Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OTL log


  • This topic is locked This topic is locked
2 replies to this topic

#1 Celtictexan

Celtictexan

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 11 April 2011 - 04:49 PM

I had mis posted this on my other topic where I'm getting helped and was instructed to move it here, then let him know what is said. Thanks

OTL logfile created on: 4/8/2011 6:33:02 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Michael D McAllister\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.74 Gb Total Space | 398.06 Gb Free Space | 85.47% Space Free | Partition Type: NTFS
Drive D: | 465.74 Gb Total Space | 436.98 Gb Free Space | 93.82% Space Free | Partition Type: NTFS

Computer Name: CELTICTEXAN | User Name: Michael D McAllister | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/08 18:22:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael D McAllister\Desktop\OTL.exe
PRC - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/01/07 14:54:12 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/10 07:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/12/10 07:28:56 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/11/27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/01/19 19:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 19:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/02/22 22:43:55 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/11/12 19:49:28 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files\Ideazon\ZEngine\Zboard.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/08 18:22:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael D McAllister\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/31 10:19:02 | 001,156,568 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2011/03/01 09:56:36 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/31 09:36:22 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/12/10 07:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/10/05 18:19:29 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/10/05 18:13:46 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/05/28 17:20:39 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/19 19:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 19:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 19:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2009/11/06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/02/22 22:43:55 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/03/31 10:18:52 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2011/03/31 10:18:52 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2011/01/17 09:11:12 | 000,125,248 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2011/01/17 09:10:26 | 000,251,560 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2011/01/12 11:36:22 | 000,089,472 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/12/31 09:36:40 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/12/31 09:36:38 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/12/31 09:36:36 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/16 08:46:04 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/12/10 16:57:26 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/17 07:03:56 | 000,101,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/06/29 18:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/19 19:53:46 | 000,127,016 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 19:53:44 | 001,118,248 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2009/11/24 22:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/07/07 05:59:03 | 001,810,560 | R--- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ctafilt.sys -- (Ctafilt)
DRV - [2008/04/17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/03 09:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/12/11 13:42:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/10/11 21:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/07/23 09:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/07/17 19:40:20 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/07/17 19:40:14 | 000,034,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/20 11:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2007/02/03 10:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/12/27 23:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/02/28 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\beep.sys -- (Beep)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-343818398-2147019285-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
IE - HKU\S-1-5-21-725345543-343818398-2147019285-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-343818398-2147019285-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF - HKLM\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/04/03 08:01:14 | 000,000,000 | ---D | M]

