F5E47-34A5-408A-B646-D103852199F6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe (Fellowes, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Verizon Media Manager] C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_19.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe File not found
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: bankofamerica.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.243.0.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/11 08:32:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/28 10:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/01/27 16:29:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
[2011/01/27 16:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Corporation
[2011/01/27 14:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\New Folder
[2011/01/13 21:53:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\FrostWire
[2011/01/13 21:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\FrostWire
[2011/01/13 21:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2011/01/12 03:13:17 | 000,000,000 | ---D | C] -- C:\2db7e8b093f541e0cec778148865
[2011/01/08 20:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\chris and marlena slide
[2011/01/08 20:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\pics or calendar
[2011/01/08 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\chis childhood
[2011/01/06 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/01/06 15:23:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/01/05 22:02:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/01/05 22:02:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/01/05 22:02:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/01/05 22:02:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/01/05 22:02:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/01/04 22:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Talk
[2011/01/04 14:13:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/04 12:27:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
[2011/01/03 21:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Loaris
[2010/12/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/12/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Start Menu\Programs\HiJackThis
[2010/12/31 15:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Desktop\backups
[2010/12/31 10:08:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pKlBa06300
========== Files - Modified Within 30 Days ==========
[2011/01/28 17:41:03 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2774985004-2729123369-274862516-1009UA.job
[2011/01/28 17:22:06 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/28 10:55:43 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/01/28 10:55:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/28 10:55:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/01/28 04:41:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2774985004-2729123369-274862516-1009Core.job
[2011/01/27 16:29:34 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2011/01/26 17:04:13 | 000,175,410 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\steve tax return info.pdf
[2011/01/26 17:04:13 | 000,175,410 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\steve tax return info.pdf
[2011/01/22 15:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/21 20:00:37 | 000,477,658 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\2nd.docx
[2011/01/21 19:58:27 | 000,449,984 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\1st.docx
[2011/01/16 11:42:48 | 002,644,345 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Oldies - The Temptations - My Girl.mp3
[2011/01/15 01:00:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2011/01/14 20:55:10 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Shortcut to FrostWire.exe.lnk
[2011/01/14 15:09:35 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen3.bmp
[2011/01/14 12:44:22 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen2.bmp
[2011/01/13 21:42:34 | 000,002,376 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Google Chrome.lnk
[2011/01/13 21:42:34 | 000,002,354 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/13 20:27:56 | 000,056,005 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\166479_1667454498681_1606887197_1531142_3048336_n.jpg
[2011/01/13 16:38:33 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen.bmp
[2011/01/13 12:22:57 | 000,181,021 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\3360q2519.mp3
[2011/01/11 21:33:24 | 000,041,997 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Doc1.docx
[2011/01/09 18:09:58 | 000,209,984 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis2.jpg
[2011/01/09 18:07:14 | 000,077,996 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis1.jpg
[2011/01/09 18:05:43 | 000,104,602 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis.jpg
[2011/01/09 16:04:14 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/09 15:06:50 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/01/05 22:27:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/01/04 15:32:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
[2011/01/04 12:19:37 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/31 09:50:20 | 000,022,339 | ---- | M] () -- C:\WINDOWS\phoneh~5.CSV
[2010/12/31 09:47:37 | 000,022,188 | ---- | M] () -- C:\WINDOWS\phoneh~5.bak
========== Files Created - No Company Name ==========
[2011/01/27 16:29:34 | 000,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2011/01/27 10:04:49 | 000,175,410 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\steve tax return info.pdf
[2011/01/26 17:04:13 | 000,175,410 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\steve tax return info.pdf
[2011/01/21 20:00:36 | 000,477,658 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\2nd.docx
[2011/01/21 19:58:26 | 000,449,984 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\1st.docx
[2011/01/16 11:41:51 | 002,644,345 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Oldies - The Temptations - My Girl.mp3
[2011/01/14 20:55:10 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Shortcut to FrostWire.exe.lnk
[2011/01/14 15:09:34 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen3.bmp
[2011/01/14 12:44:17 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen2.bmp
[2011/01/13 20:28:06 | 000,056,005 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\166479_1667454498681_1606887197_1531142_3048336_n.jpg
[2011/01/13 16:38:33 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen.bmp
[2011/01/13 12:23:43 | 000,181,021 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\3360q2519.mp3
[2011/01/11 21:33:21 | 000,041,997 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Doc1.docx
[2011/01/09 17:57:31 | 000,209,984 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis2.jpg
