Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM Error


  • Please log in to reply
21 replies to this topic

#1 bryan007

bryan007

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 31 August 2010 - 10:18 PM

I had the Advanced Security 2010 Virus and I think that I have cleard it out using the procedures on this site. However, now I am receiving the following message when trying to update MB
MBAM_Error_Updating (12007,0,WinHttpSendRequest)

Here is the link to my previous post http://www.bleepingcomputer.com/forums/ind...p;#entry1912911

I will post the DD logs but when I tried to run Gemr I got a blue screen came up which said "Windows has been shut down to prevent damage to the computer" Tenchincal info ***stop 0x0000008E (0xc0000005, 0x80570376, 0xAD92FB08, 0x00000000 and then it said it was dumping physical memory to disc.

The logs are attached

Thank you for your help!
DDS log

DDS (Ver_10-03-17.01) - NTFSx86
Run by Jean Bledsoe at 17:08:49.43 on Tue 08/31/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.466 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Citrix\GoToMyPC\g2svc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Citrix\GoToMyPC\g2comm.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Citrix\GoToMyPC\g2pre.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Citrix\GoToMyPC\g2tray.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\Jean Bledsoe\My Documents\RCA Detective\RCADetective.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Temporary Internet Files\Content.IE5\OJMD2S0H\Defogger[1].exe
C:\Documents and Settings\Jean Bledsoe\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.msn.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:6522
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 7\SnagItBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {06647158-359E-4D10-A8DE-E6145DA90BE9} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No File
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - No File
TB: {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Easy Dock] c:\documents and settings\jean bledsoe\my documents\rca easyrip\EZDock.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [GoToMyPC] "c:\program files\citrix\gotomypc\g2svc.exe" -logon
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [D-Link AirPlus Xtreme G] c:\program files\d-link\airplus xtreme g\AirPlusCFG.exe
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [ANIWZCSService] c:\program files\alpha networks\aniwzcs service\WZCSLDR.exe
mRun: [ADUserMon] c:\program files\iomega\autodisk\ADUserMon.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [pdfFactory Pro Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Easy Dock]
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\jeanbl~1\startm~1\programs\startup\forget~1.lnk - c:\cacard\FMREMIND.EXE
StartupFolder: c:\documents and settings\jean bledsoe\start menu\programs\startup\PowerReg Scheduler V3.exe
StartupFolder: c:\docume~1\jeanbl~1\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\jean bledsoe\my documents\rca detective\RCADetective.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\d-link~1.lnk - c:\program files\d-link airplus\AirPlus.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: bleepingcomputer.com\download
Trusted Zone: malwarebytes.org\www
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab?1270927430701
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221580099875
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37993.0288657407
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://baclearning.webex.com/client/T27L/training/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jeanbl~1\applic~1\mozilla\firefox\profiles\q1zqts91.default\
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\jean bledsoe\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2004-1-6 17792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-8-29 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-8-29 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-8-29 243024]
R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;c:\windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [2010-6-5 3584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-8-29 308136]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2003-10-22 547744]
R3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [2006-4-8 227200]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-8-29 431432]

=============== Created Last 30 ================

2010-09-01 00:06:09 0 ----a-w- c:\documents and settings\jean bledsoe\defogger_reenable
2010-08-31 23:54:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-31 23:54:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-31 23:54:26 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-30 00:04:54 0 d-----w- c:\docume~1\jeanbl~1\applic~1\ePASS
2010-08-29 18:25:41 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-29 18:25:37 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-29 18:25:26 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-29 18:25:09 0 d-----w- c:\windows\system32\drivers\Avg
2010-08-29 18:25:07 0 d-----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2010-08-29 18:20:24 0 d-----w- c:\program files\AVG
2010-08-29 18:19:54 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2010-08-28 23:26:58 0 d-----w- c:\docume~1\jeanbl~1\applic~1\SUPERAntiSpyware.com
2010-08-28 22:46:43 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-08-28 22:46:32 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-24 13:30:18 0 d--h--w- c:\windows\PIF
2010-08-07 21:44:27 0 d-----w- c:\program files\iPod
2010-08-07 21:43:50 0 d-----w- c:\program files\iTunes
2010-08-07 21:43:50 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-08-07 21:31:34 0 d-----w- c:\program files\Bonjour

==================== Find3M ====================

2010-08-24 13:24:23 52480 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-08-09 04:03:38 104156 -c--a-w- c:\windows\hpoins04.dat
2010-07-17 12:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-03 02:41:44 3600384 ----a-w- c:\windows\system32\GPhotos.scr

============= FINISH: 17:09:55.71 ===============


Attach.txt -- DDS

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/22/2009 3:45:35 PM
System Uptime: 8/31/2010 4:44:17 PM (1 hours ago)

Motherboard: Dell Computer Corp. | | 0C2425
Processor: Intel® Pentium® 4 CPU 2.40GHz | Microprocessor | 2392/533mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 39.493 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP446: 6/3/2010 11:25:53 AM - System Checkpoint
RP447: 6/4/2010 3:00:21 AM - Software Distribution Service 3.0
RP448: 6/5/2010 3:25:53 AM - System Checkpoint
RP449: 6/6/2010 3:00:21 AM - Software Distribution Service 3.0
RP450: 6/7/2010 3:22:03 AM - System Checkpoint
RP451: 6/8/2010 4:22:02 AM - System Checkpoint
RP452: 6/9/2010 4:25:30 AM - System Checkpoint
RP453: 6/10/2010 5:29:58 AM - System Checkpoint
RP454: 6/11/2010 3:01:18 AM - Software Distribution Service 3.0
RP455: 6/12/2010 3:54:02 AM - System Checkpoint
RP456: 6/13/2010 3:58:31 AM - System Checkpoint
RP457: 6/14/2010 4:58:32 AM - System Checkpoint
RP458: 6/15/2010 5:58:32 AM - System Checkpoint
RP459: 6/16/2010 6:56:28 AM - System Checkpoint
RP460: 6/17/2010 7:56:27 AM - System Checkpoint
RP461: 6/18/2010 8:56:27 AM - System Checkpoint
RP462: 6/19/2010 1:04:57 PM - System Checkpoint
RP463: 6/20/2010 1:56:28 PM - System Checkpoint
RP464: 6/21/2010 2:41:39 PM - System Checkpoint
RP465: 6/22/2010 2:56:27 PM - System Checkpoint
RP466: 6/23/2010 3:00:20 AM - Software Distribution Service 3.0
RP467: 6/29/2010 8:42:05 PM - System Checkpoint
RP468: 6/30/2010 10:04:34 PM - System Checkpoint
RP469: 7/1/2010 10:19:19 PM - System Checkpoint
RP470: 7/2/2010 10:43:18 PM - System Checkpoint
RP471: 7/3/2010 11:43:19 PM - System Checkpoint
RP472: 7/5/2010 12:44:24 AM - System Checkpoint
RP473: 7/6/2010 1:43:20 AM - System Checkpoint
RP474: 7/7/2010 2:43:20 AM - System Checkpoint
RP475: 7/8/2010 3:43:19 AM - System Checkpoint
RP476: 7/9/2010 4:43:19 AM - System Checkpoint
RP477: 7/10/2010 5:43:20 AM - System Checkpoint
RP478: 7/11/2010 6:43:19 AM - System Checkpoint
RP479: 7/12/2010 7:43:20 AM - System Checkpoint
RP480: 7/13/2010 8:43:20 AM - System Checkpoint
RP481: 7/14/2010 4:20:44 PM - System Checkpoint
RP482: 7/15/2010 3:00:30 AM - Software Distribution Service 3.0
RP483: 7/16/2010 3:43:20 AM - System Checkpoint
RP484: 7/17/2010 4:43:28 AM - System Checkpoint
RP485: 7/18/2010 5:43:23 AM - System Checkpoint
RP486: 7/19/2010 6:43:27 AM - System Checkpoint
RP487: 7/20/2010 8:33:16 AM - System Checkpoint
RP488: 7/21/2010 8:43:24 AM - System Checkpoint
RP489: 7/22/2010 9:43:23 AM - System Checkpoint
RP490: 7/23/2010 9:57:58 AM - System Checkpoint
RP491: 7/24/2010 10:51:51 AM - System Checkpoint
RP492: 7/28/2010 11:54:41 PM - System Checkpoint
RP493: 7/30/2010 12:11:20 AM - System Checkpoint
RP494: 7/31/2010 1:23:49 AM - System Checkpoint
RP495: 8/1/2010 2:26:37 PM - System Checkpoint
RP496: 8/2/2010 3:11:22 PM - System Checkpoint
RP497: 8/3/2010 4:11:19 PM - System Checkpoint
RP498: 8/4/2010 5:42:20 PM - System Checkpoint
RP499: 8/5/2010 6:10:51 PM - System Checkpoint
RP500: 8/6/2010 7:10:50 PM - System Checkpoint
RP501: 8/8/2010 9:35:50 PM - System Checkpoint
RP502: 8/9/2010 10:24:05 PM - System Checkpoint
RP503: 8/10/2010 11:13:03 PM - System Checkpoint
RP504: 8/12/2010 12:25:33 AM - System Checkpoint
RP505: 8/13/2010 1:22:34 AM - System Checkpoint
RP506: 8/14/2010 2:13:03 AM - System Checkpoint
RP507: 8/15/2010 2:58:33 AM - System Checkpoint
RP508: 8/16/2010 3:49:34 AM - System Checkpoint
RP509: 8/17/2010 5:37:19 AM - System Checkpoint
RP510: 8/18/2010 6:39:45 AM - System Checkpoint
RP511: 8/19/2010 3:32:02 PM - System Checkpoint
RP512: 8/20/2010 4:08:23 PM - System Checkpoint
RP513: 8/21/2010 4:56:23 PM - System Checkpoint
RP514: 8/22/2010 5:03:27 PM - System Checkpoint
RP515: 8/22/2010 5:42:25 PM - Removed Encompass360
RP516: 8/22/2010 5:44:29 PM - Installed Encompass360
RP517: 8/22/2010 5:49:09 PM - Printer Driver Encompass eFolder 2.0 Installed
RP518: 8/28/2010 12:03:58 PM - Software Distribution Service 3.0
RP519: 8/29/2010 3:00:34 AM - Software Distribution Service 3.0
RP520: 8/29/2010 8:26:53 AM - Installed Java™ 6 Update 21
RP521: 8/29/2010 9:08:52 AM - Removed Trend Micro Internet Security
RP522: 8/29/2010 11:19:53 AM - Installed AVG Free 9.0
RP523: 8/30/2010 11:30:49 AM - System Checkpoint
RP524: 8/31/2010 12:30:48 PM - System Checkpoint

