Solved Antivirusware Soft Question - Should I do more?

[Resolved] Antivirusware Soft Question - Should I do more?

First, Thanks all of you who offer so much for so little in return other than some profuse thanks from those of us who depend on generous souls like you.

I just had a case of the flue called AntiVirusWare Soft. I did get rid of the exe file and two registry enteries. The exe as deleted and deleted again.

I had to reinstall Firefox, it was trashed. A complete undelete, registry and all and reinstalled it. It is working fine now.

I ran Panda and The Shield Deluxe and Malewarebytes and SpyBot a couple of times and dumped whatever they said to or was done on autopilot.

I did all of this before I found you guys. It all happened on Wed.

Things seem to be operating well now, but after reading your enteries on others with the same or similar Flu I am wondering if I should do more. It be advisable to have you guide me as you have others at this point to check for even more remnants that could be left behind?

It is a New HP, not a month old with Windows 7.

This thing came in while watching a live webinar on IM and shut it down and everything else, as you know it does.

Thanks again for all of your great help.

Justin


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/27/2010 2:06:24 PM
System Uptime: 5/29/2010 2:41:29 AM (30 hours ago)

Motherboard: PEGATRON CORPORATION | | NARRA5
Processor: AMD Athlon(tm) II X2 240 Processor | Socket AM2 | 2800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 287 GiB total, 231.519 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.547 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is FIXED (NTFS) - 233 GiB total, 109.206 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel

==== System Restore Points ===================

RP45: 5/25/2010 12:23:24 PM - Installed SEO Link Dominator - fast Indexer and Pinger
RP46: 5/25/2010 12:33:52 PM - Installed Proxy Scraper
RP47: 5/26/2010 3:00:23 AM - Windows Update
RP48: 5/27/2010 8:34:18 AM - Installed STOPzilla. Available with Windows Installer version 1.2

and later.
RP51: 5/27/2010 10:25:48 AM - Installed The Shield Deluxe 2010
RP52: 5/27/2010 11:38:32 AM - Windows Update
RP53: 5/27/2010 6:46:28 PM - Installed Java(TM) 6 Update 20
RP55: 5/27/2010 8:24:02 PM - Revo Uninstaller's restore point - MassArticleSubmitter
RP56: 5/27/2010 8:24:35 PM - Removed MassArticleSubmitter
RP57: 5/27/2010 8:26:11 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and

later.
RP58: 5/29/2010 2:45:56 AM - Removed Power Article Rewriter
RP59: 5/29/2010 8:29:02 AM - Revo Uninstaller's restore point - Mozilla Firefox (3.6.3)

==== Installed Programs ======================

Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
AI RoboForm (All Users)
ASHelper
Ask Toolbar
CCleaner
Compatibility Pack for the 2007 Office system
Convert Document To Image
Core FTP LE 2.1
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
DivX Setup
Doc-Docx to Image Converter 3000 7.4
DVD Menu Pack for HP MediaSmart Video
Eusing Free Registry Cleaner
Foxit Reader
Free-Buttons.org
Google Chrome
Google Earth
Google Update Helper
GoToMeeting 4.5.0.457
HP Advisor
HP Customer Experience Enhancements
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
LabelPrint
LastPass (uninstall only)
LightScribe System Software
Logitech Vid
Magic Article Rewriter
Magic Article Submitter
Magic Submitter
Magic Tokens Database 2.0
Malwarebytes' Anti-Malware
Micro Niche Finder 5.0
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office XP Media Content
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mindjet MindManager Viewer 6
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox (3.6.3)
Mozilla Thunderbird (3.0.4)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Stereoscopic 3D Driver
OnlyWire
OpenOffice.org 3.2
Panda ActiveScan 2.0
Picasa 3
PictureMover
PIXresizer 2.0.4
Power2Go
PowerDirector
Proxy Scraper
Realtek High Definition Audio Driver
Recovery Manager
Revo Uninstaller 1.88
RSSBot
Security Update for CAPICOM (KB931906)
SERPAssist Lite!
Spybot - Search & Destroy
The Authority Loophole
Traffic Travis 3.2.4
TubeSucker
VC80CRTRedist - 8.0.50727.4053
Visual C++ 8.0 Runtime Setup Package (x64)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
XHeader
ZoneAlarm

==== Event Viewer Messages From Past Week ========

5/29/2010 2:42:48 AM, Error: Service Control Manager [7026] - The following boot-start or

system-start driver(s) failed to load: is3srv szkg5
5/29/2010 2:41:33 AM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make

sure there is a page file on the boot partition and that is large enough to contain all physical

memory.
5/29/2010 2:40:51 AM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service

service has reported an invalid current state 32.
5/29/2010 11:44:38 AM, Error: Schannel [36888] - The following fatal alert was generated: 10.