[2011/01/09 17:57:31 | 000,104,602 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis.jpg
[2011/01/09 17:57:31 | 000,077,996 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis1.jpg
[2011/01/08 20:49:08 | 002,349,536 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\IMG_2975.JPG
[2011/01/08 20:35:30 | 000,066,313 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\73419_158828347490478_100000899410900_298116_4829677_n.jpg
[2011/01/08 20:35:16 | 000,083,119 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Melissa and lexi 2.jpg
[2011/01/08 20:32:11 | 000,093,926 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Warwick Mall.jpg
[2011/01/08 20:31:39 | 000,095,805 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Frank Shop.jpg
[2011/01/08 20:25:34 | 000,238,255 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Brians Boat.3g2
[2011/01/05 22:02:51 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/01/05 22:02:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/01/05 22:02:51 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/01/05 22:02:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/01/05 22:02:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/04 15:32:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/15 02:13:42 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/02 14:29:04 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 12:58:13 | 000,007,963 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/09 14:30:07 | 000,000,023 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007/07/12 08:20:16 | 009,437,238 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\ZBWallpaper.bmp
[2007/03/28 18:02:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/02/26 15:28:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/15 08:30:50 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\internaldb4418.dat
[2006/08/15 08:16:57 | 000,000,299 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\internaldb1942.dat
[2006/07/23 09:31:34 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbucoin.dll
[2006/07/23 09:31:34 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbusnls.dll
[2006/01/16 17:30:55 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/12/04 20:39:31 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/08/09 17:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 17:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/09 17:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/31 13:02:25 | 000,020,857 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/02/19 20:26:39 | 000,000,725 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2004/11/24 17:29:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2004/11/22 15:16:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/22 15:14:53 | 000,002,824 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/11/22 15:11:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/11/22 15:03:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/22 14:59:07 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/11/22 14:58:57 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2004/11/22 14:58:57 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/11/22 14:58:52 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/11/22 14:34:44 | 000,000,459 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/12 09:03:56 | 001,287,168 | ---- | C] () -- C:\WINDOWS\System32\quartz(3).dll
[2004/08/12 08:58:07 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelppm.sys
[2004/08/10 14:13:12 | 000,000,831 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/06 13:23:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbucur.dll
[2004/08/06 13:22:12 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\dlbujswr.dll
[2004/08/06 13:07:24 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbucu.dll
[2004/08/06 13:01:42 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\dlbuutil.dll
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/10/08 09:09:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbuvs.dll
[2002/09/17 16:02:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2002/09/17 16:01:38 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2002/09/17 16:00:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2002/09/17 16:00:28 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2001/10/24 18:08:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ArmAccess.dll
[1980/01/01 01:00:00 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[1980/01/01 01:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== LOP Check ==========
[2010/12/10 12:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare
[2010/08/28 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Business Management Systems
[2010/03/15 17:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CBL-Electronics
[2010/02/14 19:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/02/10 17:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2005/09/20 18:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/05/31 11:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2008/11/29 00:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\great coal love default
[2005/08/02 17:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/02/10 16:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/12/31 16:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pKlBa06300
[2010/04/18 09:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2008/03/01 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2010/10/23 09:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/03 16:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/28 18:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{24202FD0-3651-4C5E-8793-E1C3251724EF}
[2010/10/07 06:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/17 20:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/12/10 12:13:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A471C4AE-B27B-4761-9BCF-82FAAAAA2D01}
[2007/01/13 12:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Aim
[2008/02/18 12:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Ares Ultra
[2010/03/15 17:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\CBL-Electronics
[2010/04/22 16:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/09/29 17:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\CVS
[2010/02/10 16:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\DriverCure
[2010/06/30 20:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\ElevatedDiagnostics
[2008/11/29 00:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\error kind find
[2010/04/13 16:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Facebook
[2011/01/28 08:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\FrostWire
[2007/06/02 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\GetRightToGo
