Solved Windows host process (run32dll) stops working

TheMick · 2010/08/31

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://insightbb.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search "
FF - prefs.js..browser.search.selectedEngine: "Secure Search "
FF - prefs.js..browser.startup.homepage: "http://pogo.com/ "
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p= "

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/16 21:39:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/09/01 00:09:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/01 00:06:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 19:05:53 | 000,000,000 | ---D | M]

[2009/08/09 02:30:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Extensions
[2010/08/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions
[2010/08/16 23:46:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/27 02:34:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/08/19 19:43:12 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/08/31 22:22:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100901000637.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = none
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O15 - HKCU\..Trusted Domains: insightbb.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: trymedia.com ([fe] * in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-nz/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6064/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/09/01 00:24:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/09/01 00:06:36 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/09/01 00:06:10 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/09/01 00:06:10 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/09/01 00:06:09 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/09/01 00:06:09 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/09/01 00:06:09 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/09/01 00:06:09 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/09/01 00:06:09 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/09/01 00:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\temp
[2010/08/31 22:22:45 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/31 22:10:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/31 22:10:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/31 22:10:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/31 22:10:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/31 22:10:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/31 22:09:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/31 03:02:33 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2010/08/31 03:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2010/08/30 03:06:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/30 02:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\AddThis Toolbar
[2010/08/29 03:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/08/25 16:02:22 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/08/23 20:48:18 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\Roboex32.dll
[2010/08/23 14:25:22 | 000,122,949 | ---- | C] (Buzz Tools, Inc.) -- C:\Windows\System32\mir4.dll
[2010/08/23 14:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Buzz Tools
[2010/08/17 16:49:23 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\FixItCenter
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2010/08/16 23:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/16 11:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/16 11:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/08/16 11:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2010/08/15 04:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2010/08/14 00:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2010/08/14 00:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/08/13 23:13:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Malwarebytes
[2010/08/13 23:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/12 22:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Designer's Gallery
[2010/08/11 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Corporation
[2010/08/11 14:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Office-Kit.com
[2010/08/10 03:03:44 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2010/08/08 15:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/08/08 15:17:31 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/08 15:14:33 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Help
[2010/08/08 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/08/08 04:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2010/08/07 23:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\M779
[2010/08/07 23:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\NetWaiting
[2010/08/07 23:24:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/08/07 23:20:31 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010/08/07 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Remote Access
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Dell
[2010/08/07 22:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/08/07 22:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/08/07 22:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect
[2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Designer's Gallery
[2010/08/07 02:17:43 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Dell
[2010/08/05 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2010/08/05 00:44:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\McAfee Anti-Theft
[2010/08/05 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Anti-Theft
[2010/08/04 00:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/08/03 13:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\EMBIRD32
[2010/08/03 13:27:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/07/31 07:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/07/21 19:31:05 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Documents\brenda
[2010/07/18 23:09:41 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/07/18 22:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adorable Ideas
[2010/07/17 20:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Fonts
[2010/07/08 00:07:53 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Desktop\graphics
[2010/06/25 03:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/18 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Babylock
[2010/06/03 20:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

========== Files - Modified Within 90 Days ==========

[2010/09/01 00:29:05 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/09/01 00:24:44 | 002,621,440 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT
[2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/09/01 00:10:25 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/09/01 00:09:36 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/01 00:09:22 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 00:09:22 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 00:09:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/01 00:09:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/01 00:09:12 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 00:08:19 | 000,524,288 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 00:08:19 | 000,065,536 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/01 00:08:17 | 005,815,987 | -H-- | M] () -- C:\Users\Brenda\AppData\Local\IconCache.db
[2010/08/31 23:52:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/31 23:49:54 | 000,000,107 | ---- | M] () -- C:\Windows\password.ini
[2010/08/31 22:22:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/31 22:22:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/31 03:02:35 | 000,000,910 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
[2010/08/30 18:10:14 | 430,905,839 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/28 00:10:24 | 000,000,998 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/28 00:10:21 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/08/25 20:10:20 | 000,011,152 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2010/08/25 20:06:08 | 000,307,102 | ---- | M] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 21:05:13 | 000,000,107 | ---- | M] () -- C:\password.ini
[2010/08/23 14:25:32 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:15:46 | 000,773,076 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 14:15:46 | 000,653,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 14:15:46 | 000,122,330 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 02:17:38 | 000,000,548 | ---- | M] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 23:39:57 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/08/19 21:42:50 | 000,011,264 | ---- | M] () -- C:\Users\Brenda\Documents\MEDICATION FOR BREDA SWEARINGEN.wps
[2010/08/19 18:35:10 | 000,105,384 | ---- | M] () -- C:\Users\Brenda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/18 23:12:00 | 000,387,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/18 21:41:35 | 000,000,221 | ---- | M] () -- C:\Windows\win.ini
[2010/08/17 01:58:28 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:54 | 004,231,168 | ---- | M] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 04:05:38 | 000,000,045 | ---- | M] () -- C:\Windows\system32commongn.dat
[2010/08/13 21:58:07 | 000,001,771 | ---- | M] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/08/13 21:51:53 | 000,000,940 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/08/12 22:37:40 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | M] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | M] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | M] () -- C:\Windows\System32\mfc45.dll
[2010/08/07 23:13:17 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:48:03 | 002,093,584 | ---- | M] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:44:36 | 063,170,304 | ---- | M] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:42:03 | 002,766,464 | ---- | M] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:37 | 002,996,888 | ---- | M] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:35 | 039,025,824 | ---- | M] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:39:33 | 001,567,828 | ---- | M] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:27 | 001,751,886 | ---- | M] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:39:16 | 002,911,266 | ---- | M] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:54 | 002,876,674 | ---- | M] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:33:27 | 357,429,754 | ---- | M] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:29:16 | 003,120,110 | ---- | M] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:52 | 002,422,231 | ---- | M] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:34 | 000,799,909 | ---- | M] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:26 | 001,795,598 | ---- | M] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:26:02 | 000,950,704 | ---- | M] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:51 | 002,408,224 | ---- | M] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:30 | 000,895,873 | ---- | M] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:20 | 001,574,031 | ---- | M] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 000,711,517 | ---- | M] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:47 | 002,192,630 | ---- | M] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:09:25 | 022,609,528 | ---- | M] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:53 | 000,000,227 | ---- | M] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:07:44 | 061,629,203 | ---- | M] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:50:05 | 004,514,189 | ---- | M] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:42 | 001,458,267 | ---- | M] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:40:03 | 003,048,960 | ---- | M] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:14 | 000,000,887 | ---- | M] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/20 12:04:37 | 000,002,333 | ---- | M] () -- C:\Users\Public\Desktop\EZ Fonts.lnk
[2010/06/12 12:45:34 | 000,009,216 | ---- | M] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps
[2010/06/03 20:14:48 | 000,655,587 | ---- | M] () -- C:\Users\Brenda\Documents\ssgold.pdf

