Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected - epoclick, google-analytics.com, others


  • This topic is locked This topic is locked
32 replies to this topic

#16 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 07 November 2010 - 04:14 PM

That's going to be difficult, but I'll see if I can get permission to hook up to it tomorrow. The wireless modem serves 3 apartments and is in my landlord's apartment.

BC AdBot (Login to Remove)

 


#17 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 07 November 2010 - 04:31 PM

ok just ask if your neighbours are having problems to


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#18 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 09 November 2010 - 06:57 AM

I was unable to hook up to the modem yesterday, but I connected to another wireless network and still had pop-up / redirect problems, so it would seem that it's still on my system.

#19 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 10 November 2010 - 12:40 PM

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click on Minimal Output at the top
  • Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
  • Double click inside the Custom Scan box at the bottom
  • A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
  • Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
  • Select scan.txt and click Open. Writing will now appear under the Custom Scan box
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the OTL.Txt into this topic and please attach the Extras.Txt.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#20 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 10 November 2010 - 07:59 PM

Here you go.

OTL logfile created on: 11/10/2010 7:49:35 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Sean McNamara\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 473.00 Mb Available Physical Memory | 47.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.08 Gb Total Space | 7.30 Gb Free Space | 10.42% Space Free | Partition Type: NTFS

Computer Name: SEANMCNAMARA | User Name: Sean McNamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Sean McNamara\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe ()
PRC - C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
PRC - C:\Program Files\Dell\SysMgt\bmc\DSM_BMU_SOLProxy32.exe ()
PRC - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe ()
PRC - C:\Program Files\FileBX\FileBX.exe (Hyperionics Technology LLC)
PRC - C:\Program Files\Maxtor\Utils\SyncServices.exe ( )
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\1XConfig.exe (Intel)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Sean McNamara\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll (Microsoft Corporation)
MOD - C:\Program Files\TortoiseSVN\bin\TortoiseSVN.dll (http://tortoisesvn.net)
MOD - C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll (http://tortoisesvn.net)
MOD - C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn.dll (Apache Software Foundation)
MOD - C:\Program Files\TortoiseSVN\bin\libapr_tsvn.dll (Apache Software Foundation)
MOD - C:\Program Files\TortoiseSVN\bin\intl3_tsvn.dll (Free Software Foundation)
MOD - C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
MOD - C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
MOD - C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll (Autodesk)
MOD - C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
MOD - C:\Program Files\Illustrate\dBpoweramp\dBShell.dll (Illustrate)
MOD - C:\Program Files\iolo\Common\Lib\sguard.dll ()
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\FileBX\FileBXH.dll (Hyperionics Technology LLC)
MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (IOLO_SRV) -- C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
SRV - (SOLProxy) -- C:\Program Files\Dell\SysMgt\bmc\DSM_BMU_SOLProxy32.exe ()
SRV - (Roxio UPnP Renderer 9) -- C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9) -- C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (MaxBackServiceInt) -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe ()
SRV - (NTService1) -- C:\Program Files\Maxtor\Utils\SyncServices.exe ( )
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (SMTPSVC) Simple Mail Transfer Protocol (SMTP) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (TSP) -- C:\WINDOWS\System32\drivers\klif.sys File not found
DRV - (SGUARD) -- C:\WINDOWS\System32\drivers\SGuard.sys File not found
DRV - (RimUsb) -- C:\WINDOWS\System32\Drivers\RimUsb.sys File not found
DRV - (catchme) -- C:\DOCUME~1\SEANMC~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (SUSTUCAU) -- C:\WINDOWS\system32\drivers\sustucau.sys (Susteen, Inc.)
DRV - (SUSTUCAP) -- C:\WINDOWS\system32\drivers\sustucap.sys (Susteen, Inc.)
DRV - (SUSTUCAM) -- C:\WINDOWS\system32\drivers\sustucam.sys (Susteen, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (bbcap) -- C:\WINDOWS\system32\drivers\bbcap.sys (Windows ® 2000 DDK provider)
DRV - (MCSTRM) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Sonic Solutions)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Sonic Solutions)
DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (MXOPSWD) -- C:\WINDOWS\system32\drivers\mxopswd.sys (Maxtor Corp.)
DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\TosRfbd.sys (TOSHIBA CORPORATION)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\Tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (w29n51) Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- C:\WINDOWS\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/01 16:02:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/07 10:26:58 | 000,000,000 | ---D | M]

[2008/07/03 06:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Extensions
[2010/11/09 07:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions
[2010/11/07 19:59:52 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010/11/07 20:00:04 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2008/07/09 07:29:21 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(2)
[2010/11/09 07:24:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/07 19:42:00 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2009/11/19 18:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/02/12 18:21:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/11/07 19:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\firebug@software.joehewitt.com
[2008/08/28 18:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\extensions\moveplayer@movenetworks.com
[2008/07/02 15:36:17 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Mozilla\Firefox\Profiles\bwbx1vzp.default\searchplugins\bugzilla.xml
[2010/11/09 07:24:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/20 18:52:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2008/11/13 18:52:56 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2008/11/13 18:52:56 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2008/09/04 18:00:10 | 000,046,408 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\atmccli.dll
[2008/07/23 17:58:37 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ieatgpc.dll
[2008/07/14 19:18:59 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010/10/20 18:51:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/08/31 01:41:22 | 000,663,552 | ---- | M] (Lizardtech Software) -- C:\Program Files\Mozilla Firefox\plugins\npexview.dll
[2008/08/27 16:44:38 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2010/10/30 14:38:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll File not found
O4 - HKLM..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic 6\Delay.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [SystemGuardAlerter] C:\Program Files\iolo\System Mechanic 6\SystemGuardAlerter.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SMSystemAnalyzer] C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Sean McNamara\Start Menu\Programs\Startup\FileBox eXtender.lnk = C:\Program Files\FileBX\FileBX.exe (Hyperionics Technology LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - File not found
O9 - Extra Button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - File not found
O9 - Extra Button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - File not found
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {3FE2CD95-BB27-479E-A963-C2F1732E80E7} https://collaboration.engineering.com/as/UI/client%20install/alvFileUpload.cab (Uploader Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx (get_atlcom Class)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://gis.ci.carmel.in.us/control/MgAxCtrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150467849515 (MUWebControl Class)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} https://66.55.213.225:8443/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} http://us-download.mcafee.com/products/protected/mvt/mvt.cab (McAfee Virtual Technician Control Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} https://www.lizardtech.com/download/files/win/expressview/webinstall/isetup.cab (InstallShield International Setup Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://rand.webex.com/client/T25L/webex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (smrgdf C:\Program Files\iolo\System Mechanic 6\) - File not found
O34 - HKLM BootExecute: (iolobtdfg C:\WINDOWS\system32) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1E5C1B97-45B9-987E-0E82-2FB44006A032} - Browser Customizations
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {55EA0C8A-AAD1-05D2-1C09-50F9FF321B78} - NetShow
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {59899715-473D-D2B7-B0A6-406F50335A3A} - Internet Explorer
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5E61602A-AEFC-71E0-89B0-2BAC15A4B95A} - IE7 Uninstall Stub
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {60D4D7A2-01D1-3DBD-05E7-4153148A2BFC} - Vector Graphics Rendering (VML)
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {89BB3868-6CB9-DBE2-2D37-6A795C1C553F} - Outlook Express
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8EFA4753-7169-4CC3-A28B-0A1643B8A39B} - Microsoft .NET Framework 1.1 Hotfix (KB886903)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {953DE4DC-90B1-9AE4-2D16-D8E11564A78D} - Internet Explorer
ActiveX: {A97E891C-7067-9C9A-77B0-8B23FE7CA29B} - Microsoft VM
ActiveX: {A9DD0AAB-C707-3258-2DF0-84791D94699F} - Microsoft VM
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B46AC44F-F7E1-2E4A-9D76-80CBDCE0A414} - Vector Graphics Rendering (VML)
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {D7EF5FC3-DC05-334B-DB15-D92208F4A4D1} - Microsoft Windows Media Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FAB95243-5303-0049-22A4-2C0FABD574CF} - DirectAnimation
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (14931728682450944)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/10 19:29:52 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\OTL.exe
[2010/11/07 11:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/07 10:48:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\TFC.exe
[2010/10/30 18:41:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/20 18:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/10/20 13:00:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/20 12:45:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/20 12:45:45 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/20 12:45:45 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/20 12:45:45 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/20 12:44:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/20 12:44:11 | 000,000,000 | ---D | C] -- C:\MyComboFix
[2010/10/20 12:40:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/19 07:16:00 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/10/16 10:28:00 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/10/16 10:15:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010/10/16 10:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/10/16 10:10:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/10/13 09:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/12 08:44:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/12 08:44:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2006/07/11 14:29:00 | 000,028,672 | R--- | C] ( ) -- C:\WINDOWS\System32\DivXGraphBuilderCallback.dll

