Solved Windows Security no internet, memory hog, new user account

wow, looks like the nightmare is over, i'm pretty much 100% now and have better protection, hopefully I can keep things running smooth.

all the pictures and videos back.

only thing left is to deal with the additional user account, it only comes up when ran in safe mode, any ideas? it is password protected too...

actually i need to check and see if it's still even there.
I will let you know.

I mean this from the bottom of my heart, this means so much to me and my family, we want to thank you, you are a hero in our eyes.

Thank you.

 

OTL logfile created on: 5/14/2011 7:07:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 11.56 Gb Free Space | 15.52% Space Free | Partition Type: NTFS
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: RAGE557 | User Name: Mike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/06/11 10:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2004/09/22 20:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) [Auto | Stopped] -- C:\Program Files\Network Associates\VirusScan\mcshield.exe -- (McShield)
SRV - [2004/09/22 20:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) [Auto | Stopped] -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe -- (McTaskManager)
SRV - [2004/08/11 12:00:38 | 000,143,360 | ---- | M] (Airgo Networks, Inc.) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\aniServ.exe -- (ANISERVICE)
SRV - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Stopped] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2003/11/18 03:17:38 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/02/10 05:52:30 | 000,114,688 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) [Auto | Stopped] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)


========== Driver Services (SafeList) ==========

DRV - [2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/18 13:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/18 13:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/05/03 23:32:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/01/10 01:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2006/10/18 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/18 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/07/11 08:53:02 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/07/11 08:52:30 | 000,024,320 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/07/11 08:43:16 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/07/11 08:39:38 | 000,202,496 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/07/11 08:38:34 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/07/11 08:26:42 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/10/18 20:00:00 | 000,008,320 | ---- | M] (Network Associates, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\entdrv51.sys -- (EntDrv51)
DRV - [2004/10/15 20:00:00 | 000,058,464 | ---- | M] (Network Associates, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mvstdi5x.sys -- (NaiAvTdi1)
DRV - [2004/10/06 08:44:52 | 000,758,784 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wnihdd51.sys -- (Airgo)
DRV - [2004/09/22 20:00:00 | 000,108,256 | ---- | M] (Network Associates, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\naiavf5x.sys -- (NaiAvFilter1)
DRV - [2004/08/11 12:15:40 | 000,032,036 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\WniProt5.sys -- (WNIPROT5)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/17 14:09:28 | 000,300,884 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\windrvr6.sys -- (WinDriver6)
DRV - [2003/11/18 03:17:35 | 000,008,864 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2003/11/11 12:12:00 | 000,336,800 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.sys -- (DELL_A02)
DRV - [2003/09/22 08:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 08:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFMODNT.SYS -- (PfModNT)
DRV - [2002/12/18 05:31:06 | 000,036,064 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Asfalrt.sys -- (AsfAlrt)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 12:29:02 | 001,293,440 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/06/12 14:54:46 | 000,140,440 | R--- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hcw848nt.sys -- (HCW848NT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..browser.search.selectedEngine: "Google "