========== Files Created - No Company Name ==========

[2010/09/01 00:07:51 | 000,001,737 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/08/31 22:10:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/31 22:10:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/31 22:10:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/31 22:10:46 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/31 22:10:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/31 03:02:34 | 000,000,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
[2010/08/30 09:37:09 | 430,905,839 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/30 02:18:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/08/30 02:18:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/08/30 02:18:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/08/25 20:06:08 | 000,307,102 | ---- | C] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 14:25:32 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:25:22 | 000,026,624 | ---- | C] () -- C:\Windows\System32\hercb.dll
[2010/08/20 02:38:34 | 000,000,548 | ---- | C] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 02:28:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/17 01:58:28 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:47 | 004,231,168 | ---- | C] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 03:44:57 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/08/13 23:22:49 | 3209,875,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/13 22:45:38 | 000,000,998 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/13 21:47:18 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/13 21:47:17 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/12 22:37:40 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | C] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | C] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010/08/08 00:23:55 | 000,145,890 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2010/08/07 23:20:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2010/08/07 23:20:12 | 000,034,800 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/08/07 23:20:11 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/08/07 23:13:17 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:47:52 | 002,093,584 | ---- | C] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:42:03 | 063,170,304 | ---- | C] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:41:56 | 002,766,464 | ---- | C] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:27 | 002,996,888 | ---- | C] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:26 | 001,567,828 | ---- | C] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:16 | 001,751,886 | ---- | C] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:38:54 | 002,911,266 | ---- | C] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:40 | 002,876,674 | ---- | C] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:38:37 | 039,025,824 | ---- | C] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:28:52 | 003,120,110 | ---- | C] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:34 | 002,422,231 | ---- | C] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:26 | 000,799,909 | ---- | C] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:07 | 001,795,598 | ---- | C] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:25:51 | 000,950,704 | ---- | C] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:30 | 002,408,224 | ---- | C] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:20 | 000,895,873 | ---- | C] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:02 | 001,574,031 | ---- | C] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 357,429,754 | ---- | C] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:23:13 | 000,711,517 | ---- | C] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:37 | 002,192,630 | ---- | C] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:08:52 | 022,609,528 | ---- | C] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:52 | 000,000,227 | ---- | C] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:06:53 | 061,629,203 | ---- | C] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:49:56 | 004,514,189 | ---- | C] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:38 | 001,458,267 | ---- | C] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:34:23 | 003,048,960 | ---- | C] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:02 | 000,000,887 | ---- | C] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/18 23:09:41 | 000,224,777 | ---- | C] () -- C:\Program Files\uninstal.log
[2010/07/18 18:50:29 | 000,001,771 | ---- | C] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/07/18 18:08:59 | 000,000,394 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/07/17 20:31:24 | 000,002,333 | ---- | C] () -- C:\Users\Public\Desktop\EZ Fonts.lnk
[2010/06/12 12:45:34 | 000,009,216 | ---- | C] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps
[2010/06/03 20:14:48 | 000,655,587 | ---- | C] () -- C:\Users\Brenda\Documents\ssgold.pdf
[2010/05/31 01:02:07 | 000,000,065 | ---- | C] () -- C:\Windows\Crypkey.ini
[2010/05/31 01:02:00 | 000,021,638 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2010/05/31 01:01:59 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2010/02/22 21:23:09 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010/02/22 16:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010/02/22 16:18:05 | 000,000,074 | ---- | C] () -- C:\Windows\Brownie.ini
[2009/08/08 01:52:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/07 04:39:19 | 000,008,248 | ---- | C] () -- C:\Users\Brenda\AppData\Local\en.ini
[2009/08/07 00:52:16 | 000,000,040 | ---- | C] () -- C:\Windows\Embedit.INI
[2009/08/06 04:40:52 | 000,000,680 | ---- | C] () -- C:\Users\Brenda\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/11/03 19:40:02 | 000,000,194 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/10/26 20:33:16 | 000,036,352 | ---- | C] () -- C:\Windows\System32\wwctl32i.dll
[2008/10/22 20:01:35 | 000,000,107 | ---- | C] () -- C:\Windows\password.ini
[2008/10/20 22:40:05 | 000,196,756 | ---- | C] () -- C:\Windows\System32\drivers\windrvr.sys
[2008/10/20 22:40:00 | 000,120,320 | R--- | C] () -- C:\Windows\System32\Ltpnt13n.dll
[2008/10/20 22:39:59 | 001,684,480 | R--- | C] () -- C:\Windows\System32\LTCLR13n.dll
[2008/10/20 22:39:58 | 000,338,944 | R--- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/10/20 22:39:58 | 000,118,784 | R--- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/10/12 20:59:37 | 000,018,944 | ---- | C] () -- C:\Users\Brenda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/06 18:42:52 | 000,000,242 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2008/10/06 18:42:52 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2008/10/06 18:42:09 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/06 18:42:09 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/10/06 18:26:28 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2008/10/06 01:24:17 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2008/10/05 07:57:12 | 000,000,120 | ---- | C] () -- C:\Windows\WINRESAZ.INI
[2008/10/04 16:45:19 | 000,022,748 | ---- | C] () -- C:\Windows\System32\drivers\wdpnp.sys
[2008/10/02 14:33:14 | 000,011,152 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2008/07/24 16:54:25 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/07/24 16:54:25 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/07/24 16:54:25 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/07/24 16:54:25 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/07/24 16:54:23 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/01/30 03:49:19 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/04 14:44:55 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/08/08 00:32:57 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/11 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/05 19:58:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2009/01/30 02:57:03 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Pogo Games
[2008/10/21 03:03:38 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\ScanSoft
[2008/10/02 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Template
[2010/08/25 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/09/01 00:08:22 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/01 00:29:05 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/08/08 00:08:29 | 000,002,442 | ---- | M] () -- C:\avenger.txt
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/05/31 01:51:37 | 000,000,225 | ---- | M] () -- C:\CKINFO.TXT
[2010/08/31 22:31:00 | 000,021,091 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/15 04:38:20 | 000,346,086 | ---- | M] () -- C:\cybdefauth_i.log
[2010/08/31 20:02:10 | 000,047,916 | ---- | M] () -- C:\CybDefInstallInfo.log
[2010/08/15 04:38:18 | 000,000,111 | ---- | M] () -- C:\CybDefWebInstaller.log
[2008/07/24 16:54:34 | 000,005,059 | RH-- | M] () -- C:\dell.sdr
[2010/09/01 00:09:12 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2008/10/04 12:43:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/10/04 12:43:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/01 00:09:11 | 3523,690,496 | -HS- | M] () -- C:\pagefile.sys
[2010/08/23 21:05:13 | 000,000,107 | ---- | M] () -- C:\password.ini
[2008/10/21 15:49:24 | 000,000,082 | ---- | M] () -- C:\password.klc
[2010/08/13 23:42:46 | 000,000,427 | ---- | M] () -- C:\rkill.log
[2010/08/13 23:41:55 | 000,060,090 | ---- | M] () -- C:\TDSSKiller.2.4.1.1_13.08.2010_23.40.00_log.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/08/08 02:09:01 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 07:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 07:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 02:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 02:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 23:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 23:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 23:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 05:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 916 bytes -> C:\Users\Brenda\Documents\Re_ Fw_ Re_ I am very glad to hear from you!.eml:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:07348C09
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMPE73B0FE
< End of report >