The internal error state is 10.
5/29/2010 11:38:34 PM, Error: Service Control Manager [7000] - The RkPavproc1 service failed to

start due to the following error: This driver has been blocked from loading
5/29/2010 11:38:34 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers

\RkPavproc1.sys has been blocked from loading due to incompatibility with this system. Please

contact your software vendor for a compatible version of the driver.
5/28/2010 9:07:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053"

attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-

AC08-4F1F-BEB7-5C22C517CE39}
5/28/2010 9:07:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Windows Search service to connect.
5/28/2010 9:07:54 AM, Error: Service Control Manager [7000] - The Windows Search service failed

to start due to the following error: The service did not respond to the start or control request

in a timely fashion.
5/28/2010 8:47:53 AM, Error: Service Control Manager [7030] - The ZoneAlarm Toolbar IswSvc

service is marked as an interactive service. However, the system is configured to not allow

interactive services. This service may not function properly.
5/28/2010 8:46:33 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor

service is marked as an interactive service. However, the system is configured to not allow

interactive services. This service may not function properly.
5/27/2010 6:22:10 PM, Error: Service Control Manager [7026] - The following boot-start or

system-start driver(s) failed to load: is3srv
5/27/2010 12:05:44 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted

memory across the previous system power transition. Please check for updated firmware for your

system.
5/27/2010 11:25:58 AM, Error: Service Control Manager [7001] - The Computer Browser service

depends on the Server service which failed to start because of the following error: The

dependency service or group failed to start.
5/27/2010 11:22:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084"

attempting to start the service MSIServer with arguments " " in order to run the server:

{000C101C-0000-0000-C000-000000000046}
5/27/2010 11:17:03 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service

depends on the Function Discovery Provider Host service which failed to start because of the

following error: The dependency service or group failed to start.
5/27/2010 11:17:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084"

attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-

F52A-11D8-B9A5-505054503030}
5/27/2010 11:17:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084"

attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-

AC08-4F1F-BEB7-5C22C517CE39}
5/27/2010 11:16:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084"

attempting to start the service EventSystem with arguments " " in order to run the server:

{1BE1F766-5536-11D1-B726-00C04FB926AF}
5/27/2010 11:16:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084"

attempting to start the service ShellHWDetection with arguments " " in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}
5/27/2010 11:16:42 AM, Error: Service Control Manager [7026] - The following boot-start or

system-start driver(s) failed to load: AvgLdx64 AvgMfx64 bdfsfltr bdfwfpf discache is3srv spldr

Wanarpv6
5/27/2010 11:06:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction response from the avg9wd service.
5/27/2010 11:04:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the SBSD Security Center Service service to connect.
5/27/2010 11:04:11 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service

service failed to start due to the following error: The service did not respond to the start or

control request in a timely fashion.
5/26/2010 6:38:23 PM, Error: Service Control Manager [7026] - The following boot-start or