[2011/03/25 01:07:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions
[2005/12/10 02:18:52 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/25 01:07:29 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\toolbar@shopathome.com
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2011/05/10 00:58:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe ()
O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (Network Associates, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {276595D9-1388-512A-F24E-B6B3DE32B732} http://media.cdigix.com/Performer/downloads/PerformerSetup.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52...pple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} http://198.99.241.129/eplayer/V3_1_0_0/acneplayer.cab (ACNPlayer2 Class)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131-win.cab (Java Plug-in 1.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://register3.valueactive.com/mpp_229/webolr/OCX/FlashAX.cab (FlashXControl Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322 (QDiagHUpdateObj Class)
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.ctmp3 - C:\WINDOWS\SYSTEM32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.MI-SC4 - MI-SC4.acm File not found
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: msvideo - C:\WINDOWS\System32\o100vc.dll (ViewCast.com / Osprey Technologies, Inc.)
Drivers32: VIDC.D263 - C:\WINDOWS\System32\xl_x263dec.dll (Xirlink, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax ()
Drivers32: VIDC.IV41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 19:06:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/11 20:49:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/10 00:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/10 00:40:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/10 00:40:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/10 00:40:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/10 00:40:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/10 00:29:44 | 000,000,000 | ---D | C] -- C:\## aswSnx private storage
[2011/05/10 00:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/10 00:01:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/06 01:49:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/06 01:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/06 00:44:42 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/05 22:43:28 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/05 22:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/05 22:43:27 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/05 22:43:22 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/05 22:43:22 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/05 22:43:21 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/05 22:43:20 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/05 22:43:20 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/05 22:43:19 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/05 22:42:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/05 22:42:52 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/04 21:01:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\Recent
[2011/05/04 21:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark 3500-4500 Series
[2011/05/04 20:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series
[2011/05/04 18:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/05/03 00:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2011/05/03 00:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/03 00:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 00:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/08/07 00:36:24 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
[2010/08/07 00:36:24 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
[2010/08/07 00:36:23 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
[2010/08/07 00:36:23 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
[2010/08/07 00:36:23 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
[2010/08/07 00:36:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
[2010/08/07 00:36:22 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
[2010/08/07 00:36:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiih.exe
[2010/08/07 00:36:21 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
[2010/08/07 00:36:20 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
[2010/08/07 00:36:20 | 000,517,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicoms.exe
[2010/08/07 00:36:20 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
[2010/08/07 00:36:19 | 000,340,912 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicfg.exe
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2002/04/11 01:41:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/14 19:03:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/14 19:01:08 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/14 19:00:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/14 18:39:20 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2011/05/12 21:51:50 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 00:58:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/05/10 00:40:01 | 004,344,909 | R--- | M] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 13:04:18 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 22:43:29 | 000,001,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/05 22:43:21 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/05 10:17:30 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/05 10:15:50 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/05 10:15:32 | 000,302,080 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 10:13:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/03 08:01:56 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:17:42 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:11 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2011/05/01 13:39:17 | 000,003,888 | ---- | M] () -- C:\Documents and Settings\All Users\lxdi
[2011/04/30 21:01:25 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/29 11:39:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/04/18 13:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/18 13:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/18 13:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/18 13:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/18 13:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/12 21:51:28 | 000,502,095 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 01:32:01 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/10 00:45:10 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/10 00:40:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/10 00:40:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/10 00:40:36 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/10 00:40:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/10 00:40:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/10 00:38:17 | 004,344,909 | R--- | C] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/06 01:21:20 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/06 01:17:25 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/06 01:07:20 | 000,302,080 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 22:43:29 | 000,001,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/04 18:41:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/04 18:10:54 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/05/04 18:10:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/05/04 18:10:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/05/04 18:10:54 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/05/01 18:07:20 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:20 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:07:11 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2010/08/08 18:15:31 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2010/08/07 00:38:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
[2010/08/07 00:38:07 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
[2010/08/07 00:37:11 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
[2010/08/07 00:37:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
[2010/08/07 00:37:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
[2010/08/07 00:36:24 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
[2010/08/07 00:36:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
[2009/01/22 23:43:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/20 13:41:10 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/12/20 02:26:12 | 000,121,278 | ---- | C] () -- C:\WINDOWS\HPHins15.dat
[2008/12/20 02:26:12 | 000,002,885 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat
[2008/12/20 00:25:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/12/20 00:13:06 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/12/20 00:12:55 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/12/20 00:12:55 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/12/20 00:12:54 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/12/20 00:12:53 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/12/19 11:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 13:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 13:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 13:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 13:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 12:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/12/21 22:02:20 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wiseftp.ini
[2007/12/07 18:29:59 | 000,023,684 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007/08/21 18:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 16:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/08/08 17:05:58 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\AdobeUpdater.rbt
[2007/06/18 22:51:32 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2007/06/18 22:51:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Copy of GkSui18.EXE
[2007/01/01 20:34:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/11/02 12:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/05/29 00:59:19 | 000,020,992 | ---- | C] () -- C:\WINDOWS\igBrowse.exe
[2006/05/29 00:59:19 | 000,018,432 | ---- | C] () -- C:\WINDOWS\igUninst.exe
[2006/05/29 00:59:18 | 000,668,938 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/29 00:59:18 | 000,001,315 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/03/06 23:39:59 | 000,000,032 | ---- | C] () -- C:\WINDOWS\HCWBTDLG.INI
[2006/03/06 23:38:54 | 000,000,473 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2006/03/05 12:52:34 | 000,102,038 | ---- | C] () -- C:\WINDOWS\System32\HCW848UN.EXE
[2006/02/14 10:02:24 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/14 10:02:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/22 01:29:43 | 000,003,311 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/10 02:18:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/10 02:18:27 | 000,002,654 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/09/23 17:36:24 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2005/09/23 17:07:41 | 000,006,870 | ---- | C] () -- C:\WINDOWS\System32\drivers\wni6000.bin
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/13 14:37:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mpio.ini
[2005/03/08 14:39:22 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2005/01/31 10:32:58 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\8D77E21392.sys
[2005/01/22 19:30:51 | 000,413,760 | R--- | C] () -- C:\WINDOWS\System32\mpg4c32.dll
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/09/15 17:34:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSC66EF.ini
[2004/09/15 17:33:32 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2004/09/15 17:33:31 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2004/08/26 12:42:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 12:41:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/26 12:24:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/25 14:47:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ACNePlayer.dll
[2004/05/15 03:09:31 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\FBEC0ECC8A.sys
[2004/05/15 03:02:51 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/01/26 17:18:50 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2003/12/19 04:28:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2003/11/18 03:18:23 | 000,000,205 | ---- | C] () -- C:\Program Files\mcadbkmk.htm
[2003/11/18 03:17:39 | 000,112,128 | R--- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2003/11/18 03:17:39 | 000,030,720 | R--- | C] () -- C:\WINDOWS\CdaC13BA.EXE
[2003/11/18 03:17:37 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2003/11/17 00:38:28 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2003/09/25 12:02:07 | 000,001,110 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/09/18 01:44:32 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2003/09/13 22:01:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/09/09 23:32:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/09/02 18:39:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/09/02 18:39:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/09/02 18:39:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/08/31 20:50:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2003/08/27 10:05:32 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/26 15:03:03 | 000,211,456 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/07 01:15:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/07 01:12:11 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2003/08/07 01:12:11 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/08/07 01:11:59 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/08/07 01:11:59 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/08/07 01:11:59 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/08/07 01:11:34 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/08/07 01:08:23 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/07 00:59:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/08/07 00:49:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/07/08 14:41:48 | 000,039,936 | R--- | C] () -- C:\WINDOWS\System32\P16X.dll
[2002/12/18 05:31:54 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\aolninst.dll
[2002/12/18 05:31:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2002/09/03 14:51:12 | 000,466,636 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2002/09/03 14:51:12 | 000,082,456 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2002/09/03 14:42:36 | 000,222,944 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 14:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 14:31:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32

 

\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/02/27 17:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1997/06/13 22:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2011/05/05 22:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/12/21 00:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2008/01/21 23:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2004/11/08 15:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2006/08/10 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2007/06/14 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wal-Mart
[2008/01/10 01:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\1&1
[2008/12/16 19:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Aim
[2003/08/30 14:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\InterTrust
[2004/09/15 17:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Leadertech
[2010/08/07 00:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Lexmark Productivity Studio
[2006/03/20 21:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mind Control Software
[2007/12/21 21:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Nvu
[2010/01/16 15:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Opera
[2006/03/20 21:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\PlayFirst
[2009/05/13 12:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Snapfish
[2007/12/22 11:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2007/08/15 07:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Wal-Mart

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/06/02 21:49:06 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2002/09/03 14:36:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/19 23:04:43 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2002/09/03 14:13:28 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/05/10 01:10:59 | 000,015,454 | ---- | M] () -- C:\ComboFix.txt
[2002/09/03 14:36:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2003/08/07 00:51:08 | 000,004,682 | R--- | M] () -- C:\DELL.SDR
[2007/01/12 22:57:20 | 000,001,059 | ---- | M] () -- C:\deltaStartup.log
[2004/05/05 17:33:09 | 000,004,722 | ---- | M] () -- C:\devicetable.log
[2003/08/16 14:57:18 | 000,000,099 | ---- | M] () -- C:\DownloadLog.txt
[2006/03/05 12:52:05 | 000,028,911 | ---- | M] () -- C:\hcwclear.txt
[2003/09/19 16:51:54 | 000,086,783 | ---- | M] () -- C:\INSTALL.LOG
[2002/09/03 14:36:02 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2007/06/25 22:36:06 | 000,004,274 | ---- | M] () -- C:\IPH.PH
[2010/11/15 11:38:33 | 000,125,749 | ---- | M] () -- C:\logfile
[2011/05/04 18:18:35 | 000,000,078 | ---- | M] () -- C:\lxdi.log
[2002/09/03 14:36:02 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2004/10/01 16:31:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/11/22 17:06:48 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2003/09/06 14:30:25 | 000,000,005 | ---- | M] () -- C:\overflows.txt
[2011/05/14 19:00:31 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2011/05/10 01:33:44 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2003/09/27 22:17:48 | 000,002,026 | ---- | M] () -- C:\VScan.Log