[2010/12/26 15:22:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michael D McAllister\Application Data\Mozilla\Extensions
[2010/12/26 15:22:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michael D McAllister\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/09/11 19:26:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michael D McAllister\Application Data\Mozilla\Extensions\mozswing@mozswing.org
File not found (No name found) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-343818398-2147019285-1004\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CtaMon] C:\WINDOWS\System32\CtaMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTAPR2] C:\Program Files\Creative\SB Arena Surround Headset\Console Launcher 3\Entertainment Console\CTAPR2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKU\S-1-5-21-725345543-343818398-2147019285-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-725345543-343818398-2147019285-1004..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe (NOS Microsystems Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SetPointII.lnk = C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-343818398-2147019285-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-343818398-2147019285-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileSharing = 1
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/22 11:19:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/05/22 11:19:38 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7c660098-112d-11e0-b891-001d92de387d}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[9999/03/16 16:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows Support Tools
[9999/03/16 16:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
[9999/03/13 16:46:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\Malwarebytes
[9999/03/13 16:46:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[9999/03/13 16:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[9999/03/13 16:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[9999/03/13 16:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[9999/03/13 15:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[9999/03/13 15:51:49 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[9999/03/13 14:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Templates
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Favorites
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Desktop
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/04/08 18:24:04 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Michael D McAllister\Desktop\aswMBR.exe
[2011/04/08 18:22:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael D McAllister\Desktop\OTL.exe
[2011/04/06 21:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft.temp
[2011/04/06 19:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\SUPERAntiSpyware.com
[2011/04/06 19:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2011/04/06 19:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Start Menu\Programs\SUPERAntiSpyware
[2011/04/06 19:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/04/06 19:10:52 | 000,000,000 | ---D | C] -- C:\DVR115D
[2011/04/06 19:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\PackageAware
[2011/04/05 19:51:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael D McAllister\Recent
[2011/04/05 19:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\CCleaner
[2011/04/05 19:49:36 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Michael D McAllister\Desktop\ccsetup305.exe
[2011/04/05 18:43:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/04/05 18:43:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/04/05 18:43:22 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/04/05 18:43:21 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/04/05 18:43:21 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/04/05 18:43:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/04/05 18:43:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/04/05 18:43:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/04/05 18:43:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/04/05 18:43:18 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/04/05 18:43:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/04/05 18:43:17 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/04/05 18:43:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/04/05 18:43:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/04/05 18:43:16 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/04/05 18:43:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/04/05 18:43:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/04/05 18:43:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/04/05 18:42:46 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/04/05 18:42:44 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/04/05 18:42:44 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/04/05 18:42:43 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/04/05 18:42:43 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/04/05 18:42:42 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/04/05 18:42:42 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/04/05 18:42:41 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/04/05 18:42:27 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/04/05 18:42:12 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/04/05 18:41:45 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/04/05 18:41:45 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/04/05 18:41:44 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/04/05 18:41:44 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/04/05 18:41:44 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/04/05 18:41:42 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/04/05 18:41:41 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/04/05 18:41:40 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/04/05 18:41:39 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/04/05 18:41:39 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/04/05 18:41:38 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/04/05 18:10:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/04/05 18:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2011/04/05 17:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Desktop\backups
[2011/04/03 16:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\System Mechanic Professional
[2011/04/03 16:37:08 | 000,087,688 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2011/04/03 16:37:07 | 002,234,552 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[2011/04/03 16:37:04 | 000,009,341 | ---- | C] (iolo technologies, LLC (based on original work by Bo Brantén)) -- C:\WINDOWS\System32\drivers\filedisk.sys
[2011/04/03 16:36:56 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/04/03 16:36:55 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/04/03 16:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2011/04/03 10:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2011/04/03 08:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\Spam Monitor
[2011/04/03 08:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\PCToolsFirewallPlus
[2011/04/03 08:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\My Documents\Add-in Express
[2011/04/03 08:01:09 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2011/04/03 08:01:09 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2011/04/03 08:01:09 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2011/04/03 07:58:47 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/04/03 07:58:47 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/04/03 07:58:46 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/04/03 07:58:42 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/04/03 07:58:42 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/04/03 07:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PC Tools Security
[2011/04/03 07:58:00 | 000,069,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2011/04/03 07:58:00 | 000,051,984 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2011/04/03 07:58:00 | 000,033,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2011/04/03 07:57:54 | 000,125,248 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2011/04/03 07:57:54 | 000,089,472 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2011/04/03 07:57:54 | 000,056,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011/04/03 07:57:54 | 000,031,960 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011/04/03 07:57:50 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/04/03 07:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/02 17:33:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael D McAllister\UserData
[2011/04/02 15:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/04/02 13:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Easy Assist
[2011/04/02 13:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Applications
[2011/04/02 09:18:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/04/02 08:45:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\PIF