system-start driver(s) failed to load: AvgLdx64 AvgMfx64 discache spldr Wanarpv6

==== End Of File ===========================




DDS (Ver_10-03-17.01) - NTFSX64
Run by Gary at 8:22:19.18 on Sun 05/30/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4094.1205 [GMT -7:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\seccenter.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\java.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Users\Gary\AppData\Roaming\mjusbsp\magicJack.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
L:\ThunderbirdPortable\ThunderbirdPortable.exe
L:\ThunderbirdPortable\App\thunderbird\thunderbird.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Users\Gary\Downloads\Computer Repair Tools\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files (x86)\zonealarm\tbZone.dll
mURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files (x86)\zonealarm\tbZone.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files (x86)\zonealarm\tbZone.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files (x86)\siber systems\ai roboform\roboform.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\wow64\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn\toolbar\3.0.0566.0\msneshellx.dll
BHO: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files (x86)\msn\toolbar\3.0.0566.0\msneshellx.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files (x86)\siber systems\ai roboform\roboform.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
TB: The Shield Deluxe 2010 Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - "c:\program files\the shield deluxe\the shield deluxe 2010\antispam32\IEToolbar.dll "
TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files (x86)\zonealarm\tbZone.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\wow64\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [Logitech Vid] "c:\program files (x86)\logitech\logitech vid\vid.exe" -bootmode
uRun: [cdloader] "c:\users\gary\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [SpybotSD TeaTimer] c:\program files (x86)\spybot - search & destroy\TeaTimer.exe
uRun: [RoboForm] "c:\program files (x86)\siber systems\ai roboform\RoboTaskBarIcon.exe "
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [ZoneAlarm Client] "c:\program files (x86)\zone labs\zonealarm\zlclient.exe "
StartupFolder: c:\users\gary\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files (x86)\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\onlywire.lnk - c:\program files (x86)\onlywire\OnlyWireWindows.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files (x86)\picturemover\bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://c:\program files (x86)\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files (x86)\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Options - file://c:\program files (x86)\siber systems\ai roboform\RoboFormComOptions.html
IE: RoboForm Toolbar - file://c:\program files (x86)\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files (x86)\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files (x86)\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files (x86)\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files (x86)\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO-X64: ZoneAlarm Security Engine Registrar - No File
TB-X64: The Shield Deluxe 2010 Toolbar: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "c:\program files\the shield deluxe\the shield deluxe 2010\IEToolbar.dll "
TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB-X64: {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - No File
mRun-x64: [SmartMenu] c:\program files\hewlett-packard\hp mediasmart\SmartMenu.exe /background
mRun-x64: [PC-Doctor for Windows localizer] c:\program files\pc-doctor for windows\localizer.exe
mRun-x64: [BDAgent] "c:\program files\the shield deluxe\the shield deluxe 2010\bdagent.exe "
mRun-x64: [BitDefender Antiphishing Helper 32] "c:\program files\the shield deluxe\the shield deluxe 2010\antispam32\IEShow.exe "
mRun-x64: [BitDefender Antiphishing Helper] "c:\program files\the shield deluxe\the shield deluxe 2010\IEShow.exe "
mRun-x64: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon= "hidden "

================= FIREFOX ===================

FF - ProfilePath - c:\users\gary\appdata\roaming\mozilla\firefox\profiles\2jp1mb9m.default\
FF - component: c:\users\gary\appdata\roaming\mozilla\firefox\profiles\2jp1mb9m.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
FF - component: c:\users\gary\appdata\roaming\mozilla\firefox\profiles\2jp1mb9m.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
FF - component: c:\users\gary\appdata\roaming\mozilla\firefox\profiles\2jp1mb9m.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\users\gary\appdata\roaming\mozilla\firefox\profiles\2jp1mb9m.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\wow64\trustchecker\bin\npFFApi.dll

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R1 bdfwfpf;bdfwfpf;c:\program files\common files\the shield deluxe\the shield deluxe firewall\bdfwfpf.sys [2009-9-1 88584]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 33008]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 823272]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-5-19 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2009-9-17 162312]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-5-1 136176]
S3 Arrakis3;The Shield Deluxe Arrakis Server;c:\program files\common files\the shield deluxe\the shield deluxe arrakis server\bin\arrakis3.exe [2009-9-14 278224]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-9-16 23536]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-10 1255736]