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2002/09/03 14:35:02 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\DESKTOP.INI

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll
[2007/03/28 14:57:34 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\hpzpp5ha.dll
[2007/03/15 23:08:12 | 000,113,664 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\lxdidrpp.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/04/18 13:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2009/02/06 19:03:18 | 000,307,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2004/01/27 23:19:04 | 000,000,205 | ---- | M] () -- C:\Program Files\mcadbkmk.htm
[2004/02/10 16:34:58 | 000,000,072 | ---- | M] () -- C:\Program Files\RUpdate.log

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2002/09/03 14:22:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2002/09/03 14:22:52 | 000,626,688 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2002/09/03 14:22:52 | 000,397,312 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/11/22 17:36:04 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\DESKTOP.INI

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2004/08/26 14:50:42 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\DESKTOP.INI

< %USERPROFILE%\Desktop\*.exe >
[2011/05/05 10:15:32 | 000,302,080 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/10 00:40:01 | 004,344,909 | R--- | M] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2010/01/15 13:44:23 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mike\Desktop\IE8-WindowsXP-x86-ENU.exe
[2011/05/05 10:15:50 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/06 13:04:18 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2009/08/12 22:11:34 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Mike\Desktop\setup-spybotsd162.exe
[2003/01/03 21:36:52 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Startup.exe
[2011/05/05 10:13:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/12 21:51:50 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2005/03/25 10:58:31 | 000,291,792 | ---- | M] (RealVNC Ltd.) -- C:\Documents and Settings\Mike\Desktop\vnc-4_1_1-x86_win32_viewer.exe
[2004/11/07 13:17:45 | 008,026,527 | ---- | M] (Netopsystems AG) -- C:\Documents and Settings\Mike\Desktop\vsci.exe
[2010/09/24 10:32:54 | 058,874,296 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mike\Desktop\WalmartPhotoManager2.4.exe
[2009/05/26 11:15:47 | 001,144,168 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Mike\Desktop\wlsetup-custom.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >
[2003/10/06 16:38:06 | 000,065,536 | ---- | M] ( ) -- C:\WINDOWS\Driver Cache\A3D.dll
[2006/08/28 19:30:58 | 000,002,687 | ---- | M] () -- C:\WINDOWS\Driver Cache\readme.txt
[2008/12/20 00:47:46 | 000,051,200 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\Driver Cache\sfman32.dll

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2004/08/26 14:50:42 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Mike\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/05/01 13:39:17 | 000,003,888 | ---- | M] () -- C:\Documents and Settings\All Users\lxdi
[2006/05/31 22:15:03 | 000,000,406 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
Copy of GkSui18.EXE

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/08/12 22:54:57 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Mike\Cookies\desktop.ini
[2011/05/14 19:04:06 | 000,393,216 | -H-- | M] () -- C:\Documents and Settings\Mike\Cookies\INDEX.DAT

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\INF\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[2002/07/17 16:22:34 | 000,004,672 | ---- | M] (Adaptec) -- C:\WINDOWS\SYSTEM\WOWPOST.EXE