==== Installed Programs ======================

23_24_2500Tour
2400
2400_2500Help
2400_2500trb
Acrobat.com
Active Disk
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
AiO_Scan
AiOSoftware
AirPlus Xtreme G
AncestryView
ANIO Service
ANIWZCS Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
ArcSoft VideoImpression 1.6
Ask Toolbar
AVG Free 9.0
Banctec Service Agreement
BCM V.92 56K Modem
BlackBerry USB Drivers
Bonjour
Bookworm Adventures
Broadcom Management Programs
BufferChm
Business Contact Manager for Outlook 2003
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
CIF USB Camera (2110A)
Classic PhoneTools
Compatibility Pack for the 2007 Office system
Copy
Corel Paint Shop Pro Photo X2
Creative Memories StoryBook Creator 2.0
CreativeProjects
CreativeProjectsTemplates
Crystal Reports for .NET Framework 2.0 (x86)
CueTour
D-Link AirPlus
Defraggler (remove only)
Dell Digital Jukebox Driver
Dell Media Experience
Dell Networking Guide
Dell Solution Center
Dell Support Center (Support Software)
DellSupport
Destinations
Director
DocProc
DocumentViewer
DS21Patch
EarthLink MDAC
Easy Family Tree
Encompass360
Encompass360 NetBranch Installation Manager
EZface ActiveX 207
Facebook Plug-In
Family Tree Maker 2005
Fax
Finale NotePad 2008
GdiplusUpgrade
Google Earth
Google SketchUp 6
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 4.0.0.320
GoToMyPC
Help and Support Customization
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Update
hpmdtab
HPODiscovery
HPSystemDiagnostics
InstantShare
Intel® Extreme Graphics Driver
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2
Java Auto Updater
Java™ 6 Update 21
Java™ 6 Update 3
Le Louvre, Collections & Palace
LeapFrog Connect
LeapFrog Crammer Plugin
Learn2 Player (Uninstall Only)
Logitech QuickCam
Logitech QuickCam Driver Package
Malwarebytes' Anti-Malware
Memories Disc Creator 2.0
Micrografx Instant 3D 1.2
Micrografx PhotoMagic 6
Micrografx Windows Draw 6
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft IntelliPoint 6.2
Microsoft IntelliType Pro 6.1
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office Live Meeting 2007
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft WSE 3.0 Runtime
Microsoft XML Parser
Modem Helper
Mozilla Firefox (3.6.8)
MSN Toolbar
MSSoap
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Museum Collection 2.0
Network Stumbler 0.4.0 (remove only)
OneTouch Software
OSI Express
overland
Pdf995
PdfEdit995
pdfFactory Pro
Philips Digital Audio Player
Picasa 3
PrintScreen
ProductContext
QFolder
QuickProjects
QuickTime
Readme
RealPlayer Basic
Recuva (remove only)
RegistryFix v8.0
ReverseVision
Road Runner Install
SA21xx Device Manager
Scan
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sibelius Scorch (ActiveX Only)
Signature995
SkinsHP1
SkinsHP2
Skype™ 4.0
SnagIt 7
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spelling Dictionaries Support For Adobe Reader 9
Stamps.com
Stamps.com Application Support for Microsoft Word 2000, 2002, 2003
Stamps.com support for Microsoft Word 2000-2007
SUPERAntiSpyware
SuperNotecard 2.9
The Louvre, virtual visit
The Weather Channel Desktop 6
TrayApp
Ultimate Family Tree
UnInstall Le Louvre, the Antiquities
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Crammer Plugin)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WebEx
WebFldrs XP
WebReg
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

8/30/2010 1:12:16 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 000F3DAC4CB1. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
8/29/2010 9:00:00 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: %%2147942402
8/29/2010 8:00:00 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: %%2147942402
8/29/2010 7:00:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: %%2147942402
8/29/2010 6:53:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX d8a4fef9-85c1-448f-a6f9-2570fb195020 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
8/29/2010 6:00:00 AM, error: Schedule [7901] - The At7.job command failed to start due to the following error: %%2147942402
8/29/2010 5:00:00 AM, error: Schedule [7901] - The At6.job command failed to start due to the following error: %%2147942402
8/29/2010 4:00:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: %%2147942402
8/29/2010 4:00:00 AM, error: Schedule [7901] - The At5.job command failed to start due to the following error: %%2147942402
8/29/2010 3:00:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: %%2147942402
8/29/2010 3:00:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: %%2147942402
8/29/2010 2:00:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: %%2147942402
8/29/2010 2:00:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: %%2147942402
8/29/2010 12:41:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402
8/29/2010 10:00:00 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: %%2147942402
8/29/2010 1:00:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: %%2147942402
8/29/2010 1:00:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402
8/28/2010 9:51:19 PM, error: Print [19] - Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer4.
8/28/2010 9:00:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: %%2147942402
8/28/2010 8:00:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402
8/28/2010 7:00:00 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402
8/28/2010 6:00:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402
8/28/2010 5:00:00 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: %%2147942402
8/28/2010 12:02:34 PM, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s).
8/28/2010 12:02:34 PM, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
8/28/2010 12:00:00 PM, error: Schedule [7901] - The At13.job command failed to start due to the following error: %%2147942402
8/28/2010 11:00:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402
8/28/2010 11:00:00 AM, error: Schedule [7901] - The At12.job command failed to start due to the following error: %%2147942402
8/28/2010 10:45:25 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/28/2010 10:30:59 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/28/2010 10:19:12 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
8/28/2010 10:18:52 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
8/28/2010 10:12:07 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: d8a4fef9-85c1-448f-a6f9-2570fb195020 Fips intelppm tmtdi
8/28/2010 10:00:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402
8/28/2010 1:13:20 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ppa
8/24/2010 6:29:20 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/24/2010 6:26:29 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD d8a4fef9-85c1-448f-a6f9-2570fb195020 Fips intelppm IPSec MRxSmb NetBIOS NetBT ppa RasAcd Rdbss Tcpip tmtdi
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:26:29 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/24/2010 6:25:23 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
8/24/2010 6:05:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
8/24/2010 5:50:54 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD d8a4fef9-85c1-448f-a6f9-2570fb195020 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip tmtdi
8/24/2010 5:47:44 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
8/24/2010 5:47:44 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

Edited by Maurice Naggar, 05 September 2010 - 08:04 AM.