========== Files - Modified Within 30 Days ==========

[2010/11/10 19:39:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 19:29:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\OTL.exe
[2010/11/10 19:17:01 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1228979991-1214082857-170243662-1005UA.job
[2010/11/10 08:39:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 08:17:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1228979991-1214082857-170243662-1005Core.job
[2010/11/09 19:24:40 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\Microsoft Office Outlook 2003.lnk
[2010/11/09 18:56:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/09 18:55:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/11/09 18:52:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/09 18:52:04 | 1064,763,392 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/09 18:49:09 | 000,533,162 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/09 18:49:09 | 000,107,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/07 11:28:13 | 000,002,463 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\HiJackThis.lnk
[2010/11/07 10:48:46 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\TFC.exe
[2010/11/07 10:22:25 | 000,278,410 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\Infected - epoclick, google...pdf
[2010/11/07 10:21:20 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\HiJackThis.msi
[2010/11/05 03:18:57 | 000,002,384 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\Google Chrome.lnk
[2010/11/05 03:18:57 | 000,002,362 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/30 14:38:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/30 08:08:29 | 003,895,619 | R--- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\ComboFix.exe
[2010/10/30 05:32:47 | 000,534,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/30 05:00:29 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\defogger_reenable
[2010/10/30 04:57:49 | 000,001,826 | ---- | M] () -- C:\WINDOWS\SysMech6.INI
[2010/10/30 04:53:14 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\RKUnhookerLE.EXE
[2010/10/30 04:52:22 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\Defogger.exe
[2010/10/28 17:21:27 | 000,084,992 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/10/27 04:00:24 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PwsLicenseManager.lnk
[2010/10/23 18:09:47 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/20 18:54:37 | 000,544,768 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\dds.scr
[2010/10/20 13:00:45 | 000,000,288 | RHS- | M] () -- C:\boot.ini
[2010/10/20 12:26:22 | 003,881,515 | R--- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\MyComboFix.exe
[2010/10/19 10:49:04 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/10/19 07:15:56 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/10/19 06:37:25 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/10/18 21:42:29 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/18 21:05:50 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Pbecuvomuyix.dat
[2010/10/16 10:15:39 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/16 10:15:39 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk

========== Files Created - No Company Name ==========

[2010/11/07 11:26:02 | 000,002,463 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\HiJackThis.lnk
[2010/11/07 10:22:25 | 000,278,410 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\Infected - epoclick, google...pdf
[2010/11/07 10:21:11 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\HiJackThis.msi
[2010/10/30 08:08:22 | 003,895,619 | R--- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\ComboFix.exe
[2010/10/30 05:00:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\defogger_reenable
[2010/10/30 04:53:13 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\RKUnhookerLE.EXE
[2010/10/30 04:52:20 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\Defogger.exe
[2010/10/25 13:43:48 | 1064,763,392 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/20 18:54:36 | 000,544,768 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\dds.scr
[2010/10/20 13:00:37 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/20 12:45:45 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/20 12:45:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/20 12:45:45 | 000,084,992 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/20 12:45:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/20 12:45:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/20 12:25:55 | 003,881,515 | R--- | C] () -- C:\Documents and Settings\Sean McNamara\Desktop\MyComboFix.exe
[2010/10/17 14:58:57 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pbecuvomuyix.dat
[2010/10/16 13:44:30 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/10/16 10:15:39 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/16 10:15:39 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/10/12 08:44:54 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/03 12:32:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2010/02/08 21:37:55 | 000,015,462 | -HS- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\e7H1JR
[2008/06/09 06:06:56 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\AutobahnAcceleratorInstall.txt
[2008/03/15 23:36:19 | 000,000,476 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/03/09 19:54:29 | 000,002,000 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Application Data\autobahn.log
[2008/03/09 19:54:21 | 000,004,256 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Application Data\autobahn-killer.log
[2008/03/01 07:28:14 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/02/24 19:58:09 | 000,002,196 | ---- | C] () -- C:\WINDOWS\tabled32.ini
[2008/02/24 19:54:48 | 000,001,501 | ---- | C] () -- C:\WINDOWS\tefview.ini
[2008/01/24 21:10:59 | 000,016,864 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\rx_audio.Cache
[2007/10/15 08:52:53 | 000,000,109 | ---- | C] () -- C:\WINDOWS\MapExport.ini
[2007/08/29 20:14:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2007/07/30 10:25:15 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\DAD0038CCA.sys
[2007/07/30 10:14:41 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/04/10 15:23:32 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\rx_image.Cache
[2007/04/06 15:03:31 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/04/06 14:55:01 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/03/28 20:52:03 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/03/28 20:52:03 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/03/12 21:51:03 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Application Data\DMX.bmk
[2007/03/12 13:22:33 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/23 23:23:52 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/02/23 20:29:32 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2006/09/13 05:49:38 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/16 13:47:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/08/09 04:19:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/08/09 04:19:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/09 01:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2006/07/21 09:53:43 | 000,001,826 | ---- | C] () -- C:\WINDOWS\SysMech6.INI
[2006/06/23 09:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006/05/23 18:14:37 | 000,000,034 | ---- | C] () -- C:\WINDOWS\TEC.INI
[2006/05/03 08:27:39 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2006/05/03 08:27:39 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2006/05/03 08:27:23 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2006/05/03 08:27:23 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2006/05/03 08:27:23 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2006/04/22 02:19:14 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/04/11 15:50:15 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2006/04/10 23:16:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\fusioncache.dat
[2006/04/09 23:14:07 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Application Data\WorkingFolders.xml
[2006/04/04 10:52:26 | 000,000,068 | ---- | C] () -- C:\WINDOWS\IDMan.INI
[2006/03/28 13:06:52 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2006/03/23 14:47:10 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Sean McNamara\Local Settings\Application Data\fusioncache.dat
[2006/03/17 19:50:54 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\CA8C03D0DA.sys
[2006/03/06 20:15:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2006/03/04 09:08:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6d.DLL
[2006/03/02 09:06:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/01 13:06:30 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/22 20:45:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/22 20:36:38 | 000,000,535 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/22 20:31:21 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/02/22 20:07:54 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/02/22 20:07:08 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/15 13:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004/12/03 09:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/09/23 04:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\zb0q3jr.dll
[2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2004/08/11 18:00:18 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2004/08/11 18:00:18 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2004/08/11 18:00:18 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\dfocrca.dll
[2004/08/11 18:00:18 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2004/08/11 18:00:18 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\vim0t9x.dll
[2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\r6drpj8.dll
[2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\njaklmm.dll
[2004/07/21 11:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/16 08:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/10/02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/07/30 09:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/08/05 09:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/03/12 10:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2007/05/18 06:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blueberry
[2007/07/31 08:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bmu
[2008/01/21 13:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cadsoft
[2007/04/06 10:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2006/05/03 09:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IMAGINiT
[2010/03/04 12:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2007/09/27 13:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/10/13 09:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/03/04 12:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/08/31 08:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PWS Solutions
[2010/06/09 06:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PWS Solutions, LLC
[2010/10/17 13:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/07 10:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/09/25 14:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/10/16 10:16:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2007/02/23 07:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{F9228DAD-21AA-4BC3-8B63-E19AA9EEA5F8}
[2008/06/18 18:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\AIM
[2008/02/26 07:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Autodesk
[2007/03/04 20:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\BearShare
[2009/07/29 19:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\BitTorrent
[2007/06/21 09:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Blueberry
[2006/05/02 15:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\DMCache
[2007/10/30 08:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\HBA
[2006/04/11 15:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Hyperionics
[2006/04/23 23:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\LEAD Technologies
[2006/03/26 19:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Leadertech
[2007/03/28 20:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\LizardTech
[2010/03/04 12:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\PC Suite
[2007/08/16 08:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\PWS Solutions
[2009/11/19 18:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\QuickScan
[2010/03/04 12:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Samsung
[2007/07/30 15:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\SmartDraw
[2006/04/15 08:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Snapfish
[2008/07/02 06:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Subversion
[2006/06/23 09:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Toshiba
[2007/03/14 09:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\Viewpoint
[2008/12/18 18:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sean McNamara\Application Data\webex
[2010/11/09 18:55:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/11/09 18:51:57 | 000,005,771 | ---- | M] () -- C:\aaw7boot.log
[2004/11/23 05:55:36 | 000,000,171 | ---- | M] () -- C:\boot.bk2
[2010/10/20 13:00:45 | 000,000,288 | RHS- | M] () -- C:\boot.ini
[2004/08/03 22:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/30 14:41:26 | 000,017,426 | ---- | M] () -- C:\ComboFix.txt
[2006/02/22 20:11:38 | 000,005,706 | RH-- | M] () -- C:\dell.sdr
[2010/11/09 18:52:04 | 1064,763,392 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/04 13:06:28 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006/02/22 20:24:17 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/09 18:51:57 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >
[2005/12/15 11:03:40 | 000,012,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll

< %systemroot%\Fonts\*.ini >
[2004/08/11 18:14:22 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2004/06/07 00:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD6d.DLL
[2004/10/08 00:00:00 | 000,018,432 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD71.DLL
[2004/06/07 00:00:00 | 000,054,272 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP6d.DLL
[2004/10/08 00:00:00 | 000,055,808 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP71.DLL
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2005/06/10 21:55:08 | 000,067,072 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp052.DLL
[2005/10/14 21:41:46 | 000,072,192 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp43a.dll
[2006/05/02 13:27:16 | 000,025,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr.dll
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/11 18:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/11 18:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/11 18:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2004/08/11 18:15:06 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/03/01 12:11:49 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/11 18:20:42 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 06:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/03/01 12:11:48 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Sean McNamara\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2010/11/09 18:59:11 | 000,032,768 | -HS- | M] () -- C:\Documents and Settings\Sean McNamara\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 21:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2004/10/29 22:56:50 | 000,466,944 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.exe >
[2004/10/13 11:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< %USERPROFILE%\Templates\*.tmp >

< %SYSTEMDRIVE%\explorexxx.exe\*.* >

< %Windir%\Installer\*.tmp >

< %systemroot%\System32\*.xco >

< %ProgramFiles%\system32\*.* >

< %systemroot%\System32\windos\*.* >

< %SystemRoot%\system32\sandbox\*.* >

< %SystemRoot%\system32\*.amo >

< %SystemRoot%\system32\Windows Live\*.* >

< %ProgramFiles%\logs\*.* >

< %ProgramFiles%\Bifrost\*.* >

< %SystemRoot%\system32\*.goo >

< %systemroot%\system32\IME\*.* >

< %systemroot%\BackUp\*.* >

< %systemroot%\system32\*.ico >

< %systemroot%\system\*.exe >

< %AppData%\Macromedia\Common\*.* >

< %SYSTEMDRIVE%\dir\*.* /s >

< %systemroot%\system32\ras\*.exe >

< %SYSTEMDRIVE%\MFILES\*.* >

< %SYSTEMDRIVE%\mDNSRespon.exe\*.* >

< %systemroot%\system32\services\*.* >

< %systemroot%\Spooler\*.* >

< %ProgramFiles%\system32\*.* >

< %systemroot%\system32\Setup\*.dll /x >

< %systemroot%\system32\*.mine >

< %SYSTEMDRIVE%\cleansweep.exe\*.* >

< %systemroot%\system32\ras\*.dll >

< %systemroot%\system32\ras\*.drv >

< %systemroot%\*.iq >

< %systemroot%\system32\XP\*.* >

< %SYSTEMDRIVE%\Extracted\*.* >

< %systemroot%\system32\windows\*.* >

< %systemroot%\logs\*.* >

< %SYSTEMDRIVE%\Win.Msi\*.* >

< %systemroot%\regedit\*.* >

< %systemroot%\system32\skype\*.* >

< %AppData%\Adobe\dlluplwin25\*.* >

< %UserProfile%\*.dat >
[2010/11/09 18:50:42 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\ntuser.dat

< %UserProfile%\*.dll >

< %systemroot%\system32\*.sxo >

< %SYSTEMDRIVE%\Gazma\*.* /s >

< %systemroot%\system32\spynet\*.* >

< %systemroot%\system32\System\*.* >

< %appdata%\Microsoft\Windows\*.* >

< %systemroot%\system32\WinDir\*.* >

< %systemroot%\_\*.* >

< %systemroot%\system32\windows32\*.* >

< %ProgramFiles%\win\*.* >

< %AppData%\Microsoft\CD Burning\*.* >

< %systemroot%\*.cab >

< %systemroot%\K.Backup\*.* >

< %ProgramFiles%\Massenger\*.* >

< %systemroot%\System32\*.doc >

< %systemroot%\Office12\*.* >

< %systemroot%\System32\Rundl32.exe\*.* >

< %ProgramFiles%\yahoo.net\*.* >

< %systemroot%\system32\*.igo >

< %systemroot%\*.rew >

< %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe >
[2004/06/07 00:00:00 | 000,080,896 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMPV6d.EXE
[2004/06/07 00:00:00 | 000,008,704 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSD6d.EXE
[2004/06/07 00:00:00 | 000,130,048 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSM6d.EXE
[2004/06/07 00:00:00 | 000,006,656 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSQ6d.EXE
[2004/06/10 13:08:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
[2005/05/03 13:55:44 | 000,081,920 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
[2004/06/10 13:09:22 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPNRA.EXE
[2005/04/29 16:43:44 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZINW12.EXE
[2005/04/29 16:44:06 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE

< %USERPROFILE%\.COMMgr\*.* >

< %USERPROFILE%\Desktop\*.bat >

< %PROGRAMFILES%\Common Files\Real\visualizations\*.rpv /x >

< %PROGRAMFILES%\Internet Explorer\*.Jmp >

< %PROGRAMFILES%\Windows NT\system\*.dll >

< %systemroot%\system32\*.ext >

< %systemroot%\system32\Com\*.cfg >

< %systemroot%\system32\btz\*.* >

< %systemroot%\system32\EMP\*.* >

< %systemroot%\system32\expo\*.* >

< %systemroot%\system32\inet2\*.* >

< %systemroot%\system32\xrem\*.* >

< %ProgramFiles%\Microsoft\*.* >

< %systemroot%\usgwmt\*.* >

< %ProgramFiles%\B\*.* >

< %SYSTEMDRIVE%\lspp\*.* >

< %systemroot%\Kral\*.* >

< %SYSTEMDRIVE%\windowsdvd.exe\*.* >

< %systemroot%\system32\*.ipo >

< %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* >

< %systemroot%\system32\*.mof >

< %systemroot%\*.atm >

< %systemroot%\system32\svhost\*.* >

< %ProgramFiles%\system32\*.* >

< %ProgramFiles%\Docmentt\*.* >

< %systemroot%\Help\*.vbs >

< %ProgramFiles%\Windows WinSxs\*.* /s >

< %ProgramFiles%\Outlook Express\IDT\*.* /s >

< %ProgramFiles%\Microsoft Office\365\*.* /s >

< %ProgramFiles%\Windows Live\*.* >

< %systemroot%\system32\win32\*.* >

< %SYSTEMDRIVE%\RECYCLER\*.* >

< %systemroot%\Fresh1\*.* >

< %ProgramFiles%\Kekj\*.* /s >

< %systemroot%\GDU\*.* >

< %systemroot%\KA\*.* >

< %systemroot%\R\*.* >

< %systemroot%\system32\*.fyo >

< %USERPROFILE%\System\*.* >

< %systemroot%\Source\*.* >

< %systemroot%\system32\ac\*.* >

< %ProgramFiles%\MSDN\*.* >

< %AppData%\AdobeUM\winvcldll54\*.* /s >

< %ProgramFiles%\Internet Explorer\*.ico >

< %systemroot%\system32\*.ojo >

< %systemroot%\system32\d323s\*.* >

< %systemroot%\system32\re\*.* >

< %UserProfile%\Microsoft\*.dll >

< %UserProfile%\Microsoft\*.log >

< %systemroot%\Bios\*.* >

< %ProgramFiles%\Spool\*.* >

< %ProgramFiles%\promp3\*.* >

< %SYSTEMDRIVE%\Driver\*.* /s >

< %SYSTEMDRIVE%\inetserver.exe\*.* >

< %systemroot%\java\trustlib\*.* >

< %ProgramFiles%\Common Files\designer\*.exe >

< %ProgramFiles%\*. >
[2010/11/07 10:27:33 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/02/12 06:33:41 | 000,000,000 | ---D | M] -- C:\Program Files\AFT Software
[2009/09/25 10:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/08/05 09:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD Architecture 2008
[2008/09/03 09:33:28 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD Civil 3D 2008
[2007/10/19 08:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD Civil 3D Land Desktop Companion 2008
[2007/10/14 12:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD Map 3D 2008
[2010/08/05 09:42:23 | 000,000,000 | ---D | M] -- C:\Program Files\Autodesk
[2009/01/28 17:51:07 | 000,000,000 | ---D | M] -- C:\Program Files\Avery
[2010/03/12 10:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Avery Dennison
[2009/09/30 21:36:59 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2008/01/12 22:21:41 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2007/02/23 07:30:44 | 000,000,000 | ---D | M] -- C:\Program Files\Blueberry Software
[2006/02/22 20:27:44 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2006/11/29 16:18:59 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2007/02/08 23:13:30 | 000,000,000 | ---D | M] -- C:\Program Files\Comcast Web Controls
[2010/10/30 14:37:19 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/11 18:12:04 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2006/02/22 20:28:42 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2006/05/02 19:45:53 | 000,000,000 | ---D | M] -- C:\Program Files\Corpscon6
[2006/02/22 20:31:46 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2007/11/09 06:27:26 | 000,000,000 | ---D | M] -- C:\Program Files\Default Company Name
[2007/07/31 08:57:10 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2006/03/01 12:14:15 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2006/02/22 20:31:38 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2007/02/23 20:14:50 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/08/07 14:01:17 | 000,000,000 | ---D | M] -- C:\Program Files\Earth Resource Mapping
[2007/02/21 14:58:29 | 000,000,000 | ---D | M] -- C:\Program Files\FastStone Capture
[2006/04/11 15:39:41 | 000,000,000 | ---D | M] -- C:\Program Files\FileBX
[2006/03/15 09:16:19 | 000,000,000 | ---D | M] -- C:\Program Files\FLAC
[2007/04/04 17:53:02 | 000,000,000 | ---D | M] -- C:\Program Files\GeoTIFF Tools GUI
[2010/02/08 21:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2007/04/06 15:06:29 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2007/05/17 14:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\HTML Help Workshop
[2007/02/04 21:22:57 | 000,000,000 | ---D | M] -- C:\Program Files\Illustrate
[2010/06/01 16:10:36 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2006/02/22 20:26:05 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2006/02/22 20:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Intel, Inc
[2008/07/02 06:18:26 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2010/06/12 14:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2006/07/21 09:07:43 | 000,000,000 | ---D | M] -- C:\Program Files\iolo
[2009/09/25 14:23:52 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2007/03/30 19:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2009/09/25 14:25:01 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/10/20 18:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/10/16 10:10:31 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2007/03/29 04:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\LizardTech
[2010/10/19 07:03:12 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2007/09/27 13:31:19 | 000,000,000 | ---D | M] -- C:\Program Files\Maxtor
[2008/08/16 12:49:12 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2006/06/21 20:21:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2004/08/11 18:15:24 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2006/04/09 18:56:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2010/10/20 19:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/10/02 07:18:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2006/04/10 17:56:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2006/06/21 20:20:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2006/02/22 20:31:24 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/03/10 22:30:45 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/09/13 19:35:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2010/10/17 16:38:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/16 08:52:48 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/09/01 17:05:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2004/08/11 18:11:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/11 18:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/04/10 17:56:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/10/17 02:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2006/04/12 14:56:51 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2004/08/11 18:12:52 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2006/02/22 20:31:31 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2007/10/11 11:29:37 | 000,000,000 | ---D | M] -- C:\Program Files\Nmap
[2010/02/12 18:22:02 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2007/09/21 13:28:40 | 000,000,000 | ---D | M] -- C:\Program Files\notepadplus
[2006/10/12 09:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2007/10/13 07:06:00 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/12 02:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/03/04 12:36:34 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2010/06/09 06:38:56 | 000,000,000 | ---D | M] -- C:\Program Files\PWS Solutions
[2009/09/25 14:22:20 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/08/06 09:09:13 | 000,000,000 | ---D | M] -- C:\Program Files\Raster Design 2007
[2006/05/03 09:37:39 | 000,000,000 | ---D | M] -- C:\Program Files\Raster Design 2007 OE
[2006/02/22 20:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/16 08:52:38 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/02/26 07:37:27 | 000,000,000 | ---D | M] -- C:\Program Files\Revit Architecture 2008
[2007/02/23 20:29:31 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/10/20 19:21:14 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2006/02/22 20:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2007/08/28 13:51:53 | 000,000,000 | ---D | M] -- C:\Program Files\SmartFTP Client 2.0
[2006/02/22 20:25:42 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2008/02/24 19:58:03 | 000,000,000 | ---D | M] -- C:\Program Files\TablEdit
[2007/02/26 11:50:35 | 000,000,000 | ---D | M] -- C:\Program Files\TatukGIS
[2008/07/01 22:33:03 | 000,000,000 | ---D | M] -- C:\Program Files\TortoiseSVN
[2006/02/22 20:26:53 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba
[2010/11/07 11:26:01 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2007/10/13 21:31:32 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/01/24 18:48:43 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2010/02/08 22:24:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/05/02 20:11:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Installer Clean Up
[2007/05/16 19:07:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/05/17 23:26:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2004/08/11 18:11:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/11 18:13:20 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2007/10/11 11:29:48 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2004/08/11 18:15:24 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2006/08/14 09:41:36 | 000,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry

< %systemroot%\system32\*.tso >

< %ALLUSERSPROFILE%\Documents\Server\*.* >

< %systemroot%\*.pif >
[2004/08/04 06:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif

< %systemroot%\system32\n7533\*.* >

< %systemroot%\Us18336\*.* >

< %systemroot%\system32\*.zip >

< %systemroot%\system32\*.wgo >

< %systemroot%\system32\dllcache\*.com >

< %systemroot%\system32\dllchache\*.* >

< %systemroot%\system32\038840\*.* >

< %systemroot%\system32\13E92A\*.* >

< %systemroot%\system32\1CB5AD\*.* >

< %systemroot%\system32\52682A\*.* >

< %USERPROFILE%\My Documents\*.htm >

< %SYSTEMDRIVE%\Mr_CF\*.* >

< %USERPROFILE%\My Documents\*.dll >

< %USERPROFILE%\My Documents\*.ccc >

< %systemroot%\system32\Sis\*.* >

< %systemroot%\Microsft\*.* >

< %SYSTEMDRIVE%\driverwinx.exe\*.* >

< %systemroot%\BifroXx\*.* >

< %SYSTEMDRIVE%\TSTP\*.* >

< %systemroot%\winsn\*.* >

< %ProgramFiles%\windata\*.* >

< %SYSTEMDRIVE%\msixxxxxxx.exe\*.* >

< %systemroot%\system32\*.sao >

< %systemroot%\system32\*.iem >

< %systemroot%\system32\*.mdd >

< %systemroot%\system32\*.wlo >

< %systemroot%\system32\*.skn >

< %SYSTEMDRIVE%\Winup\*.* >

< %SYSTEMDRIVE%\test\*.* >

< %systemroot%\system32\med\*.* >

< %systemroot%\Bifrost\*.* >

< %systemroot%\system32\explorer.exe\*.* >

< %UserProfile%\UserData\*.dat /x >

< %SYSTEMDRIVE%\Arquivo de programas\*.* >

< %ProgramFiles%\tcpview\*.* >

< %systemroot%\system32\*.lyo >

< %ProgramFiles%\huanbang2\*.* >

< %systemroot%\winhuanbang\*.* >

< %systemroot%\minrsv.ini\*.* >

< %systemroot%\assembly\GAC\*.* >

< %AppData%\Adobe\crtmswin91\*.* >

< %ProgramFiles%\Windows NT\Accessories\*.exe >
[2008/04/21 05:02:07 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe

< %systemroot%\system32\*.pdo >

< %SYSTEMDRIVE%\APPDATASH\*.* >

< %SYSTEMDRIVE%\sy\*.* >

< %systemroot%\*.cot >

< %systemroot%\system32\*.html >

< %systemroot%\system32\win32.exe\*.* >

< %systemroot%\System32\9283\*.* >

< %systemroot%\System32\hardpol\*.* /s >

< %systemroot%\Fonts\*.dat >

< %ProgramFiles%\WinNTsystem operation\*.* >

< %SYSTEMDRIVE%\moneyxmexx.exe\*.* >

< %USERPROFILE%\Templates\*.exe >

< %SYSTEMDRIVE%\MSOCache\*.* >

< %systemroot%\inf\win\*.* >

< %SYSTEMDRIVE%\users\*.ini /x >

< %systemroot%\Media\*.exe >

< %systemroot%\Media\*.dll >

< %USERPROFILE%\Desktop\*.exe >
[2010/10/30 08:08:29 | 003,895,619 | R--- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\ComboFix.exe
[2010/10/30 04:52:22 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\Defogger.exe
[2010/10/20 12:26:22 | 003,881,515 | R--- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\MyComboFix.exe
[2010/11/10 19:29:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\OTL.exe
[2010/10/30 04:53:14 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Sean McNamara\Desktop\RKUnhookerLE.EXE
[2010/11/07 10:48:46 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sean McNamara\Desktop\TFC.exe