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

OTL Extras logfile created on: 5/14/2011 7:07:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 11.56 Gb Free Space | 15.52% Space Free | Partition Type: NTFS
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: RAGE557 | User Name: Mike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Lexmark 3500-4500 Series\app4r.exe" = C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AceBIT\WISE-FTP\wise_ftp.exe" = C:\Program Files\AceBIT\WISE-FTP\wise_ftp.exe:*:Enabled:WISE-FTP application executable -- (AceBIT GmbH)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\WINDOWS\SYSTEM32\lxdicoms.exe" = C:\WINDOWS\SYSTEM32\lxdicoms.exe:*:Enabled:3500-4500 Series Server -- ( )
"C:\Program Files\Lexmark 3500-4500 Series\App4R.exe" = C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabledrinting Application -- ()
"C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" = C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabledevice Monitor -- ()
"C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" = C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabledevice Monitor Application -- ()
"C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdipswx.exe" = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdipswx.exe:*:Enabledrinter Status Window Interface -- ()
"C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxditime.exe" = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxditime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdijswx.exe" = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdijswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdiwbgw.exe" = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdiwbgw.exe:*:Enabled:Lexmark Web Gateway -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{053EC7D7-25D6-87DE-FB3C-21EDA3AC1B3D}" = CCC Help Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{09E03881-E349-18A2-2AFC-CADE51DF080E}" = CCC Help Thai
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0DACEA66-186D-4187-80B7-4D28ABBAE59D}" = Belkin Wireless Client Utility
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{12C11D57-0E6B-64F2-B99E-E40E785AEB56}" = CCC Help Hungarian
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{152441C1-D4DA-EE78-7E4A-514DD0361256}" = CCC Help Dutch
"{16C291EE-B2F5-1636-D382-FEB776F677BE}" = CCC Help Italian
"{18941178-396B-0CC4-2168-17112315EBB8}" = ccc-utility
"{1B3D70BF-F1E5-1548-C1ED-22F0D47BDDD1}" = CCC Help Finnish
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22CCA04F-DFE0-5337-770C-3CFD2CDCF2D9}" = ccc-core-static
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DDBE461-3A0D-A6C2-6944-92D694AFB12A}" = Catalyst Control Center Localization French
"{31378148-07F5-4210-9F20-AD948EA8CF7C}" =
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3373AFA7-672F-407C-68F0-955FB5930A47}" = Catalyst Control Center Localization Turkish
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB8AFB-0376-9D4F-24E5-1EEC1CEE1A4B}" = CCC Help Chinese Standard
"{36417A39-B6A6-BE0F-0AD0-6D9B116985D1}" = CCC Help Swedish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BDEE284-1516-40E8-B784-00FEBE1B1033}" = Nero 7 Essentials
"{3C50A915-DD33-4802-B83B-9EA997D3337B}" = Intel (R) Pro Alerting Agent
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FAFEF64-911D-8013-18B5-E0BDF223A5C0}" = CCC Help Korean
"{40E4166C-460E-65F8-F84B-88A2F9EA69F4}" = CCC Help Polish
"{41844F24-9CA6-11D4-A74E-00D0B76FE248}" = VBA (2720)
"{421D1CB2-0C0B-AC1D-06E5-14B0974376B5}" = Catalyst Control Center Localization Korean
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{451CEE76-0FFE-802D-1F5E-615D69BC7007}" = Catalyst Control Center Localization Greek
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4609F28C-0BDB-F2B2-9DC7-B35A28478312}" = Catalyst Control Center Localization Czech
"{46E1C9E1-9CC6-D432-F2BB-7CFC27B32EC9}" = Catalyst Control Center Localization Russian
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4C560D9B-BEA0-4098-ADE2-28576DF8CA8B}" = Kazaa Media Desktop 2.5.1
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{519118EE-ACFD-16B7-7FEA-6B47D529B50C}" = Catalyst Control Center Core Implementation
"{5325AF31-8FEF-EEA6-084E-6784F834B5C0}" = Catalyst Control Center Graphics Full Existing
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57105084-049B-008E-165A-92AF92B0C60F}" = ccc-core-preinstall
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE136A9-DCAE-69D0-08CB-02F07CFC9398}" = CCC Help Spanish
"{5DF3D1BB-894E-4DCD-8275-159AC9829B43}" = McAfee VirusScan Enterprise
"{5E7AD152-771A-52C9-8394-E2F3BA629E06}" = CCC Help Greek
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6782B259-804B-301D-0DE9-13000375C2D2}" = Catalyst Control Center Localization Japanese
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D58E839-9E34-3979-7BFD-145BD5E9401C}" = CCC Help Norwegian
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}" = QuickTime
"{6FA439F8-EBD8-FF4D-8EE5-A52FE69A4248}" = Catalyst Control Center Localization Finnish
"{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}" = OMCI
"{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}" = Roxio Easy Media Creator 7 Basic DVD Edition
"{75C22B40-6D12-4439-80DC-CAB3313EADA5}" = dj_sf_software_req
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793E79A5-B52D-E287-37F2-398F530D74C7}" = Catalyst Control Center Localization Polish
"{7F2FF077-4A0C-0F26-717C-617DED010B33}" = CCC Help English
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8BF103B8-8C8E-2246-8C0D-C6C256E5E428}" = CCC Help French
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8E9BA9AF-6A06-C7AC-5863-4A40CF29CE05}" = Catalyst Control Center Localization German
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{90E5D6A9-C373-357B-6659-8BF019E3C1D4}" = Catalyst Control Center Localization Dutch
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9366C5C6-9434-C4C9-9804-FB4D7142874D}" = Catalyst Control Center Localization Portuguese
"{942DD738-A9F7-BBFA-3960-4558CB0EE272}" = Catalyst Control Center Localization Chinese Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0857F54-AE2D-F453-4069-C7D65AE36426}" = Catalyst Control Center Localization Chinese Traditional
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2FA61E6-B46A-3489-BD5A-2991144A5BC4}" = CCC Help Portuguese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{AA75AFFC-C5F3-2497-FE56-48AA163EFE2B}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5C68E1B-A651-33AA-21A6-7CC2D69EEFA2}" = CCC Help Czech
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{BE2686A1-ECF2-FF0E-9DF5-EC7A806AEED8}" = Catalyst Control Center Localization Thai
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B8406-F144-3B99-F66E-8D1703C9A9C5}" = Catalyst Control Center Graphics Previews Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4F3A4D4-84B1-3A40-14AA-422DE60EF96A}" = Skins
"{D51D9840-FABE-390B-24D2-D052332B311A}" = Catalyst Control Center Localization Spanish
"{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}" = Apple Mobile Device Support
"{D9E96902-5743-D105-BCB7-FBD3C0DF3989}" = Catalyst Control Center Localization Swedish
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DCB91C79-B78B-44B1-A7FE-28DECA6E9245}" = Dell TrueMobile 2300 Wireless Broadband Router Control Utility
"{DCE27619-6822-0D22-1405-9D2899DC1896}" = Catalyst Control Center Localization Norwegian
"{DF80DB18-7179-EB18-5818-E7F761DA59AE}" = CCC Help Danish
"{E0C18BB0-32CA-4679-B422-9B9FA825378F}" = HP Deskjet Printer Driver Software 9.0
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E698F77C-216C-8409-F4DC-E4AAECF5DEFF}" = Catalyst Control Center Localization Italian
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E7DAAF26-A0B0-1D77-0794-20D1314297F1}" = Catalyst Control Center Graphics Light
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F16A317A-6128-39E2-9607-20B5C70132E6}" = Catalyst Control Center Localization Hungarian
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F2B34A83-5345-910F-EC0F-0D92A00D6E3B}" = CCC Help Turkish
"{F2BDC47D-18FA-5B10-58C0-9FFBDBE0B031}" = Catalyst Control Center Graphics Full New
"{F3D677C8-612D-F5A8-A22F-2EF74F44000B}" = CCC Help Chinese Traditional
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F9AB0D25-0085-8345-3F1A-5E5C714092B9}" = Catalyst Control Center Localization Danish
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FEFE846E-DF0E-0AC6-0EA0-F85CE63CA275}" = CCC Help German
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CdaC13Ba" = Cda Product Service - shared component
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON Printer and Utilities" = EPSON Printer Software
"Hauppauge WinTV NT4/Win2000 Drivers" = Hauppauge WinTV NT4/Win2000 Drivers
"HP Drive Key Boot Utility" = HP Drive Key Boot Utility
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"igLoader_is1" = igLoader 2,0,0,2
"InstallShield_{0DACEA66-186D-4187-80B7-4D28ABBAE59D}" = Belkin Wireless Client Utility
"InstallShield_{31378148-07F5-4210-9F20-AD948EA8CF7C}" =
"JRE 1.3.1" = Java 2 Runtime Environment Standard Edition v1.3.1
"Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyPublisher BookMaker" = MyPublisher BookMaker
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"PROSet" = Intel(R) PRO Network Connections Drivers
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinISO_is1" = WinISO 5.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/14/2011 12:19:57 AM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 60 seconds;

Error - 5/14/2011 12:23:37 AM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 60 seconds;

Error - 5/14/2011 6:32:19 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 5 seconds;

Error - 5/14/2011 6:32:34 PM | Computer Name = RAGE557 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 lxdiamon.exe, P2 1.0.2676.13196, P3 4635dee9,
P4 app4r.monitor.core, P5 1.0.2676.13195, P6 463855db, P7 b, P8 114, P9 system.nullreferenceexception,
P10 NIL.