[2011/04/01 18:01:27 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2011/03/26 10:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\My Documents\Sony PMB
[2011/03/26 10:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PMB
[2011/03/26 09:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\ElevatedDiagnostics
[2011/03/26 09:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows PowerShell 1.0
[2011/03/26 09:06:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/03/26 08:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\muvee Technologies
[2011/03/26 08:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\DV TS
[2011/03/26 08:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael D McAllister\Application Data\Sony Corporation
[2011/03/26 08:37:06 | 000,000,000 | ---D | C] -- C:\Drivers
[2011/03/26 08:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/03/26 08:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
[2011/03/25 15:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/03/25 15:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic
[2011/03/17 18:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\iTunes
[2011/03/17 18:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/17 18:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/17 18:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/03/16 19:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Ventrilo
[2011/03/16 19:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2011/03/16 19:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[9999/03/15 19:07:41 | 000,158,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[9999/03/13 16:46:20 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/08 18:26:21 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\MBR.dat
[2011/04/08 18:24:07 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Michael D McAllister\Desktop\aswMBR.exe
[2011/04/08 18:22:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael D McAllister\Desktop\OTL.exe
[2011/04/08 17:46:28 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/08 17:10:04 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D100651A-8656-4A3F-8568-66781E26227E}.job
[2011/04/08 16:52:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/06 19:46:04 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/06 19:18:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/06 18:53:50 | 000,716,510 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/06 18:53:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/05 19:54:08 | 000,001,170 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\cc_20110405_195357.reg
[2011/04/05 19:50:24 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\CCleaner.lnk
[2011/04/05 19:49:42 | 003,050,664 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Michael D McAllister\Desktop\ccsetup305.exe
[2011/04/05 18:39:53 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\Internet Explorer.lnk
[2011/04/05 18:17:55 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/03 16:37:10 | 000,001,806 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\System Mechanic Professional.lnk
[2011/04/03 13:57:46 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Desktop\What's Running.lnk
[2011/04/03 09:55:20 | 000,002,570 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110403_095516.reg
[2011/04/03 09:26:58 | 000,000,222 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/04/03 09:26:27 | 000,005,888 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110403_092620.reg
[2011/04/03 07:58:01 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PC Tools Internet Security.lnk
[2011/04/03 07:51:48 | 000,513,016 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\issetup.exe
[2011/04/02 19:27:39 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/04/02 17:50:37 | 000,000,358 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\rejoin link.rtf
[2011/04/02 17:48:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\null0.34950490340029605.exe
[2011/04/02 15:22:47 | 000,001,156 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110402_152239.reg
[2011/04/02 15:22:02 | 000,020,988 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110402_152154.reg
[2011/04/02 14:54:26 | 000,008,560 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/02 14:25:15 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\18669364
[2011/04/02 09:31:35 | 000,453,312 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/02 09:31:35 | 000,074,202 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/02 00:16:10 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\21552948
[2011/04/01 19:38:51 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\18734900
[2011/04/01 18:47:13 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\20700980
[2011/04/01 18:10:25 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\22404916
[2011/03/31 10:18:52 | 000,056,536 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011/03/31 10:18:52 | 000,031,960 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011/03/27 17:18:37 | 000,194,048 | ---- | M] () -- C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/26 10:06:31 | 000,001,581 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB Help.lnk
[2011/03/26 10:06:31 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB.lnk
[2011/03/26 10:06:31 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB Launcher.lnk
[2011/03/17 18:01:51 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2011/03/17 16:01:10 | 000,000,386 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/03/16 19:34:41 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Ventrilo.lnk
[2011/03/15 15:24:20 | 000,087,688 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2011/03/15 15:23:32 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/03/15 15:23:26 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/03/15 15:21:16 | 002,234,552 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[9999/03/13 16:46:20 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2099/01/01 12:00:00 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2099/01/01 12:00:00 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2099/01/01 12:00:00 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2099/01/01 12:00:00 | 000,158,752 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2099/01/01 12:00:00 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2099/01/01 12:00:00 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2099/01/01 12:00:00 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2099/01/01 12:00:00 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2099/01/01 12:00:00 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2099/01/01 12:00:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2099/01/01 12:00:00 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2099/01/01 12:00:00 | 000,000,553 | ---- | C] () -- C:\WINDOWS\USetup.iss
[2099/01/01 12:00:00 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/04/08 18:26:21 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\MBR.dat
[2011/04/08 17:46:28 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/08 17:46:28 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader X.lnk
[2011/04/06 19:46:04 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/06 18:52:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/04/05 19:54:02 | 000,001,170 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\cc_20110405_195357.reg
[2011/04/05 19:50:24 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\CCleaner.lnk
[2011/04/05 19:38:45 | 000,000,452 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D100651A-8656-4A3F-8568-66781E26227E}.job
[2011/04/05 18:42:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/04/05 18:42:37 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/04/05 18:42:37 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/04/05 18:42:36 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/04/05 18:42:36 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/04/05 18:42:35 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/04/05 18:42:35 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/04/05 18:42:35 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/04/05 18:42:34 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/04/05 18:42:31 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/04/05 18:39:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\Internet Explorer.lnk
[2011/04/03 16:37:10 | 000,001,806 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\System Mechanic Professional.lnk
[2011/04/03 13:57:46 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Desktop\What's Running.lnk
[2011/04/03 09:55:18 | 000,002,570 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110403_095516.reg
[2011/04/03 09:26:23 | 000,005,888 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110403_092620.reg
[2011/04/03 08:01:11 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/04/03 08:01:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/04/03 08:01:10 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/04/03 08:01:09 | 000,002,125 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/04/03 08:01:09 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/04/03 07:58:01 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PC Tools Internet Security.lnk