=============== Created Last 30 ================

2010-05-30 00:44:00 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
2010-05-30 00:43:08 0 d-----w- c:\program files (x86)\Panda Security
2010-05-29 21:37:10 0 d-----w- c:\users\gary\appdata\roaming\BitDefender
2010-05-29 18:29:16 206722 ----a-w- c:\windows\XHeader Uninstaller.exe
2010-05-29 18:29:06 0 d-----w- c:\program files (x86)\XHeader
2010-05-29 18:29:06 0 d-----w- c:\program files (x86)\common files\Thraex Software
2010-05-29 18:07:18 0 d-----w- c:\program files (x86)\Free-Buttons.org
2010-05-29 09:40:52 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-05-28 15:58:01 0 d-----w- c:\program files (x86)\Eusing Free Registry Cleaner
2010-05-28 15:57:16 0 d-----w- c:\program files (x86)\CoreFTP
2010-05-28 15:48:02 0 d-----w- c:\users\gary\appdata\roaming\CheckPoint
2010-05-28 15:47:14 0 d-----w- c:\program files (x86)\Conduit
2010-05-28 15:47:13 0 d-----w- c:\program files (x86)\ZoneAlarm
2010-05-28 15:46:56 0 d-----w- c:\program files\CheckPoint
2010-05-28 15:45:59 0 d-----w- c:\program files (x86)\Zone Labs
2010-05-28 15:42:56 0 d-----w- c:\windows\Internet Logs
2010-05-28 15:42:56 0 d-----w- c:\programdata\CheckPoint
2010-05-28 15:42:55 712192 ----a-w- c:\windows\syswow64\vsutil.dll
2010-05-28 15:42:55 228352 ----a-w- c:\windows\syswow64\vsinit.dll
2010-05-28 01:47:32 411368 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-05-28 01:47:32 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-05-28 01:47:32 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-05-28 01:47:32 145184 ----a-w- c:\windows\syswow64\java.exe
2010-05-28 01:23:05 2016 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-05-27 19:40:04 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-05-27 19:40:04 16 ----a-w- c:\windows\system32\asdict.dat
2010-05-27 19:40:04 0 ----a-w- c:\windows\system32\ab_bl.sig
2010-05-27 19:40:04 0 ----a-w- C:\pcwords2.dat
2010-05-27 19:40:04 0 ----a-w- C:\pcwords.dat
2010-05-27 19:40:04 0 ----a-w- C:\pc_sign.slf
2010-05-27 19:40:03 0 ----a-w- C:\pcconf.ini
2010-05-27 18:39:28 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-27 18:31:42 385 ----a-w- c:\windows\system32\user_gensett.xml
2010-05-27 17:46:26 0 d-----w- c:\programdata\BitDefender
2010-05-27 17:27:23 0 d-----w- c:\users\gary\appdata\roaming\The Shield Deluxe
2010-05-27 17:26:42 0 d-----w- c:\programdata\The Shield Deluxe
2010-05-27 17:26:42 0 d-----w- c:\program files\The Shield Deluxe
2010-05-27 17:26:42 0 d-----w- c:\program files\common files\The Shield Deluxe
2010-05-27 17:25:21 0 d-----w- c:\program files (x86)\common files\BitDefender
2010-05-27 17:19:39 137570 ----a-w- C:\BdUninstallTool2010.05.27-10.19.39.reg
2010-05-27 15:35:25 0 d-----w- c:\programdata\SITEguard
2010-05-27 15:34:42 0 d-----w- c:\program files (x86)\common files\iS3
2010-05-27 15:34:41 0 d-----w- c:\programdata\STOPzilla!
2010-05-27 01:45:23 767952 ----a-w- c:\windows\BDTSupport.dll.old
2010-05-27 01:45:23 1640400 ----a-w- c:\windows\PCTBDCore.dll.old
2010-05-27 00:28:57 0 d-sh--w- c:\programdata\System Restore
2010-05-25 19:34:04 0 d-----w- c:\program files (x86)\TrafficMystic.com
2010-05-25 19:23:43 0 d-----w- c:\program files\stephenhawkins
2010-05-25 19:12:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-05-25 19:12:54 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-23 16:41:27 0 d-----w- c:\program files (x86)\Informec
2010-05-23 15:12:02 15360 --sha-w- c:\users\gary\Thumbs.db
2010-05-22 20:06:24 0 d--h--w- c:\program files (x86)\InstallJammer Registry
2010-05-22 20:06:14 0 d-----w- c:\program files (x86)\The Authority Loophole
2010-05-22 18:04:32 0 d-----w- c:\users\gary\appdata\roaming\Affilorama
2010-05-22 18:04:31 0 d-----w- c:\program files (x86)\Traffic Travis v3
2010-05-22 07:00:26 0 d-----w- c:\program files (x86)\Alexandr Krulik
2010-05-20 23:45:39 627761 ----a-w- c:\users\gary\The Article Leverage System.pdf
2010-05-19 15:13:15 0 d-----w- c:\program files (x86)\CCleaner
2010-05-19 15:11:14 0 d-----w- c:\users\gary\appdata\roaming\Malwarebytes
2010-05-19 15:11:03 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-19 15:11:03 0 d-----w- c:\programdata\Malwarebytes
2010-05-19 15:11:03 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-05-19 15:09:56 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-05-19 15:09:56 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-05-19 08:03:49 0 d--h--w- C:\$AVG