TheMick · 2010/09/01

OTL Extras logfile created on: 9/1/2010 12:25:07 AM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Brenda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 161.04 Gb Free Space | 72.29% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.63 Gb Free Space | 16.26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BRENDA-PC
Current User Name: Brenda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A3C3A5C-CA86-4E0B-9A52-BAB1858D86DD}" = lport=445 | protocol=6 | dir=in | app=system |
"{0D2CCD43-D752-47EA-AC28-199F115E1E73}" = lport=139 | protocol=6 | dir=in | app=system |
"{1241A203-B659-49C7-915C-05FA5C8CEA2D}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{1F54258E-FDBB-423E-B83C-8A8AD58AB5E0}" = lport=40092 | protocol=6 | dir=in | name=streaming web cam |
"{1F9944B9-D3EE-4D0B-A3E4-FFE044564A15}" = lport=40091 | protocol=6 | dir=in | name=streaming web cam |
"{38EF36C5-F14C-40FB-B165-1E7A189119BE}" = rport=138 | protocol=17 | dir=out | app=system |
"{46E9E234-0D02-4FA3-A144-9F80EFAEA1DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4E56050E-CE2F-4C0B-962B-5EC6F847EF87}" = lport=40093 | protocol=6 | dir=in | name=streaming web cam |
"{5440283D-8AD4-45A4-A394-A8980FF90102}" = lport=137 | protocol=17 | dir=in | app=system |
"{6913CF0E-E83A-4450-9249-6E8FF827184A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{85E7B6E6-F785-4C74-87B7-D1323709199E}" = rport=445 | protocol=6 | dir=out | app=system |
"{913776CB-231F-4490-BC1D-9AF9651A0680}" = lport=40080 | protocol=6 | dir=in | name=remote access media server |
"{9A428690-9E06-48F1-AECD-72D5342AAFE9}" = rport=137 | protocol=17 | dir=out | app=system |
"{9DA1DCFD-D15C-43ED-9E48-701D00A6D68B}" = lport=40090 | protocol=6 | dir=in | name=streaming web cam |
"{AD5391CF-07C4-4CED-AF2B-B05A8909B293}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0751F71-F7A5-4E66-B5AA-CC5E8719A161}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA27C00E-A786-4ACA-A26C-D52DB243E897}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F3F5C28D-BE94-4F05-8B1D-F1CE3F214614}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{F5C40860-B51E-463A-998B-2F4491592599}" = lport=40094 | protocol=6 | dir=in | name=streaming web cam |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0709DC9E-FC4D-4854-9465-08F432A14B1D}" = protocol=6 | dir=in | app=c:\program files\common files\dell\apache\php.exe |
"{127E3C56-01D9-45B0-A5DB-E240BDE2A991}" = protocol=17 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysql.exe |
"{26D0BD1C-273D-4675-9803-D48C9A2A31CB}" = protocol=6 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysql.exe |
"{2FA83D40-9EE6-44DC-9A78-7A8615C7C473}" = protocol=17 | dir=in | app=c:\program files\common files\dell\apache\php.exe |
"{359BF127-D796-4E87-BF9F-4711918C22C8}" = protocol=17 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{35A24AD5-8595-40FD-89E5-E41D347377AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3963677F-60C5-4E08-A043-9D1756F19ABE}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{57A07882-2A05-4088-804D-D9BD1E6D4038}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{69B14EB0-0DCD-48AB-BAE3-1D14000EB842}" = protocol=17 | dir=in | app=c:\program files\common files\dell\apache\bin\httpd.exe |
"{6FE034EA-342A-4F6E-B9FD-A3F5D999A113}" = protocol=6 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{806D4210-832A-4FDF-8444-163E38617976}" = protocol=17 | dir=in | app=c:\program files\addthis toolbar\troubleshooter.exe |
"{8BF1880A-418D-4E13-8414-F46733719F47}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{914605DB-F680-4964-B5F7-1CADF4AFE3EB}" = protocol=17 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysqld.exe |
"{976D4A5D-348F-49B8-A027-5F3BCC7477FD}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{99F36EE5-93C9-4123-AA74-90F714C7924F}" = protocol=6 | dir=in | app=c:\program files\addthis toolbar\troubleshooter.exe |
"{A0FEFF69-8E0E-470D-85C4-3E2176F12DDD}" = protocol=17 | dir=in | app=c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{B0826347-1943-434B-86B4-B9E859032567}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B6078120-A550-4A35-8CA3-C6FE213BE270}" = protocol=17 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{B99B5AA9-ED1B-449A-8527-CE1580F49E06}" = protocol=17 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{C31FA8A5-FB7A-4E61-A308-20B30E0AB373}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{C4551F72-852B-4A46-9CB6-34FE816103FD}" = protocol=6 | dir=in | app=c:\program files\common files\dell\apache\bin\httpd.exe |
"{C4806976-FDDB-472A-92B9-901751DA9EA7}" = protocol=6 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysqld.exe |
"{C947D539-6A3D-47E7-A817-6DF3E048671E}" = protocol=6 | dir=in | app=c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{CDA9325B-E2D8-4DFF-8FCE-4E4E9A3C8D28}" = protocol=17 | dir=in | app=c:\program files\addthis toolbar\toolbarupdate.exe |
"{D0077000-2DF6-4998-9DE1-197D8BA275B6}" = protocol=6 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{DC5693A8-6475-43F2-8E5E-B61E16C305CD}" = protocol=6 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{F12D3ECC-693E-4D51-AE00-D6D7304D3439}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F878C411-CE91-4464-8100-24FC7D56AAD7}" = protocol=6 | dir=in | app=c:\program files\addthis toolbar\toolbarupdate.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}" = EZ Fonts
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30DBAD4A-BA6D-4F9D-8AB0-2F6C7B0612A4}" = AVSDK5
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{39003340-EAA2-012B-ADCD-000000000000}" = TurboTax 2009 wkyiper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5833D651-AED7-454D-9DD9-DF2B32AC3CF0}" = PE-DESIGN Ver5
"{5B466707-08E2-4FC3-8FE6-A8C07EB525BC}" = Designer's Gallery StudioPlus
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6382DA14-EF2E-4C76-ACFA-A7D4AB7126EB}" = PE-DESIGN Ver5
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68C5B075-B2A1-4A90-8515-6A1FE62A352F}" = Designer's Gallery SizeWorks
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{82B7209D-B838-4BC6-9390-4F1D06E12068}" = AVerMedia M779 Driver
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = CyberDefender Link Patrol
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{88B68BA6-1CA9-4EB6-8BB7-892D609567FA}" = TurboTax 2008 wkyiper
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D8A081EB-19BB-CA58-A86E-AEF0D1E0B243}" = ATI Catalyst Install Manager
"{D9461574-5FC0-4641-BBDC-D1038B196F55}" = Brother MFL-Pro Suite MFC-490CW
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"1EC636D2DBA2D9924E02E10DA797DEC16306C1A9" = Windows Driver Package - Logitech HIDClass (10/16/2006 1.0)
"AddThis Toolbar" = AddThis Toolbar
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adorable Ideas Design Packs" = Adorable Ideas Design Packs
"Buzz Tools" = Buzz Tools
"CNXT_MODEM_PCI_HSF" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist Corporate
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee Total Protection
"PE-DESIGN" = PE-DESIGN Version 2.0
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"SmartSizer Gold" = SmartSizer Gold
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Word Whomp To Go" = Word Whomp To Go

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/31/2010 2:34:03 AM | Computer Name = Brenda-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 1

Error - 8/31/2010 2:34:03 AM | Computer Name = Brenda-PC | Source = McLogEvent | ID = 5004
Description = Could not contact Filter Driver. Error = 0x7e : The specified module
could not be found.

Error - 8/31/2010 2:34:03 AM | Computer Name = Brenda-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 1

Error - 8/31/2010 2:38:41 AM | Computer Name = Brenda-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/31/2010 2:51:39 AM | Computer Name = Brenda-PC | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module EMBIRDIH.DLL, version 0.0.0.0, time stamp 0x2a425e19,
exception code 0xc0000005, fault offset 0x0001d033, process id 0xfc8, application
start time 0x01cb48d8f5c8f739.

Error - 8/31/2010 3:03:03 AM | Computer Name = Brenda-PC | Source = VSS | ID = 8194
Description =

Error - 8/31/2010 3:05:10 AM | Computer Name = Brenda-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/31/2010 3:05:10 AM | Computer Name = Brenda-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/31/2010 3:10:12 AM | Computer Name = Brenda-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/31/2010 3:11:32 AM | Computer Name = Brenda-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 8/31/2010 10:25:44 PM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2010 12:05:59 AM | Computer Name = Brenda-PC | Source = DCOM | ID = 10005
Description =

Error - 9/1/2010 12:05:59 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 9/1/2010 12:05:59 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2010 12:10:19 AM | Computer Name = Brenda-PC | Source = DCOM | ID = 10016
Description =

Error - 9/1/2010 12:10:40 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7038
Description =

Error - 9/1/2010 12:10:40 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2010 12:10:40 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7038
Description =

Error - 9/1/2010 12:10:40 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2010 12:10:40 AM | Computer Name = Brenda-PC | Source = Service Control Manager | ID = 7026
Description =

< End of report >

broni · 2010/09/01

You didn't say how computer is doing.

broni · 2010/09/01

You're running two AV programs, McAfee and Authentium AntiVirus5.
One of them has to go.
If McAfee, make sure to use McAfee Consumer Product Removal Tool: http://majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html

=================================================

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 916 bytes -> C:\Users\Brenda\Documents\Re_ Fw_ Re_ I am very glad to hear from you!.eml:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:07348C09
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:DE73B0FE

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

TheMick · 2010/09/01

All processes killed
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context!
Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 916 bytes -> C:\Users\Brenda\Documents\Re_ Fw_ Re_ I am very glad to hear from you!.eml:OECustomProperty> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:07348C09> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMPE73B0FE> in the current context!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 42054 bytes

User: All Users

User: Brenda
->Temp folder emptied: 173042221 bytes
->Temporary Internet Files folder emptied: 10497971 bytes
->Java cache emptied: 154231474 bytes
->FireFox cache emptied: 43604967 bytes
->Flash cache emptied: 48713 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: RA Media Server
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3829857 bytes

Total Files Cleaned = 368.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Brenda
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: RA Media Server
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Error: Unable to interpret <[Reboot> in the current context!