BC AdBot (Login to Remove)

 


#2 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 05 September 2010 - 08:07 AM

Hello Bryan007,

As you go along in doing any steps I guide you to, do NOT run them twice. If an issue comes up, especially a STOP exception, then halt and post back details to this thread.
You will want to print out or copy these instructions to Notepad for offline reference!
If you are a casual viewer, do NOT try this on your system!
If you are not Bryan007 and have a similar problem, do NOT post here; start your own topic


Do not run or start any other programs while these utilities and tools are in use!
Do NOT run any other tools on your own or do any fixes other than what is listed here.
If you have questions, please ask before you do something on your own.
But it is important that you get going on these following steps.
=
Close any of your open programs while you run these tools.

Step 1
Disable the options "Automatically detect settings" and "Use automatic configuration script."
To do this:
1. Open Internet Explorer.
2. Click "Tools," and then click "Internet Options."
3. Click "Connections," and then click "LAN Settings."
4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.
5. Apply changes & OK

Step 2
1. Go >> Here << and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
2. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
3. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
4. Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
5. Make sure that at least the first two check boxes are ticked
6. Press OK
7. Press YES to create the folder.

Step 3
Set Windows to show all files and all folders.
On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.
Next, un-check Hide extensions for known file types.
Next un-check Hide protected operating system files.

Step 4
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.
    Link 2
    Link 3
    Link 4
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
  • If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

Step 5
Download OTL by OldTimer and SAVE to your desktop: http://oldtimer.geekstogo.com/OTL.exe
  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    *****************************************************************
    :processes
    killallprocesses

    :files
    C:\WINDOWS\Tasks\At*.job
    recycler /alldrives

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on the red-lettered button Run Fix.
  • Once you see a message box "Fix complete! Click OK to open the fix log."
    Click the OK button
  • The log will open in Notepad (your default text editor).
  • Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Step 6
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.


  • If an infected file is detected, the default action will be Cure, click on Continue.


  • If a suspicious file is detected, the default action will be Skip, click on Continue.


  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Step 7
Please close any of your open windows/programs and exit; saving any open work you have.
I'd like to have you do a special run of OTL to generate some searches & a new log-report.
  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    themeui.dll
    beep.sys
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of just OTL.txt

Step 8
Then copy/paste the following into your post (in order):
  • the contents of OTL MovedFiles log
  • the contents of TDSSKILLER log
  • the contents of OTL.txt log
Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.
Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.


~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#3 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 05 September 2010 - 07:19 PM

[quote name='Maurice Naggar' date='Sep 5 2010, 08:07 AM' post='1918910']
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

I have AVG 9.0 Free and the only option is to disable Resident Shield. However, Anti Spyware and Anti Virus are still active with no option to disable. What should I do? Thank you

#4 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 06 September 2010 - 03:46 PM

If you have disabled the AVG Resident, then proceed forward and do the next step(s). Forward & onward.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#5 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 06 September 2010 - 06:08 PM

Thank you for your help!

I couldn't download Rkill so brought loaded it from another computer. It was being blocked but even when I added it to my list of sites allowed it was blocked.

All processes killed
Error: Unable to interpret <processes> in the current context!
Error: Unable to interpret <killallprocesses> in the current context!
========== FILES ==========
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At10.job moved successfully.
C:\WINDOWS\Tasks\At11.job moved successfully.
C:\WINDOWS\Tasks\At12.job moved successfully.
C:\WINDOWS\Tasks\At13.job moved successfully.
C:\WINDOWS\Tasks\At14.job moved successfully.
C:\WINDOWS\Tasks\At15.job moved successfully.
C:\WINDOWS\Tasks\At16.job moved successfully.
C:\WINDOWS\Tasks\At17.job moved successfully.
C:\WINDOWS\Tasks\At18.job moved successfully.
C:\WINDOWS\Tasks\At19.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At20.job moved successfully.
C:\WINDOWS\Tasks\At21.job moved successfully.
C:\WINDOWS\Tasks\At22.job moved successfully.
C:\WINDOWS\Tasks\At23.job moved successfully.
C:\WINDOWS\Tasks\At24.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
C:\WINDOWS\Tasks\At5.job moved successfully.
C:\WINDOWS\Tasks\At6.job moved successfully.
C:\WINDOWS\Tasks\At7.job moved successfully.
C:\WINDOWS\Tasks\At8.job moved successfully.
C:\WINDOWS\Tasks\At9.job moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-501 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-500\Dc2\Languages folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-500\Dc2 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-500\Dc1\Languages folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-500\Dc1 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-500 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1014 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1013 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\14\04\03 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\14\04 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\14 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\13\07\14 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\13\07 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\12\05\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\12\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\12 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\10\06\03 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\10\06 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\10 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\13\07 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\02\14 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\02 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\00\03 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09\00 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\09 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\15\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\15 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\10\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\10 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\08\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\08\09 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07\08 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\07 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05\15\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05\15\02 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05\15 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05\14\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05\14 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\04\06\01 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\04\06 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\04 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\03\13\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\03\13 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\03 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\15\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\15 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\10\02 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\10 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\08\09 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\08 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\05\06 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02\05 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\02 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\01\04\09 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\01\04\06 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\01\04 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23\01 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011\Dc23 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1011 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1009\Dc9 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1009\Dc3 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1009\Dc2 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1009\Dc11 folder moved successfully.
C:\RECYCLER\S-1-5-21-3035954805-2500745280-4051346545-1009 folder moved successfully.
C:\RECYCLER\S-1-5-18 folder moved successfully.
C:\RECYCLER folder moved successfully.
recycler not found in D:\
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 6291504 bytes
->FireFox cache emptied: 3921221 bytes
->Flash cache emptied: 405 bytes

User: All Users

User: Bob
->Temp folder emptied: 292941 bytes
->Flash cache emptied: 1021 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Guest
->Temp folder emptied: 16471 bytes
->Java cache emptied: 1950193 bytes
->FireFox cache emptied: 52691559 bytes
->Flash cache emptied: 10244 bytes

User: Jean Bledsoe
->Temp folder emptied: 268799686 bytes
->Java cache emptied: 94324 bytes
->FireFox cache emptied: 36817293 bytes
->Google Chrome cache emptied: 39769033 bytes
->Flash cache emptied: 46598 bytes

User: LocalService
->Temp folder emptied: 66016 bytes

User: NetworkService
->Temp folder emptied: 0 bytes

User: Owner

User: Shan
->Temp folder emptied: 294462 bytes
->Java cache emptied: 62684 bytes
->FireFox cache emptied: 15305243 bytes
->Flash cache emptied: 2021 bytes

User: The Boys'
->Temp folder emptied: 924197 bytes
->Java cache emptied: 16623951 bytes
->FireFox cache emptied: 28600262 bytes
->Flash cache emptied: 954468 bytes

User: YTB

%systemdrive% .tmp files removed: 1 bytes
%systemroot% .tmp files removed: 2234278 bytes
%systemroot%\System32 .tmp files removed: 3033865 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 57704214 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 77512994 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33726 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 586.00 mb

Restore point Set: OTL Restore Point (0)

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Bob
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Jean Bledsoe
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Owner

User: Shan
->Flash cache emptied: 0 bytes

User: The Boys'
->Flash cache emptied: 0 bytes

User: YTB

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 09062010_145829

Files\Folders moved on Reboot...
C:\Documents and Settings\Jean Bledsoe\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_548.dat not found!

Registry entries deleted on Reboot...