[2011/01/09 17:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Image Zone Express
[2007/04/03 18:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\InterTrust
[2007/05/23 07:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Jasc
[2005/09/06 13:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Leadertech
[2010/12/26 11:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\MixVibes
[2009/10/01 09:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\mjusbsp
[2006/07/23 09:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\MSNInstaller
[2010/02/05 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Musicmatch
[2010/02/11 19:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\PerfectTablePlan
[2010/07/02 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Printer Info Cache
[2008/03/01 17:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\TaxCut
[2011/01/15 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\uTorrent
[2010/12/11 22:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\vShare
[2010/07/22 05:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Ydxa
[2010/07/22 15:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Zail
[2010/06/16 11:17:01 | 000,001,134 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
[2011/01/15 01:00:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/07/24 15:44:04 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404390E0
< End of report >
Thanks
Bob
OTL logfile created on: 1/28/2011 5:28:38 PM - Run 7
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\joann.HOMER33.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 32.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 0.20 Gb Free Space | 0.28% Space Free | Partition Type: NTFS
Drive D: | 250.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: BRIAN | User Name: joann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/01/07 22:35:52 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
PRC - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2010/10/05 15:34:08 | 000,835,584 | ---- | M] () -- C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe
PRC - [2010/10/05 15:33:44 | 000,163,840 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Media Manager\Release\VZVideoAgent.exe
PRC - [2010/09/30 12:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/01 16:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2005/06/01 06:47:49 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
PRC - [2003/08/28 13:01:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
PRC - [2003/01/10 18:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/09/17 17:31:26 | 000,053,248 | ---- | M] (Fellowes, Inc.) -- C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
========== Modules (SafeList) ==========
MOD - [2011/01/04 17:38:44 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2002/09/17 17:28:16 | 000,090,112 | ---- | M] (Fellowes, Inc.) -- C:\Program Files\Fellowes\MediaFACE 4.0\MFHookManager.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/08/31 15:50:40 | 000,041,776 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2008/04/13 19:12:35 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\skeys.exe -- (SerialKeys)
SRV - [2007/03/20 07:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer)
SRV - [2004/07/01 15:45:46 | 000,421,888 | ---- | M] (Dell) [Disabled | Stopped] -- C:\WINDOWS\System32\dlbucoms.exe -- (dlbu_device)
SRV - [2003/08/28 13:01:22 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon)
SRV - [2003/01/10 18:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\WscNetDr.sys -- (WscNetDr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JOANNH~1.000\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -- (mfebopk)
DRV - [2010/09/07 11:27:20 | 000,036,352 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/09/29 00:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/12 09:07:42 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/12 09:06:53 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/12 09:06:53 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/12 09:06:53 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/12 09:06:52 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/12 09:06:16 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/12 09:03:54 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/12 09:03:53 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/12 09:03:53 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/12 09:00:09 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/12 08:56:47 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/12 08:56:06 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/12 08:55:49 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/12 08:55:49 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/12 08:55:47 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/06/09 13:16:00 | 000,840,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys -- (P17)
DRV - [2004/05/20 00:58:54 | 000,379,456 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.sys -- (PRISM_A02)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/09/22 09:48:00 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 09:47:00 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:00 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys -- (PfModNT)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 14:05:44 | 000,141,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Icam3.sys -- (ICAM3NT5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C AE 97 2E 82 41 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.m...en-US:official"
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\FF2
FF - HKLM\software\mozilla\Firefox\Extensions\\{57B77092-0906-48E7-B331-8DD09B5FA6BA}: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\{57B77092-0906-48E7-B331-8DD09B5FA6BA}
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/01/26 07:17:04 | 000,000,000 | ---D | M]
[2009/07/14 23:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Extensions
[2009/07/14 23:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Extensions\[email protected]
[2010/12/11 22:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions
[2008/04/03 08:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions\staged-xpis
[2010/12/11 22:19:45 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Mozilla\Firefox\Profiles\sfaf1yba.default\extensions\vshare@toolbar
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/07 11:55:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (Real Networks Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/04/07 11:55:32 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
O1 HOSTS File: ([2011/01/05 22:27:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Oryte Games 1.6 Toolbar) - {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20101031082050.dll (McAfee, Inc.)