OTL by OldTimer - Version 3.2.11.0 log created on 09012010_012458

Files\Folders moved on Reboot...
C:\Users\Brenda\AppData\Local\Temp\Low\~DFB65A.tmp moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XO44OAH7\ads[1].htm moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XO44OAH7\p-01-0VIaSjnOLg[3].gif moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\50CEI3ZG\00b42e3a-b809-49b2-b433-cc45b2bc89d33rd_party_BBS[1].htm moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\50CEI3ZG\94854-active-windows-host-process-run32dll-stops-working-5[1].html moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...

TheMick · 2010/09/01

I spoke too soon about the run32dll errors. I still get them on pes ext,

broni · 2010/09/01

1.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Click to expand...

2. Can you post full error message and when it happens?
I'm not sure what "pes ext" is...

TheMick · 2010/09/01

I found the Authentium Anit virus. I did not install it. Apparently the Dell Tech, that was helping me get back into my computer when I locked myself ou, put it in and didnt inform me. wish one is better, the mcafee or the other?
This is a copy of the problem that I was having with the windows host run32dll. Emboridery machines have differnt types of formats they embroidery. I have a Brother & Babylock machine that uses a pes format. I also have several emboroidery softwares that I use to view, edit, catalogue, etc. Each is setup to handle various formats. When you get new designs they come zipped with several different format for various embroidery machines. Windows explorer unzips and displays the design patterns. I can double click and send the design to the targarted software. I have PE Design 5, Embird, Buzztools, and Designer Gallery. This is the last error I recieved.

Product
Windows host process (Rundll32)

Problem
Stopped working

Date
9/1/2010 3:59 PM

Status
Report Sent

Problem signature
Problem Event Name: APPCRASH
Application Name: rundll32.exe
Application Version: 6.0.6000.16386
Application Timestamp: 4549b0e1
Fault Module Name: ntdll.dll
Fault Module Version: 6.0.6002.18005
Fault Module Timestamp: 49e03821
Exception Code: c0000005
Exception Offset: 0000e060
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033
Additional Information 1: fd00
Additional Information 2: ea6f5fe8924aaa756324d57f87834160
Additional Information 3: fd00
Additional Information 4: ea6f5fe8924aaa756324d57f87834160

Extra information about the problem
Bucket ID: 1253360434

OTL logfile created on: 9/1/2010 3:42:08 PM - Run 3
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Brenda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 160.83 Gb Free Space | 72.19% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.63 Gb Free Space | 16.26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BRENDA-PC
Current User Name: Brenda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
PRC - [2010/07/01 00:07:46 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
PRC - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2010/01/21 02:28:41 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
PRC - [2008/04/11 15:13:52 | 001,085,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/01/31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2008/01/31 18:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe

========== Modules (SafeList) ==========

MOD - [2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
MOD - [2010/07/14 13:30:14 | 000,018,688 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/08/16 11:33:00 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/07/06 16:36:04 | 000,202,488 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\temp\MOBCleanup.exe -- (MOBCleanup)
SRV - [2010/06/17 22:09:42 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/04/13 09:48:10 | 000,189,680 | ---- | M] (SingleClick Systems) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Brenda\AppData\Local\Temp\_6D9D.tmp\FoxAwdWINFLASH.sys -- (FoxAwdWINFLASH)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fdrawcmd.sys -- (fdrawcmd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2008/08/22 16:14:45 | 000,021,638 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\ckldrv.sys -- (NetworkX)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/04/18 18:16:26 | 002,354,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/01 16:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 16:47:56 | 000,267,776 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/11/01 16:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 14:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/29 04:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/26 06:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/12/12 11:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/27 09:48:42 | 000,018,944 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\busbcrw.sys -- (busbcrw)
DRV - [2006/09/03 09:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/07/19 11:04:18 | 000,012,048 | R--- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\DELL\drivers\R169419\atidgllk.sys -- (atidgllk)
DRV - [2001/11/11 21:23:12 | 000,022,748 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdpnp.sys -- (wdpnp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://insightbb.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search "
FF - prefs.js..browser.search.selectedEngine: "Secure Search "
FF - prefs.js..browser.startup.homepage: "http://pogo.com/ "
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p= "

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/16 21:39:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/09/01 12:06:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/01 00:06:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 19:05:53 | 000,000,000 | ---D | M]

[2009/08/09 02:30:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Extensions
[2010/08/31 17:20:36 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions
[2010/08/16 23:46:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/27 02:34:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/08/19 19:43:12 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/08/31 22:22:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100901000637.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = none
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O15 - HKCU\..Trusted Domains: insightbb.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: trymedia.com ([fe] * in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-nz/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6064/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/01 01:24:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/01 00:24:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/09/01 00:06:36 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/09/01 00:06:10 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/09/01 00:06:10 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/09/01 00:06:09 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/09/01 00:06:09 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/09/01 00:06:09 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/09/01 00:06:09 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/09/01 00:06:09 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/09/01 00:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\temp
[2010/08/31 22:22:45 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/31 22:10:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/31 22:10:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/31 22:10:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/31 22:10:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/31 22:10:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/31 22:09:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/30 02:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\AddThis Toolbar
[2010/08/29 03:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/08/25 16:02:22 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/08/23 20:48:18 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\Roboex32.dll
[2010/08/23 14:25:22 | 000,122,949 | ---- | C] (Buzz Tools, Inc.) -- C:\Windows\System32\mir4.dll
[2010/08/23 14:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Buzz Tools
[2010/08/17 16:49:23 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\FixItCenter
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2010/08/16 23:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/16 11:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/16 11:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/08/16 11:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2010/08/15 04:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2010/08/14 00:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2010/08/14 00:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/08/13 23:13:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Malwarebytes
[2010/08/13 23:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/12 22:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Designer's Gallery
[2010/08/11 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Corporation
[2010/08/11 14:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Office-Kit.com
[2010/08/10 03:03:44 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2010/08/08 15:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/08/08 15:17:31 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/08 15:14:33 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Help
[2010/08/08 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/08/08 04:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2010/08/07 23:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\M779
[2010/08/07 23:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\NetWaiting
[2010/08/07 23:24:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/08/07 23:20:31 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010/08/07 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Remote Access
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Dell
[2010/08/07 22:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/08/07 22:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/08/07 22:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect
[2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Designer's Gallery
[2010/08/07 02:17:43 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Dell
[2010/08/05 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2010/08/05 00:44:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\McAfee Anti-Theft
[2010/08/05 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Anti-Theft
[2010/08/04 00:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/08/03 13:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\EMBIRD32
[2010/08/03 13:27:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/07/31 07:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/07/21 19:31:05 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Documents\brenda
[2010/07/18 23:09:41 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/07/18 22:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adorable Ideas
[2010/07/17 20:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Fonts
[2010/07/08 00:07:53 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Desktop\graphics
[2010/06/25 03:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/18 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Babylock
[2010/06/03 20:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