2010/09/06 15:18:18.0093 TDSS rootkit removing tool 2.4.2.0 Sep 3 2010 10:26:06
2010/09/06 15:18:18.0093 ================================================================================
2010/09/06 15:18:18.0093 SystemInfo:
2010/09/06 15:18:18.0093
2010/09/06 15:18:18.0093 OS Version: 5.1.2600 ServicePack: 3.0
2010/09/06 15:18:18.0093 Product type: Workstation
2010/09/06 15:18:18.0093 ComputerName: FAMILY
2010/09/06 15:18:18.0093 UserName: Jean Bledsoe
2010/09/06 15:18:18.0093 Windows directory: C:\WINDOWS
2010/09/06 15:18:18.0093 System windows directory: C:\WINDOWS
2010/09/06 15:18:18.0093 Processor architecture: Intel x86
2010/09/06 15:18:18.0093 Number of processors: 1
2010/09/06 15:18:18.0093 Page size: 0x1000
2010/09/06 15:18:18.0093 Boot type: Normal boot
2010/09/06 15:18:18.0093 ================================================================================
2010/09/06 15:18:18.0515 Initialize success
2010/09/06 15:18:23.0546 ================================================================================
2010/09/06 15:18:23.0546 Scan started
2010/09/06 15:18:23.0546 Mode: Manual;
2010/09/06 15:18:23.0546 ================================================================================
2010/09/06 15:18:26.0703 A3AB (21af8e9c727c6d7643ad497268f55bf1) C:\WINDOWS\system32\DRIVERS\A3AB.sys
2010/09/06 15:18:27.0359 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
2010/09/06 15:18:27.0531 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/06 15:18:27.0625 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/06 15:18:27.0812 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
2010/09/06 15:18:27.0953 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
2010/09/06 15:18:28.0156 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/09/06 15:18:28.0375 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/09/06 15:18:28.0484 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
2010/09/06 15:18:28.0734 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
2010/09/06 15:18:28.0906 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
2010/09/06 15:18:29.0109 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
2010/09/06 15:18:29.0234 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
2010/09/06 15:18:29.0593 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
2010/09/06 15:18:29.0875 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
2010/09/06 15:18:30.0062 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
2010/09/06 15:18:30.0328 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
2010/09/06 15:18:30.0515 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
2010/09/06 15:18:30.0640 ANIO (4a5c7eaefa4c43d139c402c6da5bfd2c) C:\WINDOWS\system32\ANIO.SYS
2010/09/06 15:18:30.0953 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
2010/09/06 15:18:31.0234 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
2010/09/06 15:18:31.0437 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
2010/09/06 15:18:31.0625 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2010/09/06 15:18:31.0890 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/06 15:18:32.0281 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/06 15:18:32.0718 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/06 15:18:32.0921 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/06 15:18:33.0156 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
2010/09/06 15:18:33.0500 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2010/09/06 15:18:33.0765 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys
2010/09/06 15:18:34.0000 bcm4sbxp (068523d2cd260069b19ad68adea0d739) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2010/09/06 15:18:34.0437 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys
2010/09/06 15:18:35.0812 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/06 15:18:36.0421 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
2010/09/06 15:18:36.0625 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/06 15:18:36.0859 CCCP106 (77696f95fd093735eff58e0461af5ec5) C:\WINDOWS\system32\DRIVERS\cccp106.sys
2010/09/06 15:18:37.0187 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/09/06 15:18:37.0406 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
2010/09/06 15:18:37.0593 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/06 15:18:37.0703 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/06 15:18:37.0890 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/06 15:18:37.0984 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2010/09/06 15:18:38.0406 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
2010/09/06 15:18:38.0734 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
2010/09/06 15:18:38.0828 d8a4fef9-85c1-448f-a6f9-2570fb195020 (7f109ab3e0251d73dcb56130bab7826e) C:\WINDOWS\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys
2010/09/06 15:18:38.0953 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
2010/09/06 15:18:39.0140 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
2010/09/06 15:18:39.0328 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/06 15:18:39.0531 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/06 15:18:39.0750 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/09/06 15:18:40.0093 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/06 15:18:40.0234 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/06 15:18:40.0328 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
2010/09/06 15:18:40.0687 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/06 15:18:40.0875 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
2010/09/06 15:18:41.0125 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
2010/09/06 15:18:41.0390 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/09/06 15:18:41.0750 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2010/09/06 15:18:41.0968 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
2010/09/06 15:18:42.0109 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/06 15:18:42.0359 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/09/06 15:18:42.0437 FilterService (f83c0fd028dd37be4a337b138eba6b7b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2010/09/06 15:18:42.0781 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/06 15:18:43.0125 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/09/06 15:18:43.0484 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/09/06 15:18:43.0640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/06 15:18:43.0703 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/06 15:18:43.0781 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/09/06 15:18:43.0890 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/06 15:18:44.0015 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/06 15:18:44.0203 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
2010/09/06 15:18:44.0406 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/09/06 15:18:44.0656 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/09/06 15:18:44.0875 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/09/06 15:18:45.0312 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/06 15:18:45.0718 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/09/06 15:18:46.0015 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
2010/09/06 15:18:46.0281 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/06 15:18:46.0640 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2010/09/06 15:18:47.0031 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2010/09/06 15:18:47.0359 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2010/09/06 15:18:47.0687 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2010/09/06 15:18:47.0906 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2010/09/06 15:18:48.0250 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2010/09/06 15:18:48.0562 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2010/09/06 15:18:48.0890 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2010/09/06 15:18:49.0375 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2010/09/06 15:18:49.0718 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2010/09/06 15:18:49.0890 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/09/06 15:18:50.0515 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/06 15:18:50.0796 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
2010/09/06 15:18:51.0187 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
2010/09/06 15:18:51.0640 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/09/06 15:18:52.0125 iomdisk (9d7069d72c0c72952f05e1688a5ae89d) C:\WINDOWS\system32\DRIVERS\iomdisk.sys
2010/09/06 15:18:52.0531 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/09/06 15:18:52.0718 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/06 15:18:52.0937 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/06 15:18:53.0125 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/06 15:18:53.0484 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/06 15:18:53.0687 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/06 15:18:53.0890 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/06 15:18:54.0078 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/06 15:18:54.0375 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/09/06 15:18:54.0515 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/06 15:18:54.0718 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/06 15:18:55.0390 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
2010/09/06 15:18:55.0593 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2010/09/06 15:18:55.0796 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2010/09/06 15:18:56.0062 LVUVC (5c20c4be679842cbee729b0cff5928bd) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2010/09/06 15:18:56.0734 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/06 15:18:57.0062 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/06 15:18:57.0343 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/09/06 15:18:57.0625 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/06 15:18:57.0812 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/06 15:18:58.0171 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/06 15:18:58.0390 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
2010/09/06 15:18:58.0593 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/06 15:18:59.0109 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/06 15:18:59.0765 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/06 15:19:00.0000 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/06 15:19:00.0109 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/06 15:19:00.0421 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/06 15:19:00.0609 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/06 15:19:00.0843 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/09/06 15:19:01.0046 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/06 15:19:01.0359 MxlW2k (e91fc8b52d21e38317dc61a3c7ccfa4b) C:\WINDOWS\system32\drivers\MxlW2k.sys
2010/09/06 15:19:01.0468 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/09/06 15:19:01.0828 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/06 15:19:02.0015 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/09/06 15:19:02.0203 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/06 15:19:02.0453 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/06 15:19:02.0718 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/06 15:19:03.0000 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/06 15:19:03.0109 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/06 15:19:03.0359 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/06 15:19:03.0765 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/06 15:19:03.0890 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS
2010/09/06 15:19:04.0265 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/06 15:19:04.0921 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/06 15:19:05.0390 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/06 15:19:05.0906 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/06 15:19:06.0328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/06 15:19:06.0656 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
2010/09/06 15:19:06.0765 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2010/09/06 15:19:07.0296 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/06 15:19:07.0453 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/06 15:19:07.0640 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/06 15:19:07.0781 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/06 15:19:07.0937 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/09/06 15:19:08.0062 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/06 15:19:08.0828 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
2010/09/06 15:19:09.0000 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
2010/09/06 15:19:09.0468 Point32 (b4f59a953ef9e507f0d00c3a68580b8b) C:\WINDOWS\system32\DRIVERS\point32.sys
2010/09/06 15:19:09.0734 ppa (411923a60e1fc2b136c77e6d50fc69bd) C:\WINDOWS\system32\DRIVERS\ppa.sys
2010/09/06 15:19:10.0000 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/06 15:19:10.0359 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/09/06 15:19:10.0984 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/06 15:19:11.0375 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/06 15:19:11.0687 PxHelp20 (7e1eacdecba39e0b2a35306426f0decc) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2010/09/06 15:19:11.0984 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
2010/09/06 15:19:12.0093 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
2010/09/06 15:19:12.0296 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
2010/09/06 15:19:12.0593 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
2010/09/06 15:19:12.0765 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
2010/09/06 15:19:12.0984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/06 15:19:13.0203 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/06 15:19:13.0406 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/06 15:19:13.0656 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/06 15:19:13.0906 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/06 15:19:14.0015 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/06 15:19:14.0109 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/06 15:19:14.0296 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/06 15:19:14.0531 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/06 15:19:14.0843 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
2010/09/06 15:19:15.0031 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2010/09/06 15:19:15.0500 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2010/09/06 15:19:15.0703 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/09/06 15:19:15.0765 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/09/06 15:19:16.0203 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/06 15:19:16.0562 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/06 15:19:16.0921 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/06 15:19:17.0312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/09/06 15:19:17.0609 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
2010/09/06 15:19:17.0875 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/09/06 15:19:18.0078 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
2010/09/06 15:19:18.0296 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
2010/09/06 15:19:18.0531 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/06 15:19:18.0828 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/06 15:19:18.0953 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/06 15:19:19.0187 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2010/09/06 15:19:19.0390 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
2010/09/06 15:19:19.0781 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/09/06 15:19:20.0109 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/06 15:19:20.0359 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/06 15:19:20.0468 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
2010/09/06 15:19:20.0640 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
2010/09/06 15:19:20.0734 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
2010/09/06 15:19:20.0953 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
2010/09/06 15:19:21.0109 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/06 15:19:21.0515 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/06 15:19:21.0718 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/06 15:19:21.0984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/06 15:19:22.0093 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/06 15:19:22.0531 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
2010/09/06 15:19:22.0718 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
2010/09/06 15:19:23.0000 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
2010/09/06 15:19:23.0359 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
2010/09/06 15:19:23.0609 tfsnifs (9b40e1e4aeed849812a2e43a388a7e77) C:\WINDOWS\system32\dla\tfsnifs.sys
2010/09/06 15:19:23.0906 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
2010/09/06 15:19:24.0250 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
2010/09/06 15:19:24.0640 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
2010/09/06 15:19:25.0062 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
2010/09/06 15:19:25.0406 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
2010/09/06 15:19:25.0656 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/06 15:19:26.0046 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
2010/09/06 15:19:26.0390 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/06 15:19:26.0968 USBAAPL (026f7f224f088ee11e383bca448fff81) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/09/06 15:19:27.0296 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/09/06 15:19:27.0609 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/06 15:19:27.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/06 15:19:28.0046 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/06 15:19:28.0390 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/06 15:19:28.0718 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/09/06 15:19:28.0953 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/06 15:19:29.0296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/09/06 15:19:29.0640 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2010/09/06 15:19:30.0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/09/06 15:19:30.0437 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
2010/09/06 15:19:30.0734 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
2010/09/06 15:19:30.0968 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/06 15:19:31.0359 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/06 15:19:32.0093 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/06 15:19:32.0500 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2010/09/06 15:19:32.0734 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/09/06 15:19:32.0953 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/09/06 15:19:33.0062 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/09/06 15:19:33.0250 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
2010/09/06 15:19:33.0546 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
2010/09/06 15:19:33.0593 ================================================================================
2010/09/06 15:19:33.0593 Scan finished
2010/09/06 15:19:33.0593 ================================================================================
2010/09/06 15:19:43.0937 Deinitialize success