< %PROGRAMFILES%\*.* >

< %systemroot%\system\*.dat >

< %AppData%\AdobeUM\upldrvdrv2\*.* >

< %ProgramFiles%\wiselink\*.* >

< %systemroot%\*.wd >

< %systemroot%\boot\*.* >

< %systemroot%\ime\*.dll /x >

< %systemroot%\system32\GroupPolicy\User\Scripts\*.* /s >

< %systemroot%\system32\*.INS >

< %SYSTEMDRIVE%\Temporary\*.* >

< %AppData%\AdobeUM\vclvclupl66\*.* >

< %SYSTEMDRIVE%\KEY\*.* /s >

< %SYSTEMDRIVE%\INVRSO\*.* >

< %systemroot%\Config\Audit\*.* /s >

< %ProgramFiles%\facebook\*.* >

< %SystemRoot%\system32\___hptmp\*.* >

< %SystemRoot%\system32\Macromedia\*.* >

< %SystemRoot%\system32\Macrocmp\*.* >

< %systemroot%\ap0calypse_00CD1A40\*.* /s >

< %SYSTEMDRIVE%\bbotxxxxxx.exe\*.* >

< %systemroot%\cacher\*.* >

< %systemroot%\down\*.* >

< %systemroot%\up\*.* >

< %SYSTEMDRIVE%\bootstartx.exe\*.* >

< %systemroot%\system32\wbem\grpconv.exe >

< %SYSTEMDRIVE%\Zolander\*.* /s >

< %systemroot%\Media_\*.* >

< %systemroot%\SV1\*.* >

< %systemroot%\system32\Hotspot\*.* >

< %systemroot%\java\*.* >

< %systemroot%\system32\JAVA\*.* >

< %systemroot%\system32\syst\*.* >

< %systemroot%\msapps\*.* >

< %systemroot%\Fonts\*.html >

< %systemroot%\WinRecycleb\*.* >

< %systemroot%\system32\PassTools\*.* >

< %USERPROFILE%\Templates\*.txt >

< %SYSTEMDRIVE%\Drivers\*.* /s >
[2005/06/13 16:51:30 | 004,138,348 | ---- | M] () -- C:\drivers\hpc3800c.cab
[2005/07/05 21:40:58 | 000,078,376 | ---- | M] () -- C:\drivers\hpc3800c.cat
[2005/06/10 19:18:46 | 000,014,904 | ---- | M] () -- C:\drivers\hpc3800c.inf
[2006/07/27 17:02:07 | 000,017,992 | ---- | M] () -- C:\drivers\hpc3800c.PNF
[2005/06/11 00:04:14 | 004,136,970 | ---- | M] () -- C:\drivers\hpc380bc.cab
[2005/07/05 21:40:58 | 000,078,376 | ---- | M] () -- C:\drivers\hpc380bc.cat
[2005/06/10 19:19:56 | 000,013,624 | ---- | M] () -- C:\drivers\hpc380bc.inf
[2006/07/27 17:02:07 | 000,017,288 | ---- | M] () -- C:\drivers\hpc380bc.PNF
[2005/05/05 17:12:26 | 000,025,086 | ---- | M] () -- C:\drivers\hpcp3800.cf_
[1996/10/07 15:53:58 | 000,006,020 | ---- | M] () -- C:\drivers\HPLicEN.txt
[2006/07/27 17:02:07 | 000,004,960 | ---- | M] () -- C:\drivers\INFCACHE.1
[2005/06/13 16:51:38 | 000,302,967 | ---- | M] () -- C:\drivers\p6i2arww.cab
[2005/06/13 16:51:40 | 000,302,845 | ---- | M] () -- C:\drivers\p6i2caww.cab
[2005/06/13 16:51:40 | 000,303,849 | ---- | M] () -- C:\drivers\p6i2csww.cab
[2005/06/13 16:51:44 | 000,302,695 | ---- | M] () -- C:\drivers\p6i2daww.cab
[2005/06/13 16:51:46 | 000,303,569 | ---- | M] () -- C:\drivers\p6i2deww.cab
[2005/06/13 16:51:50 | 000,303,541 | ---- | M] () -- C:\drivers\p6i2elww.cab
[2005/06/13 16:51:46 | 000,303,435 | ---- | M] () -- C:\drivers\p6i2enww.cab
[2005/06/13 16:51:48 | 000,302,845 | ---- | M] () -- C:\drivers\p6i2esww.cab
[2005/06/13 16:52:06 | 000,302,867 | ---- | M] () -- C:\drivers\p6i2fiww.cab
[2005/06/13 16:51:50 | 000,304,585 | ---- | M] () -- C:\drivers\p6i2frww.cab
[2005/06/13 16:51:52 | 000,302,621 | ---- | M] () -- C:\drivers\p6i2heww.cab
[2005/06/13 16:51:56 | 000,303,953 | ---- | M] () -- C:\drivers\p6i2huww.cab
[2005/06/13 16:51:52 | 000,304,303 | ---- | M] () -- C:\drivers\p6i2itww.cab
[2005/06/13 16:51:54 | 000,302,781 | ---- | M] () -- C:\drivers\p6i2jaww.cab
[2005/06/13 16:51:56 | 000,301,793 | ---- | M] () -- C:\drivers\p6i2koww.cab
[2005/06/13 16:51:58 | 000,303,635 | ---- | M] () -- C:\drivers\p6i2nlww.cab
[2005/06/13 16:52:00 | 000,302,909 | ---- | M] () -- C:\drivers\p6i2noww.cab
[2005/06/13 16:52:00 | 000,304,057 | ---- | M] () -- C:\drivers\p6i2plww.cab
[2005/06/13 16:52:02 | 000,304,097 | ---- | M] () -- C:\drivers\p6i2ptww.cab
[2005/06/13 16:52:02 | 000,303,187 | ---- | M] () -- C:\drivers\p6i2ruww.cab
[2005/06/13 16:52:04 | 000,303,435 | ---- | M] () -- C:\drivers\p6i2skww.cab
[2005/06/13 16:52:06 | 000,302,733 | ---- | M] () -- C:\drivers\p6i2svww.cab
[2005/06/13 16:52:08 | 000,303,435 | ---- | M] () -- C:\drivers\p6i2thww.cab
[2005/06/13 16:52:10 | 000,303,549 | ---- | M] () -- C:\drivers\p6i2trww.cab
[2005/06/13 16:51:42 | 000,302,159 | ---- | M] () -- C:\drivers\p6i2zhcn.cab
[2005/06/13 16:51:42 | 000,300,553 | ---- | M] () -- C:\drivers\p6i2zhtw.cab
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\audio\INFCACHE.1
[2005/10/21 15:31:12 | 000,002,081 | ---- | M] () -- C:\drivers\audio\onboard\92xxM.ini
[2005/10/22 01:07:38 | 000,002,596 | ---- | M] () -- C:\drivers\audio\onboard\92XXM2-1.INI
[2005/10/22 01:08:02 | 000,002,738 | ---- | M] () -- C:\drivers\audio\onboard\92XXM2-2.INI
[2005/10/22 01:08:14 | 000,002,596 | ---- | M] () -- C:\drivers\audio\onboard\92XXM2-3.INI
[2005/10/22 01:08:22 | 000,002,473 | ---- | M] () -- C:\drivers\audio\onboard\92XXM2-4.INI
[2005/10/22 01:08:52 | 000,003,311 | ---- | M] () -- C:\drivers\audio\onboard\92XXM8-1.INI
[2005/10/22 01:09:22 | 000,003,742 | ---- | M] () -- C:\drivers\audio\onboard\92XXM8-2.INI
[2006/02/22 20:19:24 | 000,008,056 | ---- | M] () -- C:\drivers\audio\onboard\INFCACHE.1
[2005/09/10 00:18:48 | 000,167,936 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\stacapi.dll
[2005/09/10 00:20:00 | 006,479,872 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\STacGUI.cpl
[2005/09/10 00:21:54 | 000,109,056 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\staco.dll
[2005/09/10 00:22:02 | 000,187,904 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\staco64.dll
[2005/10/21 15:18:08 | 000,012,958 | ---- | M] () -- C:\drivers\audio\onboard\STHDA.cat
[2005/10/21 15:18:10 | 000,213,044 | ---- | M] () -- C:\drivers\audio\onboard\STHDA.INF
[2005/10/21 15:31:14 | 000,001,165 | ---- | M] () -- C:\drivers\audio\onboard\Sthda.ini
[2006/02/22 20:19:24 | 000,107,620 | ---- | M] () -- C:\drivers\audio\onboard\STHDA.PNF
[2005/09/10 00:15:32 | 001,032,472 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\sthda.sys
[2005/09/27 01:14:48 | 000,213,296 | ---- | M] () -- C:\drivers\audio\onboard\STHDA64.INF
[2005/09/27 01:14:48 | 000,001,167 | ---- | M] () -- C:\drivers\audio\onboard\sthda64.ini
[2006/02/22 20:19:24 | 000,107,816 | ---- | M] () -- C:\drivers\audio\onboard\STHDA64.PNF
[2005/09/10 00:15:32 | 000,874,496 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\sthda64.sys
[2005/09/10 00:18:34 | 000,389,120 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\STLang.dll
[2005/09/10 00:19:34 | 000,393,216 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\stsystra.exe
[2005/09/10 00:21:18 | 000,027,136 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\suhlp.exe
[2005/09/10 00:21:22 | 000,033,792 | ---- | M] (SigmaTel, Inc.) -- C:\drivers\audio\onboard\suhlp64.exe
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\modem\INFCACHE.1
[2005/08/09 05:10:06 | 000,133,972 | ---- | M] () -- C:\drivers\modem\onboard\del1028.cty
[2005/08/11 17:02:16 | 000,010,878 | ---- | M] () -- C:\drivers\modem\onboard\del1028k.cat
[2005/08/09 08:01:24 | 000,034,107 | ---- | M] () -- C:\drivers\modem\onboard\del1028K.inf
[2006/02/22 20:19:24 | 000,059,188 | ---- | M] () -- C:\drivers\modem\onboard\del1028K.PNF
[2002/02/04 08:39:20 | 000,000,023 | ---- | M] () -- C:\drivers\modem\onboard\disk1
[2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\drivers\modem\onboard\HSFHWAZL.sys
[2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) -- C:\drivers\modem\onboard\HSF_CNXT.sys
[2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\drivers\modem\onboard\HSF_DPV.sys
[2005/06/24 04:48:28 | 000,577,536 | ---- | M] (Conexant Systems, Inc.) -- C:\drivers\modem\onboard\HXFSetup.exe
[2006/02/22 20:19:24 | 000,004,440 | ---- | M] () -- C:\drivers\modem\onboard\INFCACHE.1
[2005/08/23 01:00:06 | 000,061,502 | ---- | M] () -- C:\drivers\modem\onboard\kb835221.exe
[2004/03/17 04:00:32 | 000,086,016 | ---- | M] (Conexant) -- C:\drivers\modem\onboard\MdmXSdk.dll
[2004/03/17 04:04:14 | 000,013,059 | ---- | M] (Conexant) -- C:\drivers\modem\onboard\MDMXSDK.sys
[2005/08/22 13:07:12 | 000,658,136 | ---- | M] (Microsoft Corporation) -- C:\drivers\modem\onboard\qfe.exe
[2005/08/12 08:41:56 | 000,000,294 | ---- | M] () -- C:\drivers\modem\onboard\readme.txt
[2005/06/24 07:43:36 | 000,583,888 | ---- | M] (Conexant Systems, Inc.) -- C:\drivers\modem\onboard\Setup.exe
[2005/06/20 02:57:20 | 000,110,592 | ---- | M] (Conexant Systems, Inc) -- C:\drivers\modem\onboard\UCI100.dll
[2005/02/02 08:09:46 | 000,155,648 | ---- | M] (Conexant) -- C:\drivers\modem\onboard\UIUDLL.dll
[2005/02/02 08:01:02 | 000,006,857 | ---- | M] (Conexant) -- C:\drivers\modem\onboard\UIUSYS.sys
[2005/08/23 02:28:02 | 000,000,524 | ---- | M] () -- C:\drivers\modem\onboard\Version.txt
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\network\INFCACHE.1
[2006/02/22 20:19:23 | 000,009,304 | ---- | M] () -- C:\drivers\network\addon\INFCACHE.1
[2004/08/31 13:53:22 | 000,188,416 | ---- | M] (Intel Corporation) -- C:\drivers\network\addon\SetupWLD.EXE
[2004/07/15 20:41:50 | 000,004,849 | R--- | M] () -- C:\drivers\network\addon\SetupWLD.ini
[2004/11/01 22:57:58 | 000,000,013 | ---- | M] () -- C:\drivers\network\addon\verfile.tic
[2004/08/01 01:35:40 | 001,654,784 | ---- | M] (Intel Corporation) -- C:\drivers\network\addon\W29MLRES.DLL
[2004/10/21 21:57:56 | 002,866,560 | ---- | M] (Intel® Corporation) -- C:\drivers\network\addon\w29n50.sys
[2004/10/26 17:53:58 | 000,014,386 | R--- | M] () -- C:\drivers\network\addon\w29n51.cat
[2004/10/21 17:58:00 | 000,119,215 | R--- | M] () -- C:\drivers\network\addon\w29n51.INF
[2006/02/22 20:19:23 | 000,107,892 | ---- | M] () -- C:\drivers\network\addon\w29n51.PNF
[2004/10/21 21:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) -- C:\drivers\network\addon\w29n51.sys
[2004/08/01 01:35:26 | 000,458,752 | ---- | M] (Intel Corporation) -- C:\drivers\network\addon\W29NCPA.DLL
[2004/08/31 13:53:26 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\drivers\network\addon\WLDMLRES.DLL
[2005/10/13 21:41:38 | 000,015,651 | ---- | M] () -- C:\drivers\network\onboard\b44win.cat
[2005/09/15 04:01:34 | 000,037,032 | R--- | M] () -- C:\drivers\network\onboard\b44win.inf
[2006/02/22 20:19:23 | 000,035,168 | ---- | M] () -- C:\drivers\network\onboard\b44win.PNF
[2005/08/05 04:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) -- C:\drivers\network\onboard\bcm4sbxp.sys
[2006/02/22 20:19:23 | 000,010,336 | ---- | M] () -- C:\drivers\network\onboard\INFCACHE.1
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\system\INFCACHE.1