========== Files - Modified Within 90 Days ==========

TheMick · 2010/09/01

[2010/09/01 15:44:59 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/09/01 15:42:02 | 002,621,440 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT
[2010/09/01 14:52:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/01 14:50:35 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/09/01 14:50:13 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/01 14:50:02 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 14:50:02 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 14:49:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/01 14:49:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/01 14:49:53 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 14:48:56 | 000,524,288 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 14:48:56 | 000,065,536 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/01 14:48:55 | 005,817,051 | -H-- | M] () -- C:\Users\Brenda\AppData\Local\IconCache.db
[2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/08/31 23:49:54 | 000,000,107 | ---- | M] () -- C:\Windows\password.ini
[2010/08/31 22:22:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/31 22:22:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/30 18:10:14 | 430,905,839 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/28 00:10:24 | 000,000,998 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/28 00:10:21 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/08/25 20:10:20 | 000,011,152 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2010/08/25 20:06:08 | 000,307,102 | ---- | M] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 21:05:13 | 000,000,107 | ---- | M] () -- C:\password.ini
[2010/08/23 14:25:32 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:15:46 | 000,773,076 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 14:15:46 | 000,653,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 14:15:46 | 000,122,330 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 02:17:38 | 000,000,548 | ---- | M] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 23:39:57 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/08/19 21:42:50 | 000,011,264 | ---- | M] () -- C:\Users\Brenda\Documents\MEDICATION FOR BREDA SWEARINGEN.wps
[2010/08/19 18:35:10 | 000,105,384 | ---- | M] () -- C:\Users\Brenda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/18 23:12:00 | 000,387,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/18 21:41:35 | 000,000,221 | ---- | M] () -- C:\Windows\win.ini
[2010/08/17 01:58:28 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:54 | 004,231,168 | ---- | M] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 04:05:38 | 000,000,045 | ---- | M] () -- C:\Windows\system32commongn.dat
[2010/08/13 21:58:07 | 000,001,771 | ---- | M] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/08/13 21:51:53 | 000,000,940 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/08/12 22:37:40 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | M] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | M] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | M] () -- C:\Windows\System32\mfc45.dll
[2010/08/07 23:13:17 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:48:03 | 002,093,584 | ---- | M] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:44:36 | 063,170,304 | ---- | M] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:42:03 | 002,766,464 | ---- | M] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:37 | 002,996,888 | ---- | M] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:35 | 039,025,824 | ---- | M] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:39:33 | 001,567,828 | ---- | M] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:27 | 001,751,886 | ---- | M] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:39:16 | 002,911,266 | ---- | M] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:54 | 002,876,674 | ---- | M] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:33:27 | 357,429,754 | ---- | M] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:29:16 | 003,120,110 | ---- | M] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:52 | 002,422,231 | ---- | M] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:34 | 000,799,909 | ---- | M] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:26 | 001,795,598 | ---- | M] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:26:02 | 000,950,704 | ---- | M] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:51 | 002,408,224 | ---- | M] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:30 | 000,895,873 | ---- | M] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:20 | 001,574,031 | ---- | M] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 000,711,517 | ---- | M] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:47 | 002,192,630 | ---- | M] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:09:25 | 022,609,528 | ---- | M] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:53 | 000,000,227 | ---- | M] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:07:44 | 061,629,203 | ---- | M] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:50:05 | 004,514,189 | ---- | M] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:42 | 001,458,267 | ---- | M] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:40:03 | 003,048,960 | ---- | M] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:14 | 000,000,887 | ---- | M] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/20 12:04:37 | 000,002,333 | ---- | M] () -- C:\Users\Public\Desktop\EZ Fonts.lnk
[2010/06/12 12:45:34 | 000,009,216 | ---- | M] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps
[2010/06/03 20:14:48 | 000,655,587 | ---- | M] () -- C:\Users\Brenda\Documents\ssgold.pdf

========== Files Created - No Company Name ==========

[2010/09/01 00:07:51 | 000,001,737 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/08/31 22:10:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/31 22:10:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/31 22:10:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/31 22:10:46 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/31 22:10:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/30 09:37:09 | 430,905,839 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/30 02:18:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/08/30 02:18:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/08/30 02:18:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/08/25 20:06:08 | 000,307,102 | ---- | C] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 14:25:32 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:25:22 | 000,026,624 | ---- | C] () -- C:\Windows\System32\hercb.dll
[2010/08/20 02:38:34 | 000,000,548 | ---- | C] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 02:28:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/17 01:58:28 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:47 | 004,231,168 | ---- | C] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 03:44:57 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/08/13 23:22:49 | 3209,875,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/13 22:45:38 | 000,000,998 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/13 21:47:18 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/13 21:47:17 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/12 22:37:40 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | C] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | C] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010/08/08 00:23:55 | 000,145,890 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2010/08/07 23:20:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2010/08/07 23:20:12 | 000,034,800 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/08/07 23:20:11 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/08/07 23:13:17 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:47:52 | 002,093,584 | ---- | C] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:42:03 | 063,170,304 | ---- | C] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:41:56 | 002,766,464 | ---- | C] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:27 | 002,996,888 | ---- | C] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:26 | 001,567,828 | ---- | C] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:16 | 001,751,886 | ---- | C] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:38:54 | 002,911,266 | ---- | C] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:40 | 002,876,674 | ---- | C] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:38:37 | 039,025,824 | ---- | C] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:28:52 | 003,120,110 | ---- | C] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:34 | 002,422,231 | ---- | C] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:26 | 000,799,909 | ---- | C] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:07 | 001,795,598 | ---- | C] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:25:51 | 000,950,704 | ---- | C] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:30 | 002,408,224 | ---- | C] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:20 | 000,895,873 | ---- | C] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:02 | 001,574,031 | ---- | C] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 357,429,754 | ---- | C] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:23:13 | 000,711,517 | ---- | C] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:37 | 002,192,630 | ---- | C] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:08:52 | 022,609,528 | ---- | C] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:52 | 000,000,227 | ---- | C] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:06:53 | 061,629,203 | ---- | C] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:49:56 | 004,514,189 | ---- | C] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:38 | 001,458,267 | ---- | C] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:34:23 | 003,048,960 | ---- | C] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:02 | 000,000,887 | ---- | C] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/18 23:09:41 | 000,224,777 | ---- | C] () -- C:\Program Files\uninstal.log
[2010/07/18 18:50:29 | 000,001,771 | ---- | C] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/07/18 18:08:59 | 000,000,394 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/07/17 20:31:24 | 000,002,333 | ---- | C] () -- C:\Users\Public\Desktop\EZ Fonts.lnk
[2010/06/12 12:45:34 | 000,009,216 | ---- | C] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps
[2010/06/03 20:14:48 | 000,655,587 | ---- | C] () -- C:\Users\Brenda\Documents\ssgold.pdf
[2010/05/31 01:02:07 | 000,000,065 | ---- | C] () -- C:\Windows\Crypkey.ini
[2010/05/31 01:02:00 | 000,021,638 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2010/05/31 01:01:59 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2010/02/22 21:23:09 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010/02/22 16:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010/02/22 16:18:05 | 000,000,074 | ---- | C] () -- C:\Windows\Brownie.ini
[2009/08/08 01:52:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/07 04:39:19 | 000,008,248 | ---- | C] () -- C:\Users\Brenda\AppData\Local\en.ini
[2009/08/07 00:52:16 | 000,000,040 | ---- | C] () -- C:\Windows\Embedit.INI
[2009/08/06 04:40:52 | 000,000,680 | ---- | C] () -- C:\Users\Brenda\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/11/03 19:40:02 | 000,000,194 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/10/26 20:33:16 | 000,036,352 | ---- | C] () -- C:\Windows\System32\wwctl32i.dll
[2008/10/22 20:01:35 | 000,000,107 | ---- | C] () -- C:\Windows\password.ini
[2008/10/20 22:40:05 | 000,196,756 | ---- | C] () -- C:\Windows\System32\drivers\windrvr.sys
[2008/10/20 22:40:00 | 000,120,320 | R--- | C] () -- C:\Windows\System32\Ltpnt13n.dll
[2008/10/20 22:39:59 | 001,684,480 | R--- | C] () -- C:\Windows\System32\LTCLR13n.dll
[2008/10/20 22:39:58 | 000,338,944 | R--- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/10/20 22:39:58 | 000,118,784 | R--- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/10/12 20:59:37 | 000,018,944 | ---- | C] () -- C:\Users\Brenda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/06 18:42:52 | 000,000,242 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2008/10/06 18:42:52 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2008/10/06 18:42:09 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/06 18:42:09 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/10/06 18:26:28 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2008/10/06 01:24:17 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2008/10/05 07:57:12 | 000,000,120 | ---- | C] () -- C:\Windows\WINRESAZ.INI
[2008/10/04 16:45:19 | 000,022,748 | ---- | C] () -- C:\Windows\System32\drivers\wdpnp.sys
[2008/10/02 14:33:14 | 000,011,152 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2008/07/24 16:54:25 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/07/24 16:54:25 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/07/24 16:54:25 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/07/24 16:54:25 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/07/24 16:54:23 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/01/30 03:49:19 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/04 14:44:55 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/08/08 00:32:57 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/11 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/05 19:58:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2009/01/30 02:57:03 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Pogo Games
[2008/10/21 03:03:38 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\ScanSoft
[2008/10/02 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Template
[2010/08/25 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/09/01 14:49:02 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/01 15:44:59 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 916 bytes -> C:\Users\Brenda\Documents\Re_ Fw_ Re_ I am very glad to hear from you!.eml:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:07348C09
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMPE73B0FE
< End of report >