OTL logfile created on: 9/6/2010 3:25:47 PM - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Jean Bledsoe\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 38.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 38.62 Gb Free Space | 51.86% Space Free | Partition Type: NTFS
Drive D: | 5.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FAMILY
Current User Name: Jean Bledsoe
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/06 14:51:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Bledsoe\Desktop\OTL.exe
PRC - [2010/08/29 11:24:11 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/08/29 11:24:11 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/08/29 11:24:08 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/08/29 11:24:04 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/08/29 11:23:41 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/08/29 11:23:01 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/25 11:17:04 | 000,910,848 | ---- | M] (Audiovox Electronics Corp.) -- C:\Documents and Settings\Jean Bledsoe\My Documents\RCA Detective\RCADetective.exe
PRC - [2009/11/10 11:14:38 | 000,443,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/10/08 13:13:52 | 000,818,288 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/21 18:34:22 | 000,016,712 | R--- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2009/01/21 18:34:16 | 000,532,808 | R--- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2008/12/30 10:39:43 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 17:12:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ntvdm.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/13 13:06:58 | 002,196,240 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/02/13 13:02:46 | 000,564,496 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/02/13 13:02:24 | 000,405,776 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/08/31 12:58:52 | 000,357,800 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/06/20 12:09:16 | 000,905,512 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2tray.exe
PRC - [2007/06/20 12:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe
PRC - [2007/06/20 12:09:12 | 000,251,176 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2pre.exe
PRC - [2007/06/20 12:09:06 | 000,592,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2comm.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/03/09 12:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/21 18:08:58 | 000,813,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
PRC - [2006/03/02 18:49:14 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2006/02/15 10:06:32 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2003/11/04 18:00:16 | 002,502,656 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
PRC - [2003/08/21 17:12:02 | 000,032,768 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
PRC - [2002/09/24 17:39:48 | 000,151,552 | ---- | M] (Iomega Corporation) -- C:\Program Files\Iomega\AutoDisk\ADService.exe
PRC - [2002/09/24 17:39:24 | 000,147,456 | ---- | M] (Iomega Corporation) -- C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
PRC - [2002/09/04 15:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) -- C:\Program Files\Iomega\System32\AppServices.exe


========== Modules (SafeList) ==========

MOD - [2010/09/06 14:51:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Bledsoe\Desktop\OTL.exe
MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx
MOD - [2008/02/05 18:20:30 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Iomega Activity Disk2)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/29 11:23:01 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/30 14:22:46 | 000,431,432 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/02/05 18:22:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/06/20 12:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/03/02 18:49:14 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/12/17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM)
SRV - [2002/09/24 17:39:48 | 000,151,552 | ---- | M] (Iomega Corporation) [Auto | Running] -- C:\Program Files\Iomega\AutoDisk\ADService.exe -- (_IOMEGA_ACTIVE_DISK_SERVICE_)
SRV - [2002/09/04 15:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) [Auto | Running] -- C:\Program Files\Iomega\System32\AppServices.exe -- (Iomega App Services)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - [2010/08/29 11:25:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/29 11:25:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/29 11:25:26 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/06/05 11:51:39 | 000,003,584 | ---- | M] (Systems Internals) [Kernel | System | Running] -- C:\WINDOWS\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys -- (d8a4fef9-85c1-448f-a6f9-2570fb195020)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/05 19:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/05 19:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvuvc.sys -- (LVUVC) QuickCam Pro for Notebooks(UVC)
DRV - [2008/02/05 19:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/05 18:20:08 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 18:18:12 | 000,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lvckap.sys -- (LVcKap)
DRV - [2007/05/23 05:15:00 | 000,547,744 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/02/15 10:06:47 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2004/11/22 20:37:31 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/10/07 18:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 03:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 03:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 03:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 03:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 03:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 03:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 03:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 03:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 03:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 03:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 03:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 03:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 03:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 03:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 03:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 22:29:54 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 22:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/23 19:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\nsndis5.sys -- (NSNDIS5)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2003/08/06 00:04:00 | 000,100,373 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2003/08/06 00:04:00 | 000,098,068 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2003/08/06 00:04:00 | 000,083,284 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2003/08/06 00:04:00 | 000,034,837 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2003/08/06 00:04:00 | 000,025,685 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2003/08/06 00:04:00 | 000,014,229 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2003/08/06 00:04:00 | 000,006,357 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2003/08/06 00:04:00 | 000,004,117 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2003/08/06 00:04:00 | 000,002,233 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2003/07/31 02:21:00 | 000,084,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2003/07/14 10:28:40 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2003/07/14 10:28:22 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2003/06/20 01:56:00 | 000,040,448 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2003/05/23 11:58:30 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/05/05 19:25:48 | 000,028,205 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\ANIO.sys -- (ANIO)
DRV - [2003/04/09 11:17:14 | 000,227,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cccp106.sys -- (CCCP106) CIF USB Camera (2110A)
DRV - [2002/11/08 12:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/09/04 15:11:08 | 000,030,258 | ---- | M] (Iomega Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\iomdisk.sys -- (iomdisk)
DRV - [2001/08/17 12:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 11:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: avg@igeared:4.906.030.002
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/29 11:22:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/08/29 11:25:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/28 10:11:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/29 08:22:58 | 000,000,000 | ---D | M]