[2011/04/03 07:51:47 | 000,513,016 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\issetup.exe
[2011/04/02 17:50:37 | 000,000,358 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\rejoin link.rtf
[2011/04/02 17:48:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\null0.34950490340029605.exe
[2011/04/02 15:22:40 | 000,001,156 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110402_152239.reg
[2011/04/02 15:21:57 | 000,020,988 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\My Documents\cc_20110402_152154.reg
[2011/04/02 14:25:15 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\18669364
[2011/04/02 00:16:10 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\21552948
[2011/04/01 19:38:51 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\18734900
[2011/04/01 18:47:13 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\20700980
[2011/04/01 18:10:25 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\22404916
[2011/03/26 10:06:31 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB Help.lnk
[2011/03/26 10:06:31 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB.lnk
[2011/03/26 10:06:31 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PMB Launcher.lnk
[2011/03/26 10:06:30 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PMB
[2011/03/26 08:37:06 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2011/03/25 15:30:40 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/03/17 18:01:51 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2011/03/16 19:34:40 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Ventrilo.lnk
[2010/10/05 18:15:09 | 000,032,487 | R--- | C] () -- C:\WINDOWS\System32\xfiCta.ini
[2010/10/05 18:14:34 | 000,233,984 | R--- | C] () -- C:\WINDOWS\System32\KSXPPI32.dll
[2010/10/02 12:11:16 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\PUTTY.RND
[2010/09/02 18:09:07 | 000,029,904 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/06 10:46:59 | 032,088,576 | ---- | C] () -- C:\Program Files\HR Block 2009.msi
[2010/02/06 23:32:08 | 000,012,160 | -HS- | C] () -- C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\bU5Sv
[2010/01/20 19:14:33 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2010/01/19 18:57:50 | 000,008,560 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/08 10:18:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2009/08/08 09:57:52 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electric Clav
[2009/08/08 09:57:52 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\Michael D McAllister\Application Data\Drums
[2009/08/08 09:57:52 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdw.DAT
[2009/08/08 09:57:52 | 000,000,012 | R--- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\External Build System
[2009/08/08 09:50:46 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Echo
[2009/08/08 09:50:46 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\Michael D McAllister\Application Data\Documents
[2009/08/08 09:50:46 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdu.DAT
[2009/08/08 09:50:46 | 000,000,012 | R--- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Equalizer
[2009/07/31 18:13:29 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/05/21 16:11:58 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Application Data\setup_ldm.iss
[2009/03/16 14:53:10 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/16 14:53:10 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/02/23 16:39:30 | 000,196,565 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/01/13 12:10:25 | 000,109,697 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2009/01/12 17:13:36 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/11/12 02:49:26 | 000,194,048 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/07 17:05:54 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michael D McAllister\Application Data\$_hpcst$.hpc
[2008/11/01 10:22:11 | 000,019,487 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2008/10/30 19:50:51 | 000,164,152 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2008/10/30 19:50:51 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2008/10/30 18:40:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/10/30 18:13:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/10/30 17:36:04 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/10/30 17:35:46 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/10/30 17:19:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/10/30 17:14:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/30 12:00:51 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\atibrtmon.exe
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/01/31 17:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/19 09:19:32 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/07/19 09:19:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,453,312 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,074,202 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/11/27 23:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.CELTICTEXAN\Application Data\iolo
[2008/07/16 18:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2008/07/13 22:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[9999/03/15 21:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2099/01/01 12:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/02 13:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Applications
[2008/10/30 21:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Earthsim
[2009/08/08 09:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EnterNHelp
[2010/05/28 18:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\espionServerData
[2011/04/03 16:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\iolo
[2011/03/26 08:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\muvee Technologies
[2009/08/08 09:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nikon
[2010/04/06 10:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TaxCut
[2011/04/08 17:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/12/26 15:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TomTom
[2009/08/08 09:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ultima_T15
[2010/04/07 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/13 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/16 16:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/11/27 23:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User.WINDOWS\Application Data\iolo
[2008/09/30 21:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/10/27 09:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\iolo
[2010/01/20 18:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Blitware
[2010/05/28 16:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\CBS Interactive
[2010/01/21 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\DeviceDoctorSoftware
[2010/12/18 00:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Electronic Arts
[2011/04/02 17:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\ElevatedDiagnostics
[2009/04/23 16:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Ideazon
[2008/12/24 15:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\ieSpell
[2011/04/03 17:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\iolo
[2009/01/12 19:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Leadertech
[2009/08/08 10:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Nikon
[2010/07/20 19:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\No Company Name
[2011/04/03 08:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\PCToolsFirewallPlus
[2010/04/08 20:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\SecondLife
[2011/04/03 08:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Spam Monitor
[2010/04/06 10:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\TaxCut
[2010/12/26 15:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\TomTom
[2008/11/11 22:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Windows Desktop Search
[2009/01/11 18:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael D McAllister\Application Data\Windows Search
[2010/02/07 02:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\iolo
[2011/02/27 03:35:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2011/04/08 17:10:04 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D100651A-8656-4A3F-8568-66781E26227E}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:430C6D84
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8

< End of report >

Im not sure if this has been forgot or missed. My original post was closed not sure why.

EDIT: Please be patient. There are over 350 unanswered topics in this forum at present and the current average wait time to receive help is 10 days. ~Budapest

Edited by Budapest, 17 April 2011 - 04:18 PM.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,980 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 21 April 2011 - 02:53 PM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log (don't forget attach.txt)

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,980 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 27 April 2011 - 10:21 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users