2010-05-16 07:57:10 0 d-----w- c:\programdata\Symantec
2010-05-16 04:58:53 0 d-----w- c:\program files (x86)\common files\PX Storage Engine
2010-05-16 04:58:48 0 d-----w- c:\program files\DivX
2010-05-16 04:58:36 0 d-----w- c:\program files (x86)\common files\DivX Shared
2010-05-16 04:57:45 0 d-----w- c:\program files (x86)\DivX
2010-05-16 04:57:27 0 d-----w- c:\programdata\DivX
2010-05-16 01:50:15 0 d-----w- c:\programdata\Magic Submitter
2010-05-14 03:05:14 711168 ----a-w- c:\windows\is-I3AKN.exe
2010-05-14 03:05:14 583 ----a-w- c:\windows\is-I3AKN.lst
2010-05-14 03:05:14 10562 ----a-w- c:\windows\is-I3AKN.msg
2010-05-14 01:58:58 0 d-----w- c:\users\gary\appdata\roaming\NetSpell
2010-05-13 19:25:24 730638 ----a-w- c:\windows\syswow64\PerfStringBackup.INI
2010-05-13 18:19:32 0 d-----w- c:\program files (x86)\Incansoft
2010-05-12 20:52:29 0 d-----w- c:\program files (x86)\OnlyWire
2010-05-12 19:46:34 72080 ----a-w- c:\users\gary\g2mdlhlpx.exe
2010-05-12 19:08:08 991232 ----a-w- c:\windows\syswow64\imageviewer2.ocx
2010-05-12 19:08:08 608448 ----a-w- c:\windows\syswow64\comctl32.ocx
2010-05-12 19:08:08 224016 ----a-w- c:\windows\syswow64\tabctl32.ocx
2010-05-12 19:08:08 200704 ----a-w- c:\windows\syswow64\threed32.ocx
2010-05-12 19:08:08 164144 ----a-w- c:\windows\syswow64\comct232.ocx
2010-05-12 19:08:08 151552 ----a-w- c:\windows\syswow64\ccrpfd6.ocx
2010-05-12 19:08:08 110592 ----a-w- c:\windows\syswow64\ccrpbds6.dll
2010-05-12 19:08:08 106496 ----a-w- c:\windows\syswow64\mbprgbar.ocx
2010-05-12 19:08:08 0 d-----w- c:\program files (x86)\PIXresizer
2010-05-12 02:20:13 976896 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-12 02:20:12 740864 ----a-w- c:\windows\syswow64\inetcomm.dll
2010-05-11 15:48:29 0 d-----w- c:\program files (x86)\Koe
2010-05-11 14:25:02 0 d-----w- c:\program files (x86)\ASHelper
2010-05-10 10:00:40 0 d-----w- c:\windows\syswow64\Wat
2010-05-10 10:00:34 0 d-----w- c:\windows\system32\Wat
2010-05-08 18:47:25 0 d-----w- c:\program files (x86)\LastPass
2010-05-08 06:34:13 0 d-----w- c:\program files\Convert Document To Image
2010-05-08 06:32:03 0 d-----w- c:\program files (x86)\Softinterface, Inc
2010-05-08 06:12:19 0 d-----w- c:\windows\syswow64\tempdir
2010-05-08 06:12:17 0 d-----w- c:\windows\syswow64\tool
2010-05-08 06:12:17 0 d-----w- c:\program files (x86)\Doc-Docx to Image Converter 3000
2010-05-08 05:36:16 0 d-----w- c:\users\gary\appdata\roaming\IrfanView
2010-05-08 05:36:16 0 d-----w- c:\program files (x86)\IrfanView
2010-05-07 08:47:42 0 d-----w- c:\program files (x86)\Rapid Rewriter
2010-05-06 02:41:24 0 d-----w- c:\programdata\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
2010-05-06 02:41:05 0 d-----w- c:\users\gary\appdata\roaming\hpqLog
2010-05-06 02:26:59 0 d-----w- c:\programdata\McAfee
2010-05-05 00:15:51 0 d-----w- c:\users\gary\appdata\roaming\HP Support Assistant
2010-05-02 22:17:58 0 d-----w- c:\programdata\NOS
2010-05-02 21:56:44 0 d-----w- c:\users\gary\appdata\roaming\Foxit Software
2010-05-02 20:54:02 0 d-----w- c:\program files (x86)\TubeSucker
2010-05-02 20:27:05 0 d-----w- c:\programdata\Recovery
2010-05-02 19:34:53 0 d-----w- c:\program files (x86)\MassArticleCreator
2010-05-02 19:01:58 0 d-----w- c:\program files (x86)\VS Revo Group
2010-05-02 18:32:13 0 d-----w- c:\program files (x86)\Mindjet
2010-05-02 18:30:40 0 d-----w- c:\windows\Downloaded Installations
2010-05-02 18:20:18 0 d-----w- c:\programdata\Adobe
2010-05-02 18:14:11 0 d-----w- c:\windows\Drivers
2010-05-02 05:57:37 0 d-----w- c:\users\gary\appdata\roaming\OpenOffice.org
2010-05-02 05:41:36 0 d-----w- c:\program files (x86)\JRE
2010-05-02 05:41:34 0 d-----w- c:\program files (x86)\OpenOffice.org 3
2010-05-02 05:40:35 0 d-----w- c:\programdata\Sun
2010-05-02 05:32:48 0 d-----w- c:\users\gary\appdata\roaming\GoodSync
2010-05-02 05:32:48 0 d-----w- c:\programdata\GoodSync
2010-05-02 05:32:45 0 d-----w- c:\program files\Siber Systems
2010-05-02 05:05:40 0 d-----w- c:\program files (x86)\NVIDIA Corporation
2010-05-02 05:04:19 541800 ----a-w- c:\windows\system32\nvudisp.exe
2010-05-02 05:04:18 14646 ----a-w- c:\windows\system32\nvdisp.nvu
2010-05-01 23:42:36 0 d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2010-05-01 18:05:21 974 ----a-w- c:\users\gary\appdata\roaming\wklnhst.dat
2010-05-01 15:40:00 0 d-----w- c:\program files (x86)\Citrix