broni · 2010/09/01

I have PE Design 5, Embird, Buzztools, and Designer Gallery
Click to expand...

A total Chinese to me
Does the error happen only, when using one of those programs?
Was it BSOD, or you took the error from Event Viewer?

==================================================================

Is Authentium Antivirus listed in "Programs & Features "?
If it's, uninstall it.
If not, let me know.

TheMick · 2010/09/01

No, it was not BSOD. Just a MIcrosoft Windows error screen Windows host process Rundll32 has stopped working. I did get the info from Problem Reports and Solutions.
Yes, I get it everytime since Dell reset my computer. I have to go into the application and view it that way.
Authentium is not in Program and Features.

broni · 2010/09/01

It's still unclear to me...
Does the error happen, when you use...

I have PE Design 5, Embird, Buzztools, and Designer Gallery
Click to expand...

or ANY program?

=================================================================

Let's remove Authentium leftovers manually.

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
PRC - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
PRC - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
SRV - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)

:Services

:Reg

:Files
C:\Program Files\Common Files\Authentium


:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

TheMick · 2010/09/01

All processes killed
========== OTL ==========
Process vseqrts.exe killed successfully!
Process vsedsps.exe killed successfully!
Process vseamps.exe killed successfully!
Service vseqrts stopped successfully!
Service vseqrts deleted successfully!
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe moved successfully.
Service vsedsps stopped successfully!
Service vsedsps deleted successfully!
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe moved successfully.
Service vseamps stopped successfully!
Service vseamps deleted successfully!
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Common Files\Authentium\AntiVirus5\ampse folder moved successfully.
C:\Program Files\Common Files\Authentium\AntiVirus5\ampmf folder moved successfully.
C:\Program Files\Common Files\Authentium\AntiVirus5 folder moved successfully.
C:\Program Files\Common Files\Authentium folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Brenda
->Temp folder emptied: 9488749 bytes
->Temporary Internet Files folder emptied: 8059332 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 41263607 bytes
->Flash cache emptied: 2069 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: RA Media Server
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 420592 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 56.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Brenda
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: RA Media Server
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09012010_214932

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

TheMick · 2010/09/01

OTL logfile created on: 9/1/2010 10:14:03 PM - Run 4
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Brenda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 160.56 Gb Free Space | 72.07% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.63 Gb Free Space | 16.26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BRENDA-PC
Current User Name: Brenda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
PRC - [2010/07/01 00:07:46 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2010/01/21 02:28:41 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
PRC - [2008/04/11 15:13:52 | 001,085,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/01/31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2008/01/31 18:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe

========== Modules (SafeList) ==========

MOD - [2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
MOD - [2010/07/14 13:30:14 | 000,018,688 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\temp\MOBCleanup.exe -- (MOBCleanup)
SRV - [2010/08/16 11:33:00 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/06/17 22:09:42 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/04/13 09:48:10 | 000,189,680 | ---- | M] (SingleClick Systems) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Brenda\AppData\Local\Temp\_6D9D.tmp\FoxAwdWINFLASH.sys -- (FoxAwdWINFLASH)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fdrawcmd.sys -- (fdrawcmd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2008/08/22 16:14:45 | 000,021,638 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\ckldrv.sys -- (NetworkX)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/04/18 18:16:26 | 002,354,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/01 16:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 16:47:56 | 000,267,776 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/11/01 16:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 14:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/29 04:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/26 06:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/12/12 11:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/27 09:48:42 | 000,018,944 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\busbcrw.sys -- (busbcrw)
DRV - [2006/09/03 09:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/07/19 11:04:18 | 000,012,048 | R--- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\DELL\drivers\R169419\atidgllk.sys -- (atidgllk)
DRV - [2001/11/11 21:23:12 | 000,022,748 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdpnp.sys -- (wdpnp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://insightbb.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search "
FF - prefs.js..browser.search.selectedEngine: "Secure Search "
FF - prefs.js..browser.startup.homepage: "http://pogo.com/ "
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p= "

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/16 21:39:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/09/01 12:06:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/01 00:06:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 19:05:53 | 000,000,000 | ---D | M]

[2009/08/09 02:30:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Extensions
[2010/09/01 20:58:14 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions
[2010/08/16 23:46:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\hh2hq2dv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/01 20:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/08/19 19:43:12 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/08/31 22:22:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100901000637.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = none
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O15 - HKCU\..Trusted Domains: insightbb.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: trymedia.com ([fe] * in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-nz/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6064/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/01 01:24:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/01 00:24:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/09/01 00:06:36 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/09/01 00:06:10 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/09/01 00:06:10 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/09/01 00:06:09 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/09/01 00:06:09 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/09/01 00:06:09 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/09/01 00:06:09 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/09/01 00:06:09 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/09/01 00:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/31 22:31:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\temp
[2010/08/31 22:22:45 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/08/31 22:10:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/31 22:10:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/31 22:10:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/31 22:10:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/31 22:10:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/31 22:09:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/30 02:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\AddThis Toolbar
[2010/08/29 03:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/08/25 16:02:22 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/08/23 20:48:18 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\Roboex32.dll
[2010/08/23 14:25:22 | 000,122,949 | ---- | C] (Buzz Tools, Inc.) -- C:\Windows\System32\mir4.dll
[2010/08/23 14:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Buzz Tools
[2010/08/17 16:49:23 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\FixItCenter
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/08/17 01:58:27 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2010/08/16 23:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/16 11:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/16 11:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/08/16 11:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2010/08/14 00:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2010/08/14 00:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/08/13 23:13:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Malwarebytes
[2010/08/13 23:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/12 22:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Designer's Gallery
[2010/08/11 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Corporation
[2010/08/11 14:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/11 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Office-Kit.com
[2010/08/10 03:03:44 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2010/08/08 15:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/08/08 15:17:31 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/08 15:14:33 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Microsoft Help
[2010/08/08 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/08/08 04:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/08 00:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2010/08/07 23:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\M779
[2010/08/07 23:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\NetWaiting
[2010/08/07 23:24:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/08/07 23:20:31 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010/08/07 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Remote Access
[2010/08/07 23:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Dell
[2010/08/07 22:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/08/07 22:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/08/07 22:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect
[2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Designer's Gallery
[2010/08/07 02:17:43 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Dell
[2010/08/05 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2010/08/05 00:44:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\McAfee Anti-Theft
[2010/08/05 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Anti-Theft
[2010/08/04 00:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/08/03 13:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\EMBIRD32
[2010/08/03 13:27:00 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/07/31 07:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/07/21 19:31:05 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Documents\brenda
[2010/07/18 23:09:41 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/07/18 22:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adorable Ideas
[2010/07/17 20:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Fonts
[2010/07/08 00:07:53 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Desktop\graphics
[2010/06/25 03:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/18 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Babylock