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\system\addon\INFCACHE.1
[2006/02/22 20:19:23 | 000,004,376 | ---- | M] () -- C:\drivers\system\addon\MMC\INFCACHE.1
[2005/07/29 05:21:06 | 000,007,852 | ---- | M] () -- C:\drivers\system\addon\MMC\rimmptsk.cat
[2005/07/14 11:59:10 | 000,002,591 | ---- | M] () -- C:\drivers\system\addon\MMC\Rimmptsk.inf
[2006/02/22 20:19:23 | 000,008,412 | ---- | M] () -- C:\drivers\system\addon\MMC\Rimmptsk.PNF
[2005/07/14 11:58:14 | 000,028,544 | ---- | M] (REDC) -- C:\drivers\system\addon\MMC\rimmptsk.sys
[2006/02/22 20:19:23 | 000,005,776 | ---- | M] () -- C:\drivers\system\addon\MS\INFCACHE.1
[2005/07/29 05:21:06 | 000,009,887 | ---- | M] () -- C:\drivers\system\addon\MS\rimsptsk.cat
[2005/07/11 03:47:50 | 000,003,686 | ---- | M] () -- C:\drivers\system\addon\MS\rimsptsk.inf
[2006/02/22 20:19:23 | 000,010,012 | ---- | M] () -- C:\drivers\system\addon\MS\rimsptsk.PNF
[2005/07/12 12:00:30 | 000,051,328 | ---- | M] (REDC) -- C:\drivers\system\addon\MS\Rimsptsk.sys
[2004/09/03 05:00:00 | 000,090,112 | ---- | M] (Sony Corporation) -- C:\drivers\system\addon\MS\snymsico.dll
[2006/02/22 20:19:23 | 000,005,776 | ---- | M] () -- C:\drivers\system\addon\XD\INFCACHE.1
[2005/05/06 11:06:32 | 000,016,480 | ---- | M] () -- C:\drivers\system\addon\XD\RixDICON.dll
[2005/07/29 05:21:06 | 000,009,887 | ---- | M] () -- C:\drivers\system\addon\XD\rixdptsk.cat
[2005/07/14 10:07:06 | 000,004,206 | ---- | M] () -- C:\drivers\system\addon\XD\rixdptsk.inf
[2006/02/22 20:19:23 | 000,010,736 | ---- | M] () -- C:\drivers\system\addon\XD\rixdptsk.PNF
[2005/07/14 10:28:38 | 000,307,968 | ---- | M] (REDC) -- C:\drivers\system\addon\XD\Rixdptsk.sys
[2004/09/28 08:29:00 | 000,009,257 | ---- | M] () -- C:\drivers\system\onboard\915.cat
[2004/03/11 02:21:22 | 000,003,627 | ---- | M] () -- C:\drivers\system\onboard\915.inf
[2006/02/22 20:19:23 | 000,006,260 | ---- | M] () -- C:\drivers\system\onboard\915.PNF
[2004/09/28 08:29:00 | 000,007,505 | ---- | M] () -- C:\drivers\system\onboard\915M.cat
[2004/06/10 07:05:06 | 000,003,374 | ---- | M] () -- C:\drivers\system\onboard\915M.inf
[2006/02/22 20:19:23 | 000,005,588 | ---- | M] () -- C:\drivers\system\onboard\915M.PNF
[2004/09/28 08:29:02 | 000,008,227 | ---- | M] () -- C:\drivers\system\onboard\ich6core.cat
[2004/04/05 08:19:54 | 000,004,824 | ---- | M] () -- C:\drivers\system\onboard\ich6core.inf
[2006/02/22 20:19:23 | 000,009,052 | ---- | M] () -- C:\drivers\system\onboard\ich6core.PNF
[2004/09/28 08:29:02 | 000,007,723 | ---- | M] () -- C:\drivers\system\onboard\ich6ide.cat
[2004/03/24 08:50:52 | 000,003,726 | ---- | M] () -- C:\drivers\system\onboard\ich6ide.inf
[2006/02/22 20:19:23 | 000,006,504 | ---- | M] () -- C:\drivers\system\onboard\ich6ide.PNF
[2004/09/28 08:29:02 | 000,009,265 | ---- | M] () -- C:\drivers\system\onboard\ich6usb.cat
[2004/03/11 02:21:34 | 000,003,891 | ---- | M] () -- C:\drivers\system\onboard\ich6usb.inf
[2006/02/22 20:19:23 | 000,006,844 | ---- | M] () -- C:\drivers\system\onboard\ich6usb.PNF
[2003/09/12 07:06:36 | 000,004,212 | ---- | M] () -- C:\drivers\system\onboard\INFAnswr.txt
[2006/02/22 20:19:23 | 000,006,608 | ---- | M] () -- C:\drivers\system\onboard\INFCACHE.1
[2006/02/22 20:13:46 | 000,004,128 | ---- | M] () -- C:\drivers\video\INFCACHE.1
[2005/10/14 21:45:22 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\hccutils.dll
[2005/10/14 21:46:34 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\hkcmd.exe
[2005/10/14 22:06:54 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmcoin.dll
[2005/10/14 22:14:16 | 000,901,242 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmdd5.dll
[2005/10/14 22:06:40 | 000,213,274 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmdev5.dll
[2005/10/14 22:06:52 | 000,118,395 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmdnt5.dll
[2005/10/20 16:03:28 | 000,103,844 | ---- | M] () -- C:\drivers\video\onboard\ialmnt5.inf
[2006/02/22 20:19:23 | 000,094,412 | ---- | M] () -- C:\drivers\video\onboard\ialmnt5.PNF
[2005/10/14 22:15:18 | 001,302,812 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmnt5.sys
[2005/10/14 22:06:54 | 000,049,152 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmrem.dll
[2005/10/14 22:06:58 | 000,036,990 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\ialmrnt5.dll
[2005/10/14 21:51:06 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuARA.dll
[2005/10/14 21:51:06 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuARB.dll
[2005/10/14 21:51:06 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuCHS.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuCHT.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuCSY.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuDAN.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuDEU.dll
[2005/10/14 21:51:06 | 000,114,688 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmudlg.exe
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuELL.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuENG.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuESP.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuFIN.dll
[2005/10/14 21:51:08 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuFRA.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuFRC.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuHEB.dll
[2005/10/14 21:51:14 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuHUN.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuITA.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuJPN.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuKOR.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuNLD.dll
[2005/10/14 21:51:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuNOR.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuPLK.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuPTB.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuPTG.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuRUS.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuSVE.dll
[2005/10/14 21:51:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuTHA.dll
[2005/10/14 21:51:14 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\drivers\video\onboard\ialmuTRK.dll
[2005/10/14 21:49:08 | 000,446,464 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxcfg.exe
[2005/10/14 21:49:18 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxcpl.cpl
[2005/10/14 21:45:38 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxdev.dll
[2005/10/14 21:46:38 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxdo.dll
[2005/10/14 21:50:24 | 000,040,960 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxexps.dll
[2005/10/14 21:50:22 | 000,094,208 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxext.exe
[2005/10/25 10:32:56 | 000,048,781 | ---- | M] () -- C:\drivers\video\onboard\igfxnt5.cat
[2005/10/14 21:50:30 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxpers.exe
[2005/10/14 21:49:30 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxpph.dll
[2005/10/14 21:50:38 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrara.lrc
[2005/10/14 21:50:40 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrchs.lrc
[2005/10/14 21:50:40 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrcht.lrc
[2005/10/14 21:50:40 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrcsy.lrc
[2005/10/14 21:50:40 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrdan.lrc
[2005/10/14 21:50:42 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrdeu.lrc
[2005/10/14 21:50:42 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrell.lrc
[2005/10/14 21:45:44 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrenu.lrc
[2005/10/14 21:50:42 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxresp.lrc
[2005/10/14 21:49:36 | 001,503,232 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxress.dll
[2005/10/14 21:50:42 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrfin.lrc
[2005/10/14 21:50:42 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrfra.lrc
[2005/10/14 21:50:44 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrheb.lrc
[2005/10/14 21:50:44 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrhun.lrc
[2005/10/14 21:50:44 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrita.lrc
[2005/10/14 21:50:44 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrjpn.lrc
[2005/10/14 21:50:46 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrkor.lrc
[2005/10/14 21:50:46 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrnld.lrc
[2005/10/14 21:50:46 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrnor.lrc
[2005/10/14 21:50:46 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrplk.lrc
[2005/10/14 21:50:48 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrptb.lrc
[2005/10/14 21:50:48 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrptg.lrc
[2005/10/14 21:50:48 | 000,143,360 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrrus.lrc
[2005/10/14 21:50:48 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrsve.lrc
[2005/10/14 21:50:48 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrtha.lrc
[2005/10/14 21:50:50 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxrtrk.lrc
[2005/10/14 21:46:28 | 000,057,344 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxsrvc.dll
[2005/10/14 21:46:24 | 000,159,744 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxsrvc.exe
[2005/10/14 21:49:46 | 000,094,208 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxtray.exe
[2005/10/14 21:50:16 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igfxzoom.exe
[2005/10/14 21:59:00 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\igldev32.dll
[2005/10/14 21:57:06 | 002,310,144 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\iglicd32.dll
[2005/10/14 21:40:56 | 000,524,850 | ---- | M] () -- C:\drivers\video\onboard\igxpxa32.cpa
[2005/10/14 21:40:56 | 000,000,929 | ---- | M] () -- C:\drivers\video\onboard\igxpxa32.vp
[2005/10/14 21:40:56 | 000,058,704 | ---- | M] () -- C:\drivers\video\onboard\igxpxk32.vp
[2005/10/14 22:27:56 | 000,024,704 | ---- | M] () -- C:\drivers\video\onboard\igxpxs32.vp
[2006/02/22 20:19:23 | 000,009,912 | ---- | M] () -- C:\drivers\video\onboard\INFCACHE.1
[2005/10/14 21:50:34 | 000,053,248 | ---- | M] (Intel Corporation) -- C:\drivers\video\onboard\oemdspif.dll