==================== Find3M ====================

2010-05-28 15:48:14 420800 ----a-w- c:\windows\system32\drivers\vsconfig.xml
2010-05-26 20:03:22 1238528 ----a-w- c:\windows\syswow64\zpeng25.dll
2010-05-26 20:03:16 69120 ----a-w- c:\windows\syswow64\zlcomm.dll
2010-05-26 20:03:16 43008 ----a-w- c:\windows\syswow64\vswmi.dll
2010-05-26 20:03:16 110080 ----a-w- c:\windows\syswow64\vsxml.dll
2010-05-26 20:03:16 103936 ----a-w- c:\windows\syswow64\zlcommdb.dll
2010-05-26 20:03:14 58368 ----a-w- c:\windows\syswow64\vsregexp.dll
2010-05-26 20:03:14 302592 ----a-w- c:\windows\syswow64\vspubapi.dll
2010-05-26 20:03:14 112128 ----a-w- c:\windows\syswow64\vsdata.dll
2010-05-26 20:03:14 107520 ----a-w- c:\windows\syswow64\vsmonapi.dll
2010-05-21 21:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-15 23:30:52 458840 ----a-w- c:\windows\system32\drivers\~GLH0023.TMP
2010-05-15 23:30:52 458840 ------w- c:\windows\system32\drivers\vsdatant.sys
2010-04-29 18:47:18 3600384 ----a-w- c:\windows\syswow64\GPhotos.scr
2010-03-11 16:45:14 1220608 ----a-w- c:\windows\syswow64\pdf2bmp.dll
2010-03-08 21:59:59 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 21:33:56 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 8:23:06.26 ===============

 

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4156

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/30/2010 1:15:34 PM
mbam-log-2010-05-30 (13-15-34).txt

Scan type: Quick scan
Objects scanned: 123951
Time elapsed: 3 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

OTL logfile created on: 5/30/2010 1:43:30 PM - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.19 Gb Total Space | 231.55 Gb Free Space | 80.62% Space Free | Partition Type: NTFS
Drive D: | 10.80 Gb Total Space | 1.55 Gb Free Space | 14.33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 232.88 Gb Total Space | 109.20 Gb Free Space | 46.89% Space Free | Partition Type: NTFS

Computer Name: GARY-PC
Current User Name: Gary
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010/05/26 13:03:36 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/05/07 10:26:36 | 000,616,960 | ---- | M] () -- C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
PRC - [2010/04/27 15:33:15 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/02/26 16:46:32 | 012,526,424 | ---- | M] (magicJack L.P.) -- C:\Users\Gary\AppData\Roaming\mjusbsp\magicJack.exe
PRC - [2010/02/02 00:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 00:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/16 15:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/07/13 18:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009/06/03 13:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
MOD - [2010/05/26 06:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2009/12/28 23:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009/07/13 18:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 18:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 14:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009/06/10 14:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/26 06:35:34 | 000,823,272 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2010/05/10 03:00:33 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/09/28 14:47:26 | 002,273,816 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2009/09/28 14:47:12 | 000,440,928 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2009/09/25 17:24:56 | 000,412,672 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/09/14 00:03:04 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/07/13 18:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 18:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 18:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 18:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 18:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 18:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 18:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 18:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 18:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 18:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 18:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 18:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 18:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 18:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/27 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 18:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 18:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 13:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 13:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/26 06:35:12 | 000,033,008 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009/12/11 03:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/25 23:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/09/17 16:12:16 | 000,162,312 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2009/09/16 22:57:46 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0)
DRV:64bit: - [2009/09/01 15:24:42 | 000,088,584 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2009/08/13 04:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/30 10:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/24 12:26:02 | 000,340,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 18:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 18:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 18:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 18:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 18:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 17:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 17:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 17:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 17:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 17:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 17:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 17:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 17:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 17:06:32 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/13 17:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 17:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 17:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 17:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 17:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 16:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 16:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 16:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 16:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 16:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 16:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 15:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 18:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 14:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 14:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.68.2
FF - prefs.js..extensions.enabledItems: capturefoxmovie@advancity.net:0.7.0
FF - prefs.js..extensions.enabledItems: clickbank@geminussoft.com:1.32
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.2
FF - prefs.js..extensions.enabledItems: seo4firefox@seobook.com:3.3.0
FF - prefs.js..extensions.enabledItems: seotoolbar@seobook.com:1.0.17
FF - prefs.js..extensions.enabledItems: spellbound@sourceforge.net:4.0.0
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.9
FF - prefs.js..extensions.enabledItems: urllister@binnyva.com:1.3
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.5.12
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.80
FF - prefs.js..extensions.enabledItems: {9BAE5926-8513-417d-8E47-774955A7C60D}:1.1.1d
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.8
FF - prefs.js..extensions.enabledItems: {B7D3E479-CC68-42B5-A338-938ECE35F419}:0.9.0.0
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.0.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdaphffext\ [2010/05/27 10:26:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/30 13:25:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/29 10:05:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: L:\ThunderbirdPortable\App\thunderbird\components [2010/05/29 10:21:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: L:\ThunderbirdPortable\App\thunderbird\plugins [2009/09/10 21:34:54 | 000,000,000 | ---D | M]