========== Files - Modified Within 90 Days ==========

[2010/09/01 22:14:08 | 002,621,440 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT
[2010/09/01 22:13:43 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/09/01 22:07:54 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/01 21:53:23 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/09/01 21:52:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/01 21:50:49 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 21:50:49 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 21:50:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/01 21:50:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/01 21:50:42 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 21:49:56 | 000,524,288 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 21:49:56 | 000,065,536 | -HS- | M] () -- C:\Users\Brenda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/01 20:28:17 | 000,000,107 | ---- | M] () -- C:\Windows\password.ini
[2010/09/01 19:50:15 | 005,830,334 | -H-- | M] () -- C:\Users\Brenda\AppData\Local\IconCache.db
[2010/09/01 00:24:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2010/08/31 22:22:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/31 22:22:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/30 18:10:14 | 430,905,839 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/28 00:10:24 | 000,000,998 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/28 00:10:21 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/08/25 20:10:20 | 000,011,152 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2010/08/25 20:06:08 | 000,307,102 | ---- | M] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 21:05:13 | 000,000,107 | ---- | M] () -- C:\password.ini
[2010/08/23 14:25:32 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:15:46 | 000,773,076 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 14:15:46 | 000,653,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 14:15:46 | 000,122,330 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 02:17:38 | 000,000,548 | ---- | M] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 23:39:57 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/08/19 21:42:50 | 000,011,264 | ---- | M] () -- C:\Users\Brenda\Documents\MEDICATION FOR BREDA SWEARINGEN.wps
[2010/08/19 18:35:10 | 000,105,384 | ---- | M] () -- C:\Users\Brenda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/18 23:12:00 | 000,387,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/18 21:41:35 | 000,000,221 | ---- | M] () -- C:\Windows\win.ini
[2010/08/17 01:58:28 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:54 | 004,231,168 | ---- | M] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 04:05:38 | 000,000,045 | ---- | M] () -- C:\Windows\system32commongn.dat
[2010/08/13 21:58:07 | 000,001,771 | ---- | M] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/08/13 21:51:53 | 000,000,940 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/08/12 22:37:40 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | M] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | M] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | M] () -- C:\Windows\System32\mfc45.dll
[2010/08/07 23:13:17 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:48:03 | 002,093,584 | ---- | M] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:44:36 | 063,170,304 | ---- | M] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:42:03 | 002,766,464 | ---- | M] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:37 | 002,996,888 | ---- | M] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:35 | 039,025,824 | ---- | M] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:39:33 | 001,567,828 | ---- | M] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:27 | 001,751,886 | ---- | M] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:39:16 | 002,911,266 | ---- | M] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:54 | 002,876,674 | ---- | M] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:33:27 | 357,429,754 | ---- | M] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:29:16 | 003,120,110 | ---- | M] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:52 | 002,422,231 | ---- | M] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:34 | 000,799,909 | ---- | M] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:26 | 001,795,598 | ---- | M] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:26:02 | 000,950,704 | ---- | M] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:51 | 002,408,224 | ---- | M] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:30 | 000,895,873 | ---- | M] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:20 | 001,574,031 | ---- | M] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 000,711,517 | ---- | M] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:47 | 002,192,630 | ---- | M] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:09:25 | 022,609,528 | ---- | M] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:53 | 000,000,227 | ---- | M] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:07:44 | 061,629,203 | ---- | M] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:50:05 | 004,514,189 | ---- | M] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:42 | 001,458,267 | ---- | M] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:40:03 | 003,048,960 | ---- | M] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:14 | 000,000,887 | ---- | M] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/20 12:04:37 | 000,002,333 | ---- | M] () -- C:\Users\Public\Desktop\EZ Fonts.lnk
[2010/06/12 12:45:34 | 000,009,216 | ---- | M] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps

========== Files Created - No Company Name ==========

[2010/09/01 00:07:51 | 000,001,737 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/08/31 22:10:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/31 22:10:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/31 22:10:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/31 22:10:46 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/31 22:10:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/30 09:37:09 | 430,905,839 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/30 02:18:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/08/30 02:18:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/08/30 02:18:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/08/25 20:06:08 | 000,307,102 | ---- | C] () -- C:\Users\Brenda\Documents\2010IWformulapricelist[1].xlsm
[2010/08/24 19:05:53 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/23 14:25:32 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Buzz-Catalog.lnk
[2010/08/23 14:25:22 | 000,026,624 | ---- | C] () -- C:\Windows\System32\hercb.dll
[2010/08/20 02:38:34 | 000,000,548 | ---- | C] () -- C:\Users\Brenda\Desktop\Embird Plus.lnk
[2010/08/19 02:28:32 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/17 01:58:28 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2010/08/16 23:35:25 | 000,001,750 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/16 23:35:25 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/16 01:42:47 | 004,231,168 | ---- | C] () -- C:\Users\Brenda\Desktop\embrd800b62.exe
[2010/08/15 03:44:57 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/08/13 23:22:49 | 3209,875,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/13 22:45:38 | 000,000,998 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/08/13 21:47:18 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/13 21:47:17 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/12 22:37:40 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\DG StudioPlus.lnk
[2010/08/12 21:36:10 | 000,000,208 | ---- | C] () -- C:\Users\Brenda\Desktop\CD Drive - Shortcut.lnk
[2010/08/08 16:36:22 | 000,000,917 | ---- | C] () -- C:\Users\Brenda\Desktop\Windows Mail.lnk
[2010/08/08 01:07:09 | 000,016,050 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/08/08 00:33:16 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010/08/08 00:23:55 | 000,145,890 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2010/08/07 23:20:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2010/08/07 23:20:12 | 000,034,800 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/08/07 23:20:11 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/08/07 23:13:17 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Dell Remote Access.lnk
[2010/08/07 14:47:52 | 002,093,584 | ---- | C] () -- C:\Users\Brenda\Documents\R269603.exe
[2010/08/07 14:42:03 | 063,170,304 | ---- | C] () -- C:\Users\Brenda\Documents\ATI_multi-device_A04_R160911.exe
[2010/08/07 14:41:56 | 002,766,464 | ---- | C] () -- C:\Users\Brenda\Documents\R149813.EXE
[2010/08/07 13:39:27 | 002,996,888 | ---- | C] () -- C:\Users\Brenda\Documents\BH30N-A103.zip
[2010/08/07 13:39:26 | 001,567,828 | ---- | C] () -- C:\Users\Brenda\Documents\GSA-H73N_FW_C109.zip
[2010/08/07 13:39:16 | 001,751,886 | ---- | C] () -- C:\Users\Brenda\Documents\GH30N_FW_A103.zip
[2010/08/07 13:38:54 | 002,911,266 | ---- | C] () -- C:\Users\Brenda\Documents\BH20N-C106.zip
[2010/08/07 13:38:40 | 002,876,674 | ---- | C] () -- C:\Users\Brenda\Documents\GBC-H20N_C102.zip
[2010/08/07 13:38:37 | 039,025,824 | ---- | C] () -- C:\Users\Brenda\Documents\R172217.zip
[2010/08/07 13:28:52 | 003,120,110 | ---- | C] () -- C:\Users\Brenda\Documents\HE2_7D12.zip
[2010/08/07 13:28:34 | 002,422,231 | ---- | C] () -- C:\Users\Brenda\Documents\HA6NYD12.zip
[2010/08/07 13:28:26 | 000,799,909 | ---- | C] () -- C:\Users\Brenda\Documents\HD3_SD12.zip
[2010/08/07 13:28:07 | 001,795,598 | ---- | C] () -- C:\Users\Brenda\Documents\XA6H6D17.zip
[2010/08/07 13:25:51 | 000,950,704 | ---- | C] () -- C:\Users\Brenda\Documents\TSST_TS-H493B-HH-SATA-48X-CD_A03_R201947.EXE
[2010/08/07 13:25:30 | 002,408,224 | ---- | C] () -- C:\Users\Brenda\Documents\INTEL_CHIPSET-SOFTWARE-INSTA_A01_R198359.EXE
[2010/08/07 13:25:20 | 000,895,873 | ---- | C] () -- C:\Users\Brenda\Documents\DH-48C2S_ND12.zip
[2010/08/07 13:25:02 | 001,574,031 | ---- | C] () -- C:\Users\Brenda\Documents\R181505.zip
[2010/08/07 13:23:21 | 357,429,754 | ---- | C] () -- C:\Users\Brenda\Documents\R174369.zip
[2010/08/07 13:23:13 | 000,711,517 | ---- | C] () -- C:\Users\Brenda\Documents\DROM6316_ODNK.zip
[2010/08/07 13:22:37 | 002,192,630 | ---- | C] () -- C:\Users\Brenda\Documents\R154069.exe
[2010/08/07 13:08:52 | 022,609,528 | ---- | C] () -- C:\Users\Brenda\Documents\CN_MM_1_6_0_21.zip
[2010/08/07 13:08:52 | 000,000,227 | ---- | C] () -- C:\Users\Brenda\Documents\R209606_e.zip
[2010/08/07 13:06:53 | 061,629,203 | ---- | C] () -- C:\Users\Brenda\Documents\Dell_multi-device_A00_R152639.exe
[2010/08/07 12:49:56 | 004,514,189 | ---- | C] () -- C:\Users\Brenda\Documents\HB1_7D16.zip
[2010/08/07 12:48:38 | 001,458,267 | ---- | C] () -- C:\Users\Brenda\Documents\DH-16W1S_2D15.zip
[2010/08/05 19:58:05 | 000,024,085 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\UserTile.png
[2010/08/05 14:34:23 | 003,048,960 | ---- | C] () -- C:\Users\Brenda\Desktop\mvt_en-us.msi
[2010/07/28 22:40:02 | 000,000,887 | ---- | C] () -- C:\Users\Brenda\Documents\Document.rtf
[2010/07/23 17:46:53 | 000,000,658 | ---- | C] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\careers - Shortcut.lnk
[2010/07/18 23:09:41 | 000,224,777 | ---- | C] () -- C:\Program Files\uninstal.log
[2010/07/18 18:50:29 | 000,001,771 | ---- | C] () -- C:\Users\Brenda\Desktop\Layout & Editing (2).lnk
[2010/07/18 18:08:59 | 000,000,394 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job
[2010/07/17 20:31:24 | 000,002,333 | ---- | C]