Error - 5/14/2011 6:35:34 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 10 seconds;

Error - 5/14/2011 6:38:47 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 15 seconds;

Error - 5/14/2011 6:47:09 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 5 seconds;

Error - 5/14/2011 6:49:20 PM | Computer Name = RAGE557 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 lxdiamon.exe, P2 1.0.2676.13196, P3 4635dee9,
P4 app4r.monitor.core, P5 1.0.2676.13195, P6 463855db, P7 b, P8 114, P9 system.nullreferenceexception,
P10 NIL.

Error - 5/14/2011 6:50:36 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 10 seconds;

Error - 5/14/2011 6:53:35 PM | Computer Name = RAGE557 | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 15 seconds;

[ System Events ]
Error - 5/3/2011 1:13:51 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:13:53 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:13:53 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:44 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:44 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:47 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:47 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:51 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:51 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}

Error - 5/3/2011 1:14:51 AM | Computer Name = RAGE557 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service Iap with arguments
"-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}


< End of report >

 

I hope those copied right for you, had to run them in safe mode, my computer is now running super super slow in regular mode and locking up. the device manager shows svchost running like 8 times and comes up with an error message upon every boot up that says Device Monitor Application has encountered a problem... not sure what's going on.

 

I'll run msconfig tonight and uncheck anything Lexmark related as you mentioned.

Wanted to give you a list on problems that have been occuring lately:
* Device Monitor Application has encountered a problem
* lxdiamon.exe application Error
Process ID= 0xbe0 (3040)
thread ID= 0xbe4 (3044)

* Internet cables connected and sensing the connection but internet explorer showing cannot display page message (after three restarts and a 15 min wait on the third restart we finally were able to connect)

* VirusScan On-Access Scan message
Pathname: C:\Windows\temp\_avast-\unp62470669.tmp

So I guess I am not out of the woods yet, I really wish I knew what programs were nessasary to run on windows start up so I can cut out some processes that are not nessasary and are just slowing me down.

thx again

 

very encouraging, i will run it tonight and let you know.
Thank you.

 

OTL logfile created on: 5/17/2011 12:19:03 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 9.51 Gb Free Space | 12.77% Space Free | Partition Type: NTFS

Computer Name: RAGE557 | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2011/04/18 13:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2004/09/22 20:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\mcshield.exe
PRC - [2004/09/22 20:00:00 | 000,094,208 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\shstat.exe
PRC - [2004/09/22 20:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
PRC - [2004/08/11 12:00:38 | 000,143,360 | ---- | M] (Airgo Networks, Inc.) -- C:\WINDOWS\SYSTEM32\aniServ.exe
PRC - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2003/11/18 03:17:38 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
PRC - [2003/02/10 05:52:30 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2011/04/18 13:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/06/11 10:14:52 | 000,517,040 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2004/09/22 20:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\VirusScan\mcshield.exe -- (McShield)
SRV - [2004/09/22 20:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe -- (McTaskManager)
SRV - [2004/08/11 12:00:38 | 000,143,360 | ---- | M] (Airgo Networks, Inc.) [Auto | Running] -- C:\WINDOWS\SYSTEM32\aniServ.exe -- (ANISERVICE)
SRV - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2003/11/18 03:17:38 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/02/10 05:52:30 | 000,114,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)


========== Driver Services (SafeList) ==========

DRV - [2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/18 13:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/18 13:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/05/03 23:32:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/01/10 01:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2006/10/18 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/18 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/07/11 08:53:02 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/07/11 08:52:30 | 000,024,320 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/07/11 08:43:16 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/07/11 08:39:38 | 000,202,496 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/07/11 08:38:34 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/07/11 08:26:42 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/10/18 20:00:00 | 000,008,320 | ---- | M] (Network Associates, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\entdrv51.sys -- (EntDrv51)
DRV - [2004/10/15 20:00:00 | 000,058,464 | ---- | M] (Network Associates, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mvstdi5x.sys -- (NaiAvTdi1)
DRV - [2004/10/06 08:44:52 | 000,758,784 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wnihdd51.sys -- (Airgo)
DRV - [2004/09/22 20:00:00 | 000,108,256 | ---- | M] (Network Associates, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\naiavf5x.sys -- (NaiAvFilter1)
DRV - [2004/08/11 12:15:40 | 000,032,036 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\WniProt5.sys -- (WNIPROT5)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/17 14:09:28 | 000,300,884 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\windrvr6.sys -- (WinDriver6)
DRV - [2003/11/18 03:17:35 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2003/11/11 12:12:00 | 000,336,800 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.sys -- (DELL_A02)
DRV - [2003/09/22 08:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 08:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFMODNT.SYS -- (PfModNT)
DRV - [2002/12/18 05:31:06 | 000,036,064 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Asfalrt.sys -- (AsfAlrt)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 12:29:02 | 001,293,440 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/06/12 14:54:46 | 000,140,440 | R--- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hcw848nt.sys -- (HCW848NT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========




IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..browser.search.selectedEngine: "Google "