[2010/05/29 10:21:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2010/05/29 10:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/05/30 13:33:58 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/05/29 10:19:03 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (affilorama) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{7822cf50-08ee-4915-9872-ee92472df6cb}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2010/05/29 02:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/29 02:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\capturefoxmovie@advancity.net
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\clickbank@geminussoft.com
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\foxyproxy@eric.h.jung
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\rankchecker@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seo4firefox@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seotoolbar@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\spellbound@sourceforge.net
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\staged-xpis
[2010/05/29 10:07:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\support@lastpass.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@alexa.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@ask.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\urllister@binnyva.com
[2010/05/10 07:37:31 | 000,001,657 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\searchplugins\how-i-rank.xml
[2010/05/29 10:05:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\Mozilla Firefox\components\FFComm.dll

O1 HOSTS File: ([2010/05/27 08:37:36 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEToolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe (PCSecurityShield)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [cdloader] C:\Users\Gary\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.7.169.1 66.116.104.21
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell\AutoRun\command - " " = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - " " = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/13 20:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 90 Days ==========

[2010/05/29 17:44:00 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010/05/29 17:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010/05/29 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\BitDefender
[2010/05/29 14:20:04 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2010/05/29 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\xheader-data
[2010/05/29 11:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XHeader
[2010/05/29 11:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thraex Software
[2010/05/29 11:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free-Buttons.org
[2010/05/29 10:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/05/29 08:25:00 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Firefox backup files
[2010/05/28 17:06:07 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Katie
[2010/05/28 08:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner
[2010/05/28 08:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoreFTP
[2010/05/28 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\ForceField Shared Files
[2010/05/28 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\CheckPoint
[2010/05/28 08:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/05/28 08:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm
[2010/05/28 08:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/05/28 08:46:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2010/05/28 08:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2010/05/28 08:42:56 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010/05/28 08:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010/05/27 18:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/05/27 18:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/05/27 10:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/05/27 10:27:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\The Shield Deluxe
[2010/05/27 10:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2010/05/27 08:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010/05/27 08:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2010/05/27 08:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/05/26 18:45:23 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010/05/26 18:42:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\ElevatedDiagnostics
[2010/05/26 17:28:57 | 000,000,000 | -HSD | C] -- C:\ProgramData\System Restore
[2010/05/25 12:49:48 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\pingotech
[2010/05/25 12:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrafficMystic.com
[2010/05/25 12:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\stephenhawkins
[2010/05/25 11:25:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\SEO
[2010/05/25 09:56:27 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Site Tools - Ideas
[2010/05/25 09:41:33 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\SoulMate Kit
[2010/05/23 17:35:15 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Computer Pics
[2010/05/23 09:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Informec
[2010/05/23 08:12:20 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Selecting Niches
[2010/05/22 13:06:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
[2010/05/22 13:06:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Authority Loophole
[2010/05/22 11:04:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Affilorama
[2010/05/22 11:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Traffic Travis v3
[2010/05/22 00:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alexandr Krulik
[2010/05/20 16:31:39 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Magic Article Submitter ETC
[2010/05/19 08:16:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Registry Backup
[2010/05/19 08:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/05/19 08:11:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Malwarebytes
[2010/05/19 08:11:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/05/19 08:11:03 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/05/19 08:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/05/19 08:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/19 08:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/05/19 08:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/05/19 01:03:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/05/16 01:32:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Downloads
[2010/05/16 00:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/05/15 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\DivX