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Oryte Games 1.6 Toolbar) - {3f5f5e47-34a5-408a-b646-d103852199f6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Search) - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1.6 Toolbar) - {3F5F5E47-34A5-408A-B646-D103852199F6} - C:\Program Files\Oryte_Games_1.6\tbOry2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe (Fellowes, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Verizon Media Manager] C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_19.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe File not found
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: bankofamerica.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.243.0.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/11 08:32:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/28 10:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/01/27 16:29:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
[2011/01/27 16:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Corporation
[2011/01/27 14:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\New Folder
[2011/01/13 21:53:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\FrostWire
[2011/01/13 21:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\FrostWire
[2011/01/13 21:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2011/01/12 03:13:17 | 000,000,000 | ---D | C] -- C:\2db7e8b093f541e0cec778148865
[2011/01/08 20:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\chris and marlena slide
[2011/01/08 20:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\pics or calendar
[2011/01/08 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\My Documents\chis childhood
[2011/01/06 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/01/06 15:23:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/01/05 22:02:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/01/05 22:02:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/01/05 22:02:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/01/05 22:02:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/01/05 22:02:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/01/04 22:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Talk
[2011/01/04 14:13:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/04 12:27:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
[2011/01/03 21:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Loaris
[2010/12/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/12/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Start Menu\Programs\HiJackThis
[2010/12/31 15:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\joann.HOMER33.000\Desktop\backups
[2010/12/31 10:08:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pKlBa06300
========== Files - Modified Within 30 Days ==========
[2011/01/28 17:41:03 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2774985004-2729123369-274862516-1009UA.job
[2011/01/28 17:22:06 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/28 10:55:43 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/01/28 10:55:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/28 10:55:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/01/28 04:41:01 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2774985004-2729123369-274862516-1009Core.job
[2011/01/27 16:29:34 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2011/01/26 17:04:13 | 000,175,410 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\steve tax return info.pdf
[2011/01/26 17:04:13 | 000,175,410 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\steve tax return info.pdf
[2011/01/22 15:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/21 20:00:37 | 000,477,658 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\2nd.docx
[2011/01/21 19:58:27 | 000,449,984 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\1st.docx
[2011/01/16 11:42:48 | 002,644,345 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Oldies - The Temptations - My Girl.mp3
[2011/01/15 01:00:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2011/01/14 20:55:10 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Shortcut to FrostWire.exe.lnk
[2011/01/14 15:09:35 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen3.bmp
[2011/01/14 12:44:22 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen2.bmp
[2011/01/13 21:42:34 | 000,002,376 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Google Chrome.lnk
[2011/01/13 21:42:34 | 000,002,354 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/13 20:27:56 | 000,056,005 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\166479_1667454498681_1606887197_1531142_3048336_n.jpg
[2011/01/13 16:38:33 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen.bmp
[2011/01/13 12:22:57 | 000,181,021 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\3360q2519.mp3
[2011/01/11 21:33:24 | 000,041,997 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Doc1.docx
[2011/01/09 18:09:58 | 000,209,984 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis2.jpg
[2011/01/09 18:07:14 | 000,077,996 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis1.jpg
[2011/01/09 18:05:43 | 000,104,602 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis.jpg
[2011/01/09 16:04:14 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/09 15:06:50 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/01/05 22:27:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/01/04 15:32:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/04 12:27:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\joann.HOMER33.000\Desktop\OTL.exe
[2011/01/04 12:19:37 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/31 09:50:20 | 000,022,339 | ---- | M] () -- C:\WINDOWS\phoneh~5.CSV
[2010/12/31 09:47:37 | 000,022,188 | ---- | M] () -- C:\WINDOWS\phoneh~5.bak
========== Files Created - No Company Name ==========