[2009/07/31 05:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Mozilla\Extensions
[2010/09/03 20:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Mozilla\Firefox\Profiles\q1zqts91.default\extensions
[2009/09/06 11:56:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jean Bledsoe\Application Data\Mozilla\Firefox\Profiles\q1zqts91.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/29 12:32:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/27 17:23:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/29 08:27:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/09/06 14:58:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {06647158-359E-4D10-A8DE-E6145DA90BE9} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe (Iomega Corporation)
O4 - HKLM..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe (D-Link)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [GoToMyPC] C:\Program Files\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v3] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [Easy Dock] C:\Documents and Settings\Jean Bledsoe\My Documents\RCA easyRip\EZDock.exe (Audiovox Electronics Corp.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\D-Link AirPlus.lnk = C:\Program Files\D-Link AirPlus\AIRPLUS.EXE (D-Link)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\Forget Me Not Reminders.lnk = C:\CACARD\FMREMIND.EXE (Micrografx, Inc.)
O4 - Startup: C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O4 - Startup: C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\RCA Detective.lnk = C:\Documents and Settings\Jean Bledsoe\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: bleepingcomputer.com ([download] http in Trusted sites)
O15 - HKCU\..Trusted Domains: malwarebytes.org ([www] http in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplugin/win...b?1270927430701 (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1221580099875 (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/bingame/chnz/default/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...7993.0288657407 (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/...tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://baclearning.webex.com/client/T27L/t...ing/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\GoToMyPC: DllName - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 () - http://www.mccallpattern.com/cat/40000/itm_img/M4325.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/05 14:33:18 | 000,000,655 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2005/04/14 21:04:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/04/14 21:01:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.CAM -- [ NTFS ]
O33 - MountPoints2\{bdf8859b-eaa7-11de-b1c9-000bdbd3096d}\Shell - "" = AutoRun
O33 - MountPoints2\{bdf8859b-eaa7-11de-b1c9-000bdbd3096d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bdf8859b-eaa7-11de-b1c9-000bdbd3096d}\Shell\AutoRun\command - "" = G:\autorun.EXE -- File not found
O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: Easy Dock - hkey= - key= - File not found
MsConfig - StartUpReg: Sonic RecordNow! - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: klmdb.sys - Driver
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: klmdb.sys - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\SYSTEM32\Adobe
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5CA109D3-A084-47E8-A9CB-D497322E3F50} - MSN Toolbar 3.0 & Silverlight 2.0
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\SYSTEM32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{5344b500-1be4-4299-bae1-6bc7524b710b} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/06 15:00:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/06 14:58:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/06 14:51:05 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jean Bledsoe\Desktop\OTL.exe
[2010/09/05 17:01:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/05 17:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/04 17:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Desktop\Coeur d' Alene Chorus
[2010/09/04 16:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\My Documents\Household Remodels & Maintanence
[2010/09/01 12:15:56 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/08/31 17:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\WinZip
[2010/08/31 17:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/08/31 17:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/08/31 16:54:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/31 16:54:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/31 16:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/29 17:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Application Data\ePASS
[2010/08/29 12:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\AVG Security Toolbar
[2010/08/29 11:25:41 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/29 11:25:37 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/29 11:25:26 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/29 11:25:23 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/29 11:25:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/08/29 11:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/08/29 11:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/08/29 11:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/08/29 08:27:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/29 08:27:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/29 08:27:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/29 08:24:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jean Bledsoe\Recent
[2010/08/28 16:26:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Application Data\SUPERAntiSpyware.com
[2010/08/28 15:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/08/28 15:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/24 06:30:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/08/22 20:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\gehdqpatf

========== Files - Modified Within 30 Days ==========

[2010/09/06 15:14:45 | 001,188,006 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\tdsskiller.zip
[2010/09/06 15:04:57 | 000,001,192 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/09/06 15:04:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/06 15:04:43 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\80fa7c6c.job
[2010/09/06 15:04:43 | 000,000,288 | -H-- | M] () -- C:\WINDOWS\tasks\49e574d3.job
[2010/09/06 15:04:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/06 15:04:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/09/06 15:04:21 | 1340,149,760 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/06 15:03:33 | 008,388,608 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\NTUSER.DAT
[2010/09/06 15:01:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/09/06 14:58:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2010/09/06 14:55:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/06 14:51:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean Bledsoe\Desktop\OTL.exe
[2010/09/06 08:06:56 | 064,355,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/05 17:01:20 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/09/05 17:01:16 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\NTREGOPT.lnk
[2010/09/05 17:01:16 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\ERUNT.lnk
[2010/09/04 17:19:55 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\Word 2003.lnk
[2010/09/04 16:33:29 | 000,000,347 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\Verizon Wireless - Edit List.url
[2010/09/02 17:57:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/01 18:17:16 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\DFRG.job
[2010/08/31 18:04:45 | 1340,178,432 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/08/31 17:36:48 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\gmer.zip
[2010/08/31 17:32:55 | 000,008,351 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\DDS2.zip
[2010/08/31 17:31:46 | 000,006,121 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\DDS1.zip
[2010/08/31 17:06:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\defogger_reenable
[2010/08/31 16:54:31 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/31 16:43:50 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Jean Bledsoe\NTUSER.INI
[2010/08/31 04:59:49 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\dds.scr
[2010/08/29 11:25:44 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/29 11:25:44 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/29 11:25:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/29 11:25:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/29 11:25:26 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/29 11:25:23 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/29 08:22:09 | 000,000,229 | -HS- | M] () -- C:\boot.ini
[2010/08/29 08:22:08 | 000,001,154 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2010/08/29 08:22:08 | 000,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2010/08/29 03:16:47 | 000,407,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/29 03:10:09 | 000,532,268 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/29 03:10:09 | 000,462,626 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/08/29 03:10:09 | 000,080,130 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/08/28 15:46:35 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/23 07:32:28 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\rkill.com
[2010/08/08 21:15:12 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\My Documents\Family Tree Maker.doc
[2010/08/08 21:03:38 | 000,104,156 | ---- | M] () -- C:\WINDOWS\hpoins04.dat

========== Files Created - No Company Name ==========

[2010/09/06 15:14:41 | 001,188,006 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\tdsskiller.zip
[2010/09/06 14:48:37 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\rkill.com
[2010/09/05 17:01:20 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/09/05 17:01:16 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\NTREGOPT.lnk
[2010/09/05 17:01:16 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\ERUNT.lnk
[2010/08/31 17:36:48 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\gmer.zip
[2010/08/31 17:32:55 | 000,008,351 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\DDS2.zip
[2010/08/31 17:31:36 | 000,006,121 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\DDS1.zip
[2010/08/31 17:06:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\defogger_reenable
[2010/08/31 16:54:31 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/31 04:59:49 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Desktop\dds.scr
[2010/08/29 19:07:44 | 1340,149,760 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/29 11:25:44 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/29 11:25:23 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/29 11:25:10 | 064,355,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/28 15:46:35 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/08 21:15:12 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\My Documents\Family Tree Maker.doc
[2009/12/30 15:59:31 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini
[2009/10/25 10:46:42 | 000,000,033 | ---- | C] () -- C:\WINDOWS\EasyRip.ini
[2009/10/11 10:57:30 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/05 17:17:23 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/03/05 17:17:23 | 000,000,168 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E003D5B563.sys
[2008/02/05 18:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/01/30 13:22:04 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/02 12:36:02 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2007/11/29 19:29:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2007/07/12 09:43:07 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\photoshow_express_setup.txt
[2007/06/25 13:30:00 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/06/25 13:29:51 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007/03/24 13:31:01 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2007/03/24 13:31:00 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2007/03/24 13:30:38 | 001,483,776 | ---- | C] () -- C:\WINDOWS\MGXRDR32.DLL
[2006/12/06 06:51:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/08/19 20:44:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/08/19 14:28:53 | 000,000,103 | ---- | C] () -- C:\WINDOWS\ALBUM.INI
[2006/06/20 21:27:04 | 000,007,031 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/20 19:37:45 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/06/20 19:37:45 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/15 11:31:43 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/04/08 22:04:30 | 000,227,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys
[2006/04/08 22:04:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\DIV_IYUV.DLL
[2006/04/08 22:04:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\JPGL.DLL
[2006/04/08 22:04:22 | 000,000,321 | ---- | C] () -- C:\WINDOWS\DC2110a.ini
[2006/04/08 22:04:21 | 000,015,542 | ---- | C] () -- C:\WINDOWS\cccp106.ini
[2006/04/08 20:51:53 | 000,000,903 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2006/04/08 20:51:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/04/08 20:51:06 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2006/04/08 20:49:16 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2006/04/08 20:31:18 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\dcccp106.dll
[2006/04/08 20:31:17 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\vcccp106.dll
[2006/01/24 11:33:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ExpLoansFromGenesis.dll
[2005/06/24 12:33:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Setup32.INI
[2005/06/24 12:33:16 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ai.ini
[2005/06/24 12:32:23 | 000,000,016 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/03/05 10:08:19 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2005/02/27 14:42:38 | 000,000,173 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/02/27 13:10:50 | 000,000,063 | ---- | C] () -- C:\WINDOWS\FTEDITOR.INI
[2005/02/27 12:57:19 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[2005/01/13 20:23:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCCBrows.INI
[2004/12/24 13:04:57 | 000,004,007 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2004/12/24 13:04:18 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/11/28 05:48:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Png32.dll
[2004/11/28 05:48:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Twscan32.dll
[2004/11/28 05:48:20 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Image32.dll
[2004/11/28 05:48:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2004/11/28 05:48:20 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Tga32.dll
[2004/11/28 05:48:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Pcx32.dll
[2004/11/28 05:48:20 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2004/11/28 05:48:20 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2004/10/26 09:54:26 | 000,007,771 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\Comma Separated Values (Windows).EML
[2004/08/03 17:56:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/18 13:51:44 | 000,001,777 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\earthlink addresses.csv.1663530484.xml
[2004/03/18 13:51:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\BCMMappings.xml
[2004/03/17 20:01:10 | 000,028,249 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\Comma Separated Values (Windows).ADR
[2004/03/16 21:50:35 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\fusioncache.dat
[2004/01/14 14:38:38 | 000,001,153 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/01/13 20:49:31 | 000,000,047 | ---- | C] () -- C:\WINDOWS\LeeLee.INI
[2004/01/13 20:26:49 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/01/09 09:38:18 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/06 19:44:34 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AUTHMGR.INI
[2004/01/06 18:47:19 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup
[2003/12/29 10:03:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/12/29 09:55:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/12/29 09:44:43 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2003/12/29 09:41:15 | 000,000,884 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/12/29 09:14:42 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/11/12 10:16:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GNetParserX.dll
[2003/08/13 21:54:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/02/25 05:49:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/02/17 14:57:02 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\GN32.DLL
[1999/10/13 15:59:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\GNS2KZIP.DLL