TheMick · 2010/09/01

2010/06/12 12:45:34 | 000,009,216 | ---- | C] () -- C:\Users\Brenda\Documents\Untitled Envelope.wps
[2010/05/31 01:02:07 | 000,000,065 | ---- | C] () -- C:\Windows\Crypkey.ini
[2010/05/31 01:02:00 | 000,021,638 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2010/05/31 01:01:59 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2010/02/22 21:23:09 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010/02/22 16:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010/02/22 16:18:05 | 000,000,074 | ---- | C] () -- C:\Windows\Brownie.ini
[2009/08/08 01:52:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/07 04:39:19 | 000,008,248 | ---- | C] () -- C:\Users\Brenda\AppData\Local\en.ini
[2009/08/07 00:52:16 | 000,000,040 | ---- | C] () -- C:\Windows\Embedit.INI
[2009/08/06 04:40:52 | 000,000,680 | ---- | C] () -- C:\Users\Brenda\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/11/03 19:40:02 | 000,000,194 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/10/26 20:33:16 | 000,036,352 | ---- | C] () -- C:\Windows\System32\wwctl32i.dll
[2008/10/22 20:01:35 | 000,000,107 | ---- | C] () -- C:\Windows\password.ini
[2008/10/20 22:40:05 | 000,196,756 | ---- | C] () -- C:\Windows\System32\drivers\windrvr.sys
[2008/10/20 22:40:00 | 000,120,320 | R--- | C] () -- C:\Windows\System32\Ltpnt13n.dll
[2008/10/20 22:39:59 | 001,684,480 | R--- | C] () -- C:\Windows\System32\LTCLR13n.dll
[2008/10/20 22:39:58 | 000,338,944 | R--- | C] () -- C:\Windows\System32\lffpx7.dll
[2008/10/20 22:39:58 | 000,118,784 | R--- | C] () -- C:\Windows\System32\lfkodak.dll
[2008/10/12 20:59:37 | 000,018,944 | ---- | C] () -- C:\Users\Brenda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/06 18:42:52 | 000,000,242 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2008/10/06 18:42:52 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2008/10/06 18:42:09 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/06 18:42:09 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/10/06 18:26:28 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2008/10/06 01:24:17 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2008/10/05 07:57:12 | 000,000,120 | ---- | C] () -- C:\Windows\WINRESAZ.INI
[2008/10/04 16:45:19 | 000,022,748 | ---- | C] () -- C:\Windows\System32\drivers\wdpnp.sys
[2008/10/02 14:33:14 | 000,011,152 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\wklnhst.dat
[2008/07/24 16:54:25 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/07/24 16:54:25 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/07/24 16:54:25 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/07/24 16:54:25 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/07/24 16:54:23 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/01/30 03:49:19 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/04 14:44:55 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\EMBIRD32
[2010/08/08 00:32:57 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\iolo
[2010/08/11 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Office-Kit.com
[2010/08/05 19:58:04 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PeerNetworking
[2009/01/30 02:57:03 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Pogo Games
[2008/10/21 03:03:38 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\ScanSoft
[2008/10/02 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Template
[2010/08/25 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Uniblue
[2010/09/01 21:49:57 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/01 22:13:43 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3C8BA98C-2E23-4A84-A646-F7DABD4FD989}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 916 bytes -> C:\Users\Brenda\Documents\Re_ Fw_ Re_ I am very glad to hear from you!.eml:OECustomProperty
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:07348C09
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMPE73B0FE
< End of report >

broni · 2010/09/01

Authentium seems to be gone, but you didn't answer a question from my previous reply.

TheMick · 2010/09/01

Which question did I not answer?

TheMick · 2010/09/01

Ok, I think I know the question. The error does not occur when I click on a text or jpeg or tff. It happens only when I try to send an embroidey design to one of the embroidery software.

broni · 2010/09/01

Well, unfortunately I cant' help you with some particular program issue.
If it was affecting some other programs, that would be a different story.
Did you try reinstall those programs?

Now, let's run couple of final scans....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=======================================================

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

========================================================

Disable your antivirus program.
Go to Kaspersky website and perform an online antivirus scan.

Disable your active antivirus program.

Read through the requirements and privacy statement and click on Accept button.

It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.

When the downloads have finished, click on Settings.

Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, Adware, Dialers, and other potentially dangerous programs

Archives

Mail databases

Click on My Computer under Scan.

Once the scan is complete, it will display the results. Click on View Scan Report.

You will see a list of infected items there. Click on Save Report As....

Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

TheMick · 2010/09/02

Results of screen317's Security Check version 0.99.5
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
McAfee Total Protection
McAfee Virtual Technician
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 21
Adobe Flash Player 10.0.32.18
Adobe Reader 9.3.4
Mozilla Firefox (3.6.8)
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

Log in or Sign up

Solved Windows host process (run32dll) stops working

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Windows host process (run32dll) stops working

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

Share This Page

Useful Searches