[2011/01/27 16:29:34 | 000,000,949 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2011/01/27 10:04:49 | 000,175,410 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\steve tax return info.pdf
[2011/01/26 17:04:13 | 000,175,410 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\steve tax return info.pdf
[2011/01/21 20:00:36 | 000,477,658 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\2nd.docx
[2011/01/21 19:58:26 | 000,449,984 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\1st.docx
[2011/01/16 11:41:51 | 002,644,345 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Oldies - The Temptations - My Girl.mp3
[2011/01/14 20:55:10 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Shortcut to FrostWire.exe.lnk
[2011/01/14 15:09:34 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen3.bmp
[2011/01/14 12:44:17 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen2.bmp
[2011/01/13 20:28:06 | 000,056,005 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\166479_1667454498681_1606887197_1531142_3048336_n.jpg
[2011/01/13 16:38:33 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\screen.bmp
[2011/01/13 12:23:43 | 000,181,021 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\3360q2519.mp3
[2011/01/11 21:33:21 | 000,041,997 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Doc1.docx
[2011/01/09 17:57:31 | 000,209,984 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis2.jpg
[2011/01/09 17:57:31 | 000,104,602 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis.jpg
[2011/01/09 17:57:31 | 000,077,996 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Desktop\Alexis1.jpg
[2011/01/08 20:49:08 | 002,349,536 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\IMG_2975.JPG
[2011/01/08 20:35:30 | 000,066,313 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\73419_158828347490478_100000899410900_298116_4829677_n.jpg
[2011/01/08 20:35:16 | 000,083,119 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Melissa and lexi 2.jpg
[2011/01/08 20:32:11 | 000,093,926 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Warwick Mall.jpg
[2011/01/08 20:31:39 | 000,095,805 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Frank Shop.jpg
[2011/01/08 20:25:34 | 000,238,255 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\My Documents\Brians Boat.3g2
[2011/01/05 22:02:51 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/01/05 22:02:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/01/05 22:02:51 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/01/05 22:02:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/01/05 22:02:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/04 15:32:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/15 02:13:42 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/02 14:29:04 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/06 12:58:13 | 000,007,963 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/09 14:30:07 | 000,000,023 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007/07/12 08:20:16 | 009,437,238 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\ZBWallpaper.bmp
[2007/03/28 18:02:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/02/26 15:28:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/15 08:30:50 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\internaldb4418.dat
[2006/08/15 08:16:57 | 000,000,299 | ---- | C] () -- C:\Documents and Settings\joann.HOMER33.000\Application Data\internaldb1942.dat
[2006/07/23 09:31:34 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbucoin.dll
[2006/07/23 09:31:34 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbusnls.dll
[2006/01/16 17:30:55 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/12/04 20:39:31 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/08/09 17:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 17:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/09 17:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/31 13:02:25 | 000,020,857 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/02/19 20:26:39 | 000,000,725 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2004/11/24 17:29:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2004/11/22 15:16:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/22 15:14:53 | 000,002,824 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/11/22 15:11:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/11/22 15:03:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/22 14:59:07 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/11/22 14:58:57 | 000,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2004/11/22 14:58:57 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/11/22 14:58:52 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/11/22 14:34:44 | 000,000,459 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/12 09:03:56 | 001,287,168 | ---- | C] () -- C:\WINDOWS\System32\quartz(3).dll
[2004/08/12 08:58:07 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelppm.sys
[2004/08/10 14:13:12 | 000,000,831 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/06 13:23:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbucur.dll
[2004/08/06 13:22:12 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\dlbujswr.dll
[2004/08/06 13:07:24 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbucu.dll
[2004/08/06 13:01:42 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\dlbuutil.dll
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/10/08 09:09:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbuvs.dll
[2002/09/17 16:02:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2002/09/17 16:01:38 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2002/09/17 16:00:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2002/09/17 16:00:28 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2001/10/24 18:08:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ArmAccess.dll
[1980/01/01 01:00:00 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[1980/01/01 01:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== LOP Check ==========