[2011/03/25 01:07:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions
[2005/12/10 02:18:52 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/25 01:07:29 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\toolbar@shopathome.com
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2011/05/10 00:58:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (Network Associates, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {276595D9-1388-512A-F24E-B6B3DE32B732} http://media.cdigix.com/Performer/downloads/PerformerSetup.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52...pple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} http://198.99.241.129/eplayer/V3_1_0_0/acneplayer.cab (ACNPlayer2 Class)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131-win.cab (Java Plug-in 1.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://register3.valueactive.com/mpp_229/webolr/OCX/FlashAX.cab (FlashXControl Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322 (QDiagHUpdateObj Class)
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 19:06:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/11 20:49:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/10 00:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/10 00:40:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/10 00:40:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/10 00:40:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/10 00:40:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/10 00:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/10 00:01:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/06 01:49:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/06 01:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/06 00:44:42 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/05 22:43:28 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/05 22:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/05 22:43:27 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/05 22:43:22 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/05 22:43:22 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/05 22:43:21 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/05 22:43:20 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/05 22:43:20 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/05 22:43:19 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/05 22:42:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/05 22:42:52 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/04 21:01:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\Recent
[2011/05/04 21:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark 3500-4500 Series
[2011/05/04 20:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series
[2011/05/04 18:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/05/03 00:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2011/05/03 00:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/03 00:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 00:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/08/07 00:36:24 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
[2010/08/07 00:36:24 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
[2010/08/07 00:36:23 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
[2010/08/07 00:36:23 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
[2010/08/07 00:36:23 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
[2010/08/07 00:36:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
[2010/08/07 00:36:22 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
[2010/08/07 00:36:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiih.exe
[2010/08/07 00:36:21 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
[2010/08/07 00:36:20 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
[2010/08/07 00:36:20 | 000,517,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicoms.exe
[2010/08/07 00:36:20 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
[2010/08/07 00:36:19 | 000,340,912 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicfg.exe
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2002/04/11 01:41:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/16 23:43:07 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/16 23:38:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/16 23:38:47 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 23:30:15 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2011/05/16 23:27:18 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/14 19:03:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/12 21:51:50 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 00:58:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/05/10 00:40:01 | 004,344,909 | R--- | M] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 13:04:18 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 22:43:29 | 000,001,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/05 22:43:21 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/05 10:17:30 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/05 10:15:50 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/05 10:15:32 | 000,302,080 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 10:13:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/03 08:01:56 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:17:42 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:11 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2011/05/01 13:39:17 | 000,003,888 | ---- | M] () -- C:\Documents and Settings\All Users\lxdi
[2011/04/30 21:01:25 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/29 11:39:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/04/18 13:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/18 13:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/18 13:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/18 13:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/18 13:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/15 23:25:05 | 2146,488,320 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/12 21:51:28 | 000,502,095 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 01:32:01 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/10 00:45:10 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/10 00:40:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/10 00:40:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/10 00:40:36 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/10 00:40:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/10 00:40:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/10 00:38:17 | 004,344,909 | R--- | C] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/06 01:21:20 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/06 01:17:25 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/06 01:07:20 | 000,302,080 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 22:43:29 | 000,001,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/04 18:41:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/04 18:10:54 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/05/04 18:10:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/05/04 18:10:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/05/04 18:10:54 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/05/01 18:07:20 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:20 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:07:11 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2010/08/08 18:15:31 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2010/08/07 00:38:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
[2010/08/07 00:38:07 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
[2010/08/07 00:37:11 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
[2010/08/07 00:37:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
[2010/08/07 00:37:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
[2010/08/07 00:36:24 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
[2010/08/07 00:36:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
[2009/01/22 23:43:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/20 13:41:10 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/12/20 02:26:12 | 000,121,278 | ---- | C] () -- C:\WINDOWS\HPHins15.dat
[2008/12/20 02:26:12 | 000,002,885 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat
[2008/12/20 00:25:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/12/20 00:13:06 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/12/20 00:12:55 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/12/20 00:12:55 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/12/20 00:12:54 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/12/20 00:12:53 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/12/19 11:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 13:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 13:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 13:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 13:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 12:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/12/21 22:02:20 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wiseftp.ini
[2007/12/07 18:29:59 | 000,023,684 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007/08/21 18:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 16:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/08/08 17:05:58 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\AdobeUpdater.rbt
[2007/06/18 22:51:32 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2007/06/18 22:51:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Copy of GkSui18.EXE
[2007/01/01 20:34:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/11/02 12:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/05/29 00:59:19 | 000,020,992 | ---- | C] () -- C:\WINDOWS\igBrowse.exe
[2006/05/29 00:59:19 | 000,018,432 | ---- | C] () -- C:\WINDOWS\igUninst.exe
[2006/05/29 00:59:18 | 000,668,938 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/29 00:59:18 | 000,001,315 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/03/06 23:39:59 | 000,000,032 | ---- | C] () -- C:\WINDOWS\HCWBTDLG.INI
[2006/03/06 23:38:54 | 000,000,473 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2006/03/05 12:52:34 | 000,102,038 | ---- | C] () -- C:\WINDOWS\System32\HCW848UN.EXE
[2006/02/14 10:02:24 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/14 10:02:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/22 01:29:43 | 000,003,311 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/10 02:18:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/10 02:18:27 | 000,002,654 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/09/23 17:36:24 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2005/09/23 17:07:41 | 000,006,870 | ---- | C] () -- C:\WINDOWS\System32\drivers\wni6000.bin
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/13 14:37:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mpio.ini
[2005/03/08 14:39:22 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2005/01/31 10:32:58 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\8D77E21392.sys
[2005/01/22 19:30:51 | 000,413,760 | R--- | C] () -- C:\WINDOWS\System32\mpg4c32.dll
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/09/15 17:34:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSC66EF.ini
[2004/09/15 17:33:32 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2004/09/15 17:33:31 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2004/08/26 12:42:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 12:41:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/26 12:24:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/25 14:47:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ACNePlayer.dll
[2004/05/15 03:09:31 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\FBEC0ECC8A.sys
[2004/05/15 03:02:51 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/01/26 17:18:50 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2003/12/19 04:28:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2003/11/18 03:18:23 | 000,000,205 | ---- | C] () -- C:\Program Files\mcadbkmk.htm
[2003/11/18 03:17:39 | 000,112,128 | R--- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2003/11/18 03:17:39 | 000,030,720 | R--- | C] () -- C:\WINDOWS\CdaC13BA.EXE
[2003/11/18 03:17:37 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2003/11/17 00:38:28 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2003/09/25 12:02:07 | 000,001,110 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/09/18 01:44:32 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2003/09/13 22:01:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/09/09 23:32:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/09/02 18:39:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/09/02 18:39:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/09/02 18:39:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/08/31 20:50:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2003/08/27 10:05:32 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/26 15:03:03 | 000,211,456 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/07 01:15:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/07 01:12:11 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2003/08/07 01:12:11 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/08/07 01:11:59 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/08/07 01:11:59 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/08/07 01:11:59 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/08/07 01:11:34 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/08/07 01:08:23 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/07 00:59:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/08/07 00:49:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/07/08 14:41:48 | 000,039,936 | R--- | C] () -- C:\WINDOWS\System32\P16X.dll
[2002/12/18 05:31:54 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\aolninst.dll
[2002/12/18 05:31:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2002/09/03 14:51:12 | 000,466,636 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2002/09/03 14:51:12 | 000,082,456 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2002/09/03 14:42:36 | 000,222,944 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 14:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 14:31:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/02/27 17:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1997/06/13 22:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/01/10 01:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\1&1
[2008/12/16 19:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Aim
[2003/08/30 14:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\InterTrust
[2004/09/15 17:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Leadertech
[2010/08/07 00:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Lexmark Productivity Studio
[2006/03/20 21:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mind Control Software
[2007/12/21 21:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Nvu
[2010/01/16 15:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Opera
[2006/03/20 21:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\PlayFirst
[2009/05/13 12:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Snapfish
[2007/12/22 11:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2007/08/15 07:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Wal-Mart
[2011/05/05 22:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/12/21 00:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2008/01/21 23:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2004/11/08 15:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2006/08/10 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2007/06/14 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wal-Mart

========== Purity Check ==========



< End of report >

 

My friend had helped my build a custom pc a couple years back and I ended up trading it for a ps3, I just needed a computer for netflix and pictures so a couple of years ago I bought this one for $75.