< %systemroot%\system32\cock\*.* >

< %systemroot%\system32\xmldm\*.* >

< %systemroot%\system32\ui\*.* /s >

< %SYSTEMDRIVE%\autorun.inf\*.* /s >

< %ProgramFiles%\autorun.inf\*.* /s >

< %ProgramFiles%\Windows Media Player\autorun.inf\*.* /s >

< %ProgramFiles%\Windows Media Player\c\*.* /s >

< %systemroot%\win\*.* >

< %systemroot%\system32\update_flash\*.* >

< %systemroot%\system32\dllcache\*.bak >

< %SYSTEMDRIVE%\wedfwefeee.exe\*.* >

< %SYSTEMDRIVE%\explorxxxx.exe\*.* >

< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download >
"CheckExeSignatures" = yes
"RunInvalidSignatures" = 0

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Providers|ProviderFileName6 /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-10 11:44:02

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

Attached Files



#21 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 15 November 2010 - 11:53 AM

Bump : )

#22 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 15 November 2010 - 02:52 PM

Run OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    [2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\zb0q3jr.dll
    [2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
    [2004/08/11 18:00:18 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
    [2004/08/11 18:00:18 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
    [2004/08/11 18:00:18 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
    [2004/08/11 18:00:18 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\dfocrca.dll
    [2004/08/11 18:00:18 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
    [2004/08/11 18:00:18 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
    [2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\vim0t9x.dll
    [2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\r6drpj8.dll
    [2004/08/11 18:00:18 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\njaklmm.dll
    [2010/10/17 14:58:57 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pbecuvomuyix.dat
    [2010/10/18 21:05:50 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Pbecuvomuyix.dat
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra Button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - File not found
    O9 - Extra Button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - File not found
    O9 - Extra Button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - File not found
    O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY] 
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS] 
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#23 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 15 November 2010 - 03:52 PM

Here's the report. Will surf a bit tonight and see if this improved things.

Thanks!


All processes killed
========== OTL ==========
C:\WINDOWS\system32\zb0q3jr.dll moved successfully.
C:\WINDOWS\system32\clauth2.dll moved successfully.
C:\WINDOWS\system32\clauth1.dll moved successfully.
C:\WINDOWS\system32\grcauth2.dll moved successfully.
C:\WINDOWS\system32\grcauth1.dll moved successfully.
C:\WINDOWS\system32\dfocrca.dll moved successfully.
C:\WINDOWS\system32\prsgrc.dll moved successfully.
C:\WINDOWS\system32\ssprs.dll moved successfully.
C:\WINDOWS\system32\vim0t9x.dll moved successfully.
C:\WINDOWS\system32\r6drpj8.dll moved successfully.
C:\WINDOWS\system32\njaklmm.dll moved successfully.
C:\WINDOWS\Pbecuvomuyix.dat moved successfully.
File C:\WINDOWS\Pbecuvomuyix.dat not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{669B269B-0D4E-41FB-A3D8-FD67CA94F646}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669B269B-0D4E-41FB-A3D8-FD67CA94F646}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8828075D-D097-4055-AA02-2DBFA9D85E8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8828075D-D097-4055-AA02-2DBFA9D85E8A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{97809617-3937-4F84-B335-9BB05EF1A8D4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97809617-3937-4F84-B335-9BB05EF1A8D4}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\https deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Sean McNamara\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Sean McNamara\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 7186 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: SEAN

User: Sean McNamara
->Temp folder emptied: 4647 bytes
->Temporary Internet Files folder emptied: 3321076 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49827130 bytes
->Google Chrome cache emptied: 14792362 bytes
->Flash cache emptied: 14705 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2396910 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 67.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: SEAN

User: Sean McNamara
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.17.3 log created on 11152010_151337

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#24 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 15 November 2010 - 05:25 PM

yes do let me know



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#25 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 15 November 2010 - 05:43 PM

So far, I'm still getting a new browser window launching/popping up on regular website clicks that directs to http://www.google-analytics.com/...

#26 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 15 November 2010 - 10:48 PM

Hello

I want you to try something, Go to this web page to see how to change the DNS settings on the computer - http://www.mediacollege.com/computer/network/dns.html

the DNS settings I want you to use are - 208.67.222.222, 208.67.220.220

Let me know if this helped

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#27 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 16 November 2010 - 10:05 AM

Changing the DNS servers appears to have worked. Haven't had any pop-up with Chrome or Firefox this morning. :thumbup2:

#28 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 16 November 2010 - 12:20 PM

Hello

Good keep an eye on it for a day or two and let me know how things go if they are ok we will move forward


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#29 swmcn

swmcn
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 18 November 2010 - 08:46 AM

No pop ups or redirects the past 2 days!

#30 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:57 AM

Posted 18 November 2010 - 09:25 AM

Hello

That is great!!! I want you to update MBAM and send me a new report



Clear your Java Cache

  • click on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      Applications and Applets
      Trace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.


TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan

Go Eset web page to run an online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the activex control to install
    • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • Log From ESET Online Scanner
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users