[2010/12/10 12:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare
[2010/08/28 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Business Management Systems
[2010/03/15 17:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CBL-Electronics
[2010/02/14 19:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/02/10 17:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2005/09/20 18:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/05/31 11:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2008/11/29 00:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\great coal love default
[2005/08/02 17:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/02/10 16:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/12/31 16:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pKlBa06300
[2010/04/18 09:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2008/03/01 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2010/10/23 09:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/03 16:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/28 18:54:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{24202FD0-3651-4C5E-8793-E1C3251724EF}
[2010/10/07 06:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/17 20:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/12/10 12:13:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A471C4AE-B27B-4761-9BCF-82FAAAAA2D01}
[2007/01/13 12:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Aim
[2008/02/18 12:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Ares Ultra
[2010/03/15 17:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\CBL-Electronics
[2010/04/22 16:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/09/29 17:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\CVS
[2010/02/10 16:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\DriverCure
[2010/06/30 20:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\ElevatedDiagnostics
[2008/11/29 00:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\error kind find
[2010/04/13 16:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Facebook
[2011/01/28 08:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\FrostWire
[2007/06/02 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\GetRightToGo
[2011/01/09 17:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Image Zone Express
[2007/04/03 18:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\InterTrust
[2007/05/23 07:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Jasc
[2005/09/06 13:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Leadertech
[2010/12/26 11:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\MixVibes
[2009/10/01 09:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\mjusbsp
[2006/07/23 09:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\MSNInstaller
[2010/02/05 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Musicmatch
[2010/02/11 19:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\PerfectTablePlan
[2010/07/02 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Printer Info Cache
[2008/03/01 17:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\TaxCut
[2011/01/15 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\uTorrent
[2010/12/11 22:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\vShare
[2010/07/22 05:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Ydxa
[2010/07/22 15:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\joann.HOMER33.000\Application Data\Zail
[2010/06/16 11:17:01 | 000,001,134 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
[2011/01/15 01:00:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/07/24 15:44:04 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:404390E0
< End of report >
#44
Posted 29 January 2011 - 03:08 PM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
hi
Congratulations your logs appear clean
Reset and Re-enable your System Restore
The following will implement some cleanup procedures as well as reset System Restore points:
NEXT
Recommendations
See Here for a list of recommendations for free Antivirus\AntiSpyware applications.
Thank you
Congratulations your logs appear clean
Reset and Re-enable your System Restore
The following will implement some cleanup procedures as well as reset System Restore points:
- Click START then RUN
- Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
NEXT
- Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
- Click on the CleanUp button.
- Click Yes to begin the cleanup process and remove tools, including this application
- You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes
Recommendations
See Here for a list of recommendations for free Antivirus\AntiSpyware applications.
- Keep Your windows up to date by regularly checking their website at:
http://windowsupdate.microsoft.com/
- SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
- SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
- Make Internet Explorer more secure
- Click Start > Run
- Type Inetcpl.cpl & click OK
- Click on the Security tab
- Click Reset all zones to default level
- Make sure the Internet Zone is selected & Click Custom level
- In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
- Next Click OK, then Apply button and then OK to exit the Internet Properties page.
- MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
- Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
Here
If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
- NoScript - for blocking ads and other potential website attacks
- McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
- Click Here to learn how to keep a backup of your important files
- FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
Thank you
#45
Posted 01 February 2011 - 10:54 AM
ali.B
-
- Malware Removal
-
- 3,086 posts
Trusted Helper
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. 
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