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >
[2010/04/15 19:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/04/15 11:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/06/30 19:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/06/30 19:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/05/12 07:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/08/29 11:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/08/29 11:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2003/12/29 09:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/03/05 17:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2007/12/04 13:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative Memories
[2010/09/04 10:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/04/16 08:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2005/04/22 05:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2006/07/05 11:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2010/06/05 11:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IProt
[2009/12/30 15:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2009/10/11 10:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2009/10/11 10:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009/03/16 19:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/16 05:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2004/01/06 21:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2010/06/04 03:02:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2004/06/26 06:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2005/02/25 11:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/11/29 19:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/02/13 18:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2009/10/08 19:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/02/01 12:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/11/21 02:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2003/12/29 09:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2003/12/29 09:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/03/14 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/03/12 14:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/04/27 17:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/28 15:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2004/10/25 16:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2008/01/31 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2005/01/13 20:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/02/03 23:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/29 09:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trend Micro
[2007/02/06 12:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/07/31 18:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/08/31 17:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/06/02 16:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/07/22 21:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2009/03/13 09:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/08/07 14:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/01/04 10:50:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{876C6265-922D-4EF3-A784-71D72FF033C0}
[2008/01/04 10:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B0AFCE64-DF3F-4824-8985-B21DB0EEE07B}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2007/12/06 19:46:24 | 005,096,260 | ---- | M] (Stamps.com, Inc. ) -- C:\Documents and Settings\All Users\Application Data\{876C6265-922D-4EF3-A784-71D72FF033C0}\stamps.exe
[2008/01/04 10:51:09 | 002,513,557 | ---- | M] (Stamps.com, Inc. ) -- C:\Documents and Settings\All Users\Application Data\{B0AFCE64-DF3F-4824-8985-B21DB0EEE07B}\MSW2KPIMstmp.exe
[2010/03/24 11:17:47 | 000,326,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\AcrobatUpdater.exe
[2010/03/24 11:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\AdobeARM.exe
[2010/03/24 11:17:47 | 000,326,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.2\ARM\ARM Update\ReaderUpdater.exe
[2010/08/07 14:26:04 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
[2010/08/17 11:10:48 | 000,372,736 | ---- | M] (SoftThinks) -- C:\Documents and Settings\All Users\Application Data\Dell\DSL\DSLCheck.exe
[2010/07/09 07:26:26 | 000,475,136 | ---- | M] (SoftThinks SAS) -- C:\Documents and Settings\All Users\Application Data\Dell\RMC\RMCCreationInfo.exe
[2007/11/13 14:46:00 | 000,135,168 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
[2010/06/23 08:01:34 | 000,501,936 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\gtb66.tmp.exe
[2006/06/20 21:03:21 | 000,081,920 | ---- | M] (GTek Technologies Ltd.) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\CIP\Deadlock.exe
[2006/06/20 21:19:32 | 000,993,280 | ---- | M] (GTek Technologies Ltd.) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\CIP\hp_installer_gc_v1.0.1.10.exe
[2009/12/30 15:56:42 | 004,299,608 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\CrammerPlugin.exe
[2009/12/30 15:58:49 | 028,696,928 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\UPCInstaller.exe
[2010/02/16 18:25:17 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2009/09/10 11:41:52 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2007/03/17 18:25:57 | 001,363,968 | ---- | M] (EasyBits Software Corp.) -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F35E193DC3E84933B83DE961D9AC33BF\SketchPad.exe
[2007/10/08 15:07:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\_default\data\f9cd5860-4b46-43fa-aa04-46ba9e956204\7e7d3c88-958b-4607-85a7-8c1cc5188887.1\NOTEPAD.EXE
[2008/02/13 02:16:55 | 002,431,303 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_1_08044.exe
[2008/09/03 15:06:58 | 005,305,574 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08100_2.0.exe
[2008/10/27 20:09:29 | 000,155,658 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08267_2.0.exe
[2008/10/27 19:52:43 | 000,474,625 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08298_2.0.exe
[2009/01/21 16:23:38 | 000,148,579 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08335_2.0.exe
[2009/05/26 08:10:13 | 003,485,990 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_09085_2.0.exe
[2008/06/25 09:50:12 | 000,529,291 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\exec\PCD_Patch_1.exe

< %APPDATA%\*. >
[2009/12/30 15:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Active Disk
[2009/09/10 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Adobe
[2008/02/01 21:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\AdobeUM
[2009/03/07 09:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Apple Computer
[2006/04/19 12:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\ArcSoft
[2010/06/05 11:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Bidgood Svcs
[2010/05/12 16:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2006/12/06 07:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Common Files
[2009/03/05 17:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Corel
[2007/12/04 13:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Creative Memories
[2007/12/07 23:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Creative Memories Photo Center
[2004/01/18 23:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\CyberLink
[2004/01/06 18:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Earthlink
[2010/01/06 20:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Encompass
[2010/08/29 17:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\ePASS
[2010/04/10 12:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Facebook
[2005/03/05 10:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\FTW
[2006/09/19 20:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Google
[2007/04/11 15:22:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek
[2004/11/28 05:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Help
[2006/12/06 07:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\HP
[2004/11/19 04:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Identities
[2006/06/20 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Image Zone Express
[2008/05/05 14:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\InstallShield
[2009/01/09 09:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\IsolatedStorage
[2003/12/29 09:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Jasc Software Inc
[2004/01/06 20:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Leadertech
[2008/03/24 11:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Macromedia
[2009/03/16 19:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Malwarebytes
[2010/04/24 14:36:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Microsoft
[2009/07/31 05:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Mozilla
[2008/05/31 12:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\MSN6
[2006/11/11 09:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\OfficeUpdate12
[2008/04/09 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\ooVoo Details
[2005/11/06 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Real
[2009/02/21 13:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Sibelius Software
[2007/07/12 09:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Simple Star
[2010/09/06 15:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Skype
[2009/03/14 16:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\skypePM
[2004/01/06 20:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Sonic
[2008/01/04 10:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Stamps.com Internet Postage
[2003/12/29 09:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Sun
[2010/08/28 16:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\SUPERAntiSpyware.com
[2004/01/07 02:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Symantec
[2010/04/24 04:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Verizon Wireless
[2007/11/11 08:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Viewpoint
[2008/05/31 11:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Walgreens
[2010/07/20 08:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\webex
[2008/06/02 16:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\Yahoo!
[2009/08/21 17:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean Bledsoe\Application Data\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2008/01/20 10:49:54 | 021,277,080 | ---- | M] ( ) -- C:\Documents and Settings\Jean Bledsoe\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2008/02/29 17:18:54 | 001,761,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Jean Bledsoe\Application Data\Bidgood Svcs\Single Document Converter\OCONVPCK.EXE
[2010/04/10 12:24:08 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Jean Bledsoe\Application Data\Facebook\uninstall.exe
[2008/01/25 22:49:03 | 000,327,437 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\CIP\TransferAgentSetup.exe
[2007/04/11 15:22:01 | 000,123,138 | ---- | M] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\HTML\MakeDesktopShortcut.EXE
[2007/04/11 15:22:01 | 000,068,608 | ---- | M] (Dell Inc) -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\HTML\fix\DellSupportLauncher.exe
[2007/04/11 15:22:02 | 000,064,512 | ---- | M] (Gteko Ltd.) -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\HTML\item_templ\coach\RunGdp.exe
[2007/04/11 15:24:46 | 000,064,512 | ---- | M] (Gteko Ltd.) -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u3\HTML\item_templ\coach\RunGdp.exe
[2007/07/18 09:45:49 | 000,064,512 | ---- | M] (Gteko Ltd.) -- C:\Documents and Settings\Jean Bledsoe\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u4\HTML\item_templ\coach\RunGdp.exe
[2009/12/12 11:13:12 | 000,003,584 | R--- | M] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2009/01/09 09:08:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009/12/26 11:35:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jean Bledsoe\Application Data\Microsoft\Installer\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/03/23 21:45:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/03/23 21:45:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001/08/17 12:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2002/08/29 04:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/03/23 21:45:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/03/23 21:45:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/04 03:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2003/04/23 08:29:54 | 000,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\I386\atapi.sys