This is the crazy part, the guy that sold me the computer (mike) didn't take a thing off off it! This thing had personal photos, saved passwords and everything. 90% of the programs on the computer were not installed by me or my wife. I went through and got rid of as much personal stuff as I could but it's always started up slow, I just didn't know enough about computers to remove the stuff that was not needed.

Thanks again, I will do what you said tonight and post the logs tomorrow, this is all very encouraging.

Quick question, I brought over my parents computer, it's an old one that, like really really old dell and plugged it up to work with while the other computer is down and now it is experiencing problems... could this be an indicator that whatever software is causing problems might have our ip address on a list?

Just curious.

 

OTL logfile created on: 5/18/2011 10:19:28 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 9.58 Gb Free Space | 12.87% Space Free | Partition Type: NTFS

Computer Name: RAGE557 | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2011/04/18 13:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2004/08/11 12:00:38 | 000,143,360 | ---- | M] (Airgo Networks, Inc.) -- C:\WINDOWS\SYSTEM32\aniServ.exe
PRC - [2003/11/18 03:17:38 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
PRC - [2003/02/10 05:52:30 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2011/04/18 13:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/06/11 10:14:52 | 000,517,040 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2004/08/11 12:00:38 | 000,143,360 | ---- | M] (Airgo Networks, Inc.) [Auto | Running] -- C:\WINDOWS\SYSTEM32\aniServ.exe -- (ANISERVICE)
SRV - [2003/11/18 03:17:38 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/02/10 05:52:30 | 000,114,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)


========== Driver Services (SafeList) ==========

DRV - [2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/18 13:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/18 13:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/05/03 23:32:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/01/10 01:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2006/10/18 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/18 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/07/11 08:53:02 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/07/11 08:52:30 | 000,024,320 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/07/11 08:43:16 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/07/11 08:39:38 | 000,202,496 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/07/11 08:38:34 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/07/11 08:26:42 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/10/06 08:44:52 | 000,758,784 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wnihdd51.sys -- (Airgo)
DRV - [2004/08/11 12:15:40 | 000,032,036 | ---- | M] (Airgo Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\WniProt5.sys -- (WNIPROT5)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/03/17 14:09:28 | 000,300,884 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\windrvr6.sys -- (WinDriver6)
DRV - [2003/11/18 03:17:35 | 000,008,864 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2003/11/11 12:12:00 | 000,336,800 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.sys -- (DELL_A02)
DRV - [2003/09/22 08:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 08:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFMODNT.SYS -- (PfModNT)
DRV - [2002/12/18 05:31:06 | 000,036,064 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Asfalrt.sys -- (AsfAlrt)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 12:29:02 | 001,293,440 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/06/12 14:54:46 | 000,140,440 | R--- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hcw848nt.sys -- (HCW848NT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========




IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://education.dellnet.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..browser.search.selectedEngine: "Google "