< MD5 for: BEEP.SYS >
[2002/08/29 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\I386\BEEP.SYS
[2004/08/04 03:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\SYSTEM32\DLLCACHE\beep.sys
[2004/08/04 03:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\SYSTEM32\DRIVERS\beep.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2002/08/29 04:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\I386\EVENTLOG.DLL

< MD5 for: IASTOR.SYS >
[2006/05/11 09:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2002/08/29 04:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\I386\NETLOGON.DLL
[2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2006/03/16 17:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2002/08/29 04:00:00 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\I386\SCECLI.DLL
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\scecli.dll

< MD5 for: THEMEUI.DLL >
[2008/04/13 17:12:07 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=A314EEA2A503A8E04085201E436384A5 -- C:\WINDOWS\ServicePackFiles\i386\themeui.dll
[2008/04/13 17:12:07 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=A314EEA2A503A8E04085201E436384A5 -- C:\WINDOWS\SYSTEM32\themeui.dll
[2004/08/04 03:00:00 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=E6796D51CED309E46D29C0B787735615 -- C:\WINDOWS\$NtServicePackUninstall$\themeui.dll
[2002/08/29 04:00:00 | 000,384,000 | ---- | M] (Microsoft Corporation) MD5=F077AE5535F1996A922675AA978037C3 -- C:\I386\THEMEUI.DLL

< MD5 for: USERINIT.EXE >
[2004/08/04 03:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe
[2002/08/29 04:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\I386\USERINIT.EXE

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/03/22 08:23:56 | 000,786,432 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\default.sav
[2009/03/22 15:11:31 | 000,262,144 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\security.sav
[2009/03/22 08:23:56 | 039,321,600 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\software.sav
[2009/03/22 08:23:56 | 010,223,616 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\dxtrans.dll
[2004/08/04 03:00:00 | 000,068,768 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\mmsystem.dll
[2004/08/04 03:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\shell.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F880DE59
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
< End of report >


#6 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 07 September 2010 - 06:02 AM

Close and save any open documents/files you have, and exit programs you may have started.
The following tools will restart/reboot the system in their runs.

Step 1
  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    *****************************************************************
    :processes
    killallprocesses

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {06647158-359E-4D10-A8DE-E6145DA90BE9} - No CLSID value found.
    O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
    O33 - MountPoints2\{bdf8859b-eaa7-11de-b1c9-000bdbd3096d}\Shell - "" = AutoRun
    O33 - MountPoints2\{e5b68fff-bbc8-11de-b1bd-000bdbd3096d}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe -- File not found
    O33 - MountPoints2\{e5b69005-bbc8-11de-b1bd-000bdbd3096d}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe -- File not found

    :files
    C:\WINDOWS\tasks\49e574d3.job
    C:\WINDOWS\tasks\80fa7c6c.job
    C:\Documents and Settings\Jean Bledsoe\Local Settings\Application Data\gehdqpatf
    C:\Documents and Settings\All Users\Application Data\TEMP:F880DE59
    C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
    recycler /alldrives

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on the red-lettered button Run Fix.
  • Once you see a message box "Fix complete! Click OK to open the fix log."
    Click the OK button
  • The log will open in Notepad (your default text editor).
  • Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Step 2
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages
It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.
You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.
Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)


Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1
Link 2
Link 3







* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop
If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on Combo-Fix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
-------------------------------------------------------

A caution - Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.
If this occurs, please reboot to restore the desktop.

RE-Enable your AntiVirus and AntiSpyware applications.

Reply with copy of OTL MovedFiles log
and C:\Combofix.txt


~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#7 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 07 September 2010 - 07:47 PM

Before running anything I am now getting an error that says

Windows can not start because the following file missing or corrupt. <Windows Root>\system32\hal.dll.
please reinstall a copy of the above file

#8 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 07 September 2010 - 10:45 PM

When exactly did that first show up? Some details as to what happened before this and how this exhibited itself.

For the time being, until we can resolve this, hold off and do NOT run any of what I listed before.

Tell me if you have tried a reboot/restart and how far the system gets as it starts Windows.

Also if you have the Windows XP operating system CD that came with your Dell system. And if this system has a diskette drive.
And tell me how old is this system? Let's hope this is not a hardware failure.

The message you noted is quite similar to "message #3" in this Microsoft article http://support.microsoft.com/kb/314477
Just don't do anything on your own.
If you have the Windows XP CD, we may try using the XP Recovery Console to try a remedy.

Edited by Maurice Naggar, 07 September 2010 - 11:01 PM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#9 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 08 September 2010 - 07:23 AM

I do have the operating system CD.

The computer started to become unstable while I was doing some word processing. I can't recall if I was connected to the internet at that point. I thought that it was my wireless mouse so I changed batteries and and that didn't help so I tried to shut it down normally and it wouldn't so I turned it off. I re-booted and it did the same thing (I couldn't control the mouse) so I shut it down for the night. When turning it on the next day a black screen now shows with the following message

<Windows root>\system32\hal.dll.
Please re-install a copy of the above file

This is a Dell Dimension 2400 running XP Office and I think that it's about 5 years old.

Let me know what my next step should be.

I appreciate your help. Thanks

#10 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 11 September 2010 - 07:58 AM

Hello Bryan,

You will want to print out or copy these instructions to Notepad for offline reference!

Set pc BIOS to boot from CDROM. Place XP Operating System CD in drive. Reboot from the CD.
Select the first option R Repair/Recovery Console.

When prompted for which partition:
Select your Windows partition by number. Usually it is 1 . Login to XP with administrator-rights account.

One logged in, you will see a command prompt. (note: the cursor will not be flashing on off but will be solid-white)

Type bootcfg /rebuild, and then press ENTER.

If prompted
QUOTE
Add installation to boot list? (Yes/No/All)

Reply Y [Enter-key]

If prompted Enter Load Identifier:
Type Windows XP Home Edition [Enter-key]

If prompted Enter OS Load options
Leave it be and just press Enter-key

Type EXIT & Enter-key
Remove the CD from drive

Now Restart your system.

If there's any prompt as to a selection, select Windows XP Home.

Once back in Windows, just only get a new report by running DDS
I only need the DDS.txt

Edited by Maurice Naggar, 11 September 2010 - 08:03 AM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#11 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 11 September 2010 - 10:32 AM

I have tried to re-boot a number of times with the CD but I still get the same message. Is there a way to go around this? Thank you

#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 11 September 2010 - 10:45 AM

Let's take careful time to details here.
Did you set the system to boot first from CD? yes/no

Did the system access the CD and start up?
You are supposed to see a number of screens.

My guess is system was not set to boot from CD and simply tried to boot from the hard drive (where you have a issue)


~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#13 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 11 September 2010 - 11:07 AM

The system doesn't give me an option to boot from the CD. On startup it immediately goes to the black screen that gives me the .dll message. When I press another key the Dell bios screen starts up and then it goes back to the black screen with the .dll message.

At this point is there a way to get the system to start from the CD?


#14 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:33 AM

Posted 11 September 2010 - 11:43 AM

Carefully get to the BIOS setup option. Find the spot to set the boot order.
Set it to boot from CD.
Then try again.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#15 bryan007

bryan007
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:33 PM

Posted 11 September 2010 - 11:48 AM

I don't know how to get to the bios setup option. There is no menu, just the screedn telling me to re-install a copy of the .dll file.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users