[2011/03/25 01:07:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions
[2005/12/10 02:18:52 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/25 01:07:29 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\pivdlglc.default\extensions\toolbar@shopathome.com
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2005/12/10 02:18:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2011/05/10 00:58:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-391633341-3326509204-3868631817-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {276595D9-1388-512A-F24E-B6B3DE32B732} http://media.cdigix.com/Performer/downloads/PerformerSetup.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52...pple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} http://198.99.241.129/eplayer/V3_1_0_0/acneplayer.cab (ACNPlayer2 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://register3.valueactive.com/mpp_229/webolr/OCX/FlashAX.cab (FlashXControl Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322 (QDiagHUpdateObj Class)
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/18 22:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Java remove
[2011/05/18 21:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/05/14 19:06:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/11 20:49:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/10 00:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/10 00:40:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/10 00:40:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/10 00:40:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/10 00:40:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/10 00:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/10 00:01:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/06 01:49:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/06 01:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/06 00:44:42 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/05 22:43:28 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/05 22:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/05 22:43:27 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/05 22:43:22 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/05 22:43:22 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/05 22:43:21 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/05 22:43:20 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/05 22:43:20 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/05 22:43:19 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/05 22:42:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/05 22:42:52 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/05 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/04 21:01:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\Recent
[2011/05/04 21:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark 3500-4500 Series
[2011/05/04 20:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series
[2011/05/04 18:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/05/03 00:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2011/05/03 00:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/03 00:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 00:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/08/07 00:36:24 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
[2010/08/07 00:36:24 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
[2010/08/07 00:36:23 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
[2010/08/07 00:36:23 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
[2010/08/07 00:36:23 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
[2010/08/07 00:36:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
[2010/08/07 00:36:23 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
[2010/08/07 00:36:22 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
[2010/08/07 00:36:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiih.exe
[2010/08/07 00:36:21 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
[2010/08/07 00:36:20 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
[2010/08/07 00:36:20 | 000,517,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicoms.exe
[2010/08/07 00:36:20 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
[2010/08/07 00:36:19 | 000,340,912 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicfg.exe
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2002/04/11 01:41:00 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/18 22:14:58 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/18 22:13:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/18 22:13:32 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 22:01:56 | 000,160,350 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\JavaRa.zip
[2011/05/18 21:06:02 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2011/05/16 23:27:18 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2011/05/14 19:06:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/05/14 19:03:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/12 21:51:50 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 00:58:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/05/10 00:40:01 | 004,344,909 | R--- | M] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 13:04:18 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 22:43:29 | 000,001,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/05 22:43:21 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/05 10:17:30 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/05 10:15:50 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/05 10:15:32 | 000,302,080 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 10:13:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\TFC.exe
[2011/05/03 08:01:56 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:17:42 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:11 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2011/05/01 13:39:17 | 000,003,888 | ---- | M] () -- C:\Documents and Settings\All Users\lxdi
[2011/04/30 21:01:25 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/29 11:39:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/18 22:01:55 | 000,160,350 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\JavaRa.zip
[2011/05/15 23:25:05 | 2146,488,320 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/12 21:51:28 | 000,502,095 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\unhide.exe
[2011/05/10 01:32:01 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\rkill.exe
[2011/05/10 00:45:10 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/10 00:40:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/10 00:40:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/10 00:40:36 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/10 00:40:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/10 00:40:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/10 00:38:17 | 004,344,909 | R--- | C] () -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2011/05/06 01:49:41 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/06 01:21:20 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dds.scr
[2011/05/06 01:17:25 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBRCheck.exe
[2011/05/06 01:07:20 | 000,302,080 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\2ys439ki.exe
[2011/05/05 22:43:29 | 000,001,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/04 18:41:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/04 18:10:54 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/05/04 18:10:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/05/04 18:10:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/05/04 18:10:54 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/05/01 18:07:20 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580r
[2011/05/01 18:07:20 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19062580
[2011/05/01 18:07:11 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19062580
[2010/08/08 18:15:31 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2010/08/07 00:38:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
[2010/08/07 00:38:07 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
[2010/08/07 00:37:11 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
[2010/08/07 00:37:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
[2010/08/07 00:37:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
[2010/08/07 00:36:24 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
[2010/08/07 00:36:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
[2009/01/22 23:43:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/20 13:41:10 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/12/20 02:26:12 | 000,121,278 | ---- | C] () -- C:\WINDOWS\HPHins15.dat
[2008/12/20 02:26:12 | 000,002,885 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat
[2008/12/20 00:25:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/12/20 00:13:06 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/12/20 00:12:55 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/12/20 00:12:55 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/12/20 00:12:54 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/12/20 00:12:53 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/12/19 11:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 13:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 13:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 13:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 13:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 12:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/12/21 22:02:20 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wiseftp.ini
[2007/12/07 18:29:59 | 000,023,684 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007/08/21 18:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 16:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/08/08 17:05:58 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\AdobeUpdater.rbt
[2007/06/18 22:51:32 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2007/06/18 22:51:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Copy of GkSui18.EXE
[2007/01/01 20:34:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/11/02 12:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/05/29 00:59:19 | 000,020,992 | ---- | C] () -- C:\WINDOWS\igBrowse.exe
[2006/05/29 00:59:19 | 000,018,432 | ---- | C] () -- C:\WINDOWS\igUninst.exe
[2006/05/29 00:59:18 | 000,668,938 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/29 00:59:18 | 000,001,315 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/03/06 23:39:59 | 000,000,032 | ---- | C] () -- C:\WINDOWS\HCWBTDLG.INI
[2006/03/06 23:38:54 | 000,000,473 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2006/03/05 12:52:34 | 000,102,038 | ---- | C] () -- C:\WINDOWS\System32\HCW848UN.EXE
[2006/02/14 10:02:24 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/14 10:02:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/22 01:29:43 | 000,003,311 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/10 02:18:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/10 02:18:27 | 000,002,654 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/09/23 17:36:24 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2005/09/23 17:07:41 | 000,006,870 | ---- | C] () -- C:\WINDOWS\System32\drivers\wni6000.bin
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/13 14:37:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mpio.ini
[2005/03/08 14:39:22 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2005/01/31 10:32:58 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\8D77E21392.sys
[2005/01/22 19:30:51 | 000,413,760 | R--- | C] () -- C:\WINDOWS\System32\mpg4c32.dll
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/09/15 17:34:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSC66EF.ini
[2004/09/15 17:33:32 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2004/09/15 17:33:31 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2004/08/26 12:42:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 12:41:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/26 12:24:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/25 14:47:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ACNePlayer.dll
[2004/05/15 03:09:31 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\FBEC0ECC8A.sys
[2004/05/15 03:02:51 | 000,129,024 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/01/26 17:18:50 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2003/12/19 04:28:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2003/11/18 03:18:23 | 000,000,205 | ---- | C] () -- C:\Program Files\mcadbkmk.htm
[2003/11/18 03:17:39 | 000,112,128 | R--- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2003/11/18 03:17:39 | 000,030,720 | R--- | C] () -- C:\WINDOWS\CdaC13BA.EXE
[2003/11/18 03:17:37 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2003/11/17 00:38:28 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2003/09/25 12:02:07 | 000,001,110 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/09/18 01:44:32 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2003/09/13 22:01:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/09/09 23:32:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/09/02 18:39:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/09/02 18:39:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/09/02 18:39:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/08/31 20:50:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2003/08/27 10:05:32 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/26 15:03:03 | 000,211,456 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/07 01:15:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/07 01:12:11 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2003/08/07 01:12:11 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/08/07 01:11:59 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/08/07 01:11:59 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/08/07 01:11:59 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/08/07 01:11:34 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/08/07 01:08:23 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/07 00:59:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/08/07 00:49:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/07/08 14:41:48 | 000,039,936 | R--- | C] () -- C:\WINDOWS\System32\P16X.dll
[2002/12/18 05:31:54 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\aolninst.dll
[2002/12/18 05:31:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2002/09/03 14:51:12 | 000,466,636 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2002/09/03 14:51:12 | 000,082,456 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2002/09/03 14:42:36 | 000,222,944 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 14:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 14:31:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/02/27 17:50:00 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1997/06/13 22:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/01/10 01:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\1&1
[2008/12/16 19:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Aim
[2003/08/30 14:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\InterTrust
[2004/09/15 17:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Leadertech
[2010/08/07 00:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Lexmark Productivity Studio
[2006/03/20 21:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mind Control Software
[2007/12/21 21:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Nvu
[2010/01/16 15:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Opera
[2006/03/20 21:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\PlayFirst
[2009/05/13 12:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Snapfish
[2007/12/22 11:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2007/08/15 07:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Wal-Mart
[2011/05/05 22:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/12/21 00:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2008/01/21 23:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2004/11/08 15:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2011/05/18 21:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/29 21:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wal-Mart

========== Purity Check ==========



< End of report >

 

a couple of things, could not find the viewpoint tool bar, but did remove the other two that were plainly listed.
also, when i ran the fix in the custom scan in OTL, it did not restart on its own and when I restarted windows there was not new report.
I went ahead and then ran OTL on quick scan for all users and posted the log.

Let me know.
System really is speeding up now.
Thanks again, you are a hero.

 

100% sorry for the delay, busy weekend with the kids.
i'm reruning the OTL right now with the custom scan/fix i'll post momentarily