[2010/05/15 21:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/05/15 21:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/05/15 21:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010/05/15 21:57:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010/05/15 21:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/05/15 18:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Magic Submitter
[2010/05/13 19:40:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\DanielRankMover
[2010/05/13 19:02:11 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Lindas Site
[2010/05/13 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\NetSpell
[2010/05/13 11:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incansoft
[2010/05/12 13:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnlyWire
[2010/05/12 12:08:08 | 000,991,232 | ---- | C] (Viscom Software ) -- C:\Windows\SysWow64\imageviewer2.ocx
[2010/05/12 12:08:08 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\threed32.ocx
[2010/05/12 12:08:08 | 000,151,552 | ---- | C] (Domenico Statuto - CCRP) -- C:\Windows\SysWow64\ccrpfd6.ocx
[2010/05/12 12:08:08 | 000,110,592 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\SysWow64\ccrpbds6.dll
[2010/05/12 12:08:08 | 000,106,496 | ---- | C] (Marco Bellinaso) -- C:\Windows\SysWow64\mbprgbar.ocx
[2010/05/12 12:08:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PIXresizer
[2010/05/12 12:02:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Andew
[2010/05/11 09:26:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Prefetch
[2010/05/11 08:48:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Koe
[2010/05/11 07:25:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Article Submission Helper
[2010/05/11 07:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASHelper
[2010/05/10 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\WinRAR
[2010/05/10 11:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/05/10 03:00:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/05/10 03:00:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/05/09 11:00:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Diagnostics
[2010/05/08 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/05/08 11:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LastPass
[2010/05/07 23:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Convert Document To Image
[2010/05/07 23:32:04 | 001,101,824 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151dox.dll
[2010/05/07 23:32:04 | 000,790,528 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151doc.dll
[2010/05/07 23:32:04 | 000,655,360 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151pdf.dll
[2010/05/07 23:32:04 | 000,651,264 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151htm.dll
[2010/05/07 23:32:04 | 000,626,688 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTImageFile.dll
[2010/05/07 23:32:04 | 000,479,232 | ---- | C] (SoftInterface.COM) -- C:\Windows\SysWow64\PDFConverterX.ocx
[2010/05/07 23:32:04 | 000,360,448 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151css.dll
[2010/05/07 23:32:03 | 000,831,488 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151.dll
[2010/05/07 23:32:03 | 000,585,728 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151rtf.dll
[2010/05/07 23:32:03 | 000,376,832 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\txole151.ocx
[2010/05/07 23:32:03 | 000,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151obj.dll
[2010/05/07 23:32:03 | 000,245,760 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151tls.dll
[2010/05/07 23:32:03 | 000,237,568 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151png.flt
[2010/05/07 23:32:03 | 000,200,704 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151jpg.flt
[2010/05/07 23:32:03 | 000,155,648 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151ic.dll
[2010/05/07 23:32:03 | 000,106,496 | ---- | C] (Skogen) -- C:\Windows\SysWow64\SeeThroughPicture.ocx
[2010/05/07 23:32:03 | 000,090,112 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151bmp.flt
[2010/05/07 23:32:03 | 000,073,728 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151tif.flt
[2010/05/07 23:32:03 | 000,065,536 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151wnd.dll
[2010/05/07 23:32:03 | 000,057,344 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151gif.flt
[2010/05/07 23:32:03 | 000,053,248 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151wmf.flt
[2010/05/07 23:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softinterface, Inc
[2010/05/07 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Output Files
[2010/05/07 23:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tempdir
[2010/05/07 23:12:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tool
[2010/05/07 23:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Doc-Docx to Image Converter 3000
[2010/05/07 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\IrfanView
[2010/05/07 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010/05/07 21:00:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Chigger Articles Spun 5-7-10
[2010/05/07 13:46:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Maria
[2010/05/07 01:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rapid Rewriter
[2010/05/06 23:41:30 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Health
[2010/05/05 19:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/05/05 19:41:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\hpqLog
[2010/05/05 19:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/05/04 19:44:56 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Foreclosure
[2010/05/04 17:15:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\HP Support Assistant
[2010/05/02 15:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/05/02 15:18:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/05/02 15:18:13 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Adobe
[2010/05/02 15:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/05/02 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Foxit Software
[2010/05/02 13:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeSucker
[2010/05/02 13:42:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\IsolatedStorage
[2010/05/02 13:37:34 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Software
[2010/05/02 13:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/05/02 12:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MassArticleCreator
[2010/05/02 12:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010/05/02 11:57:42 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Travis Computer
[2010/05/02 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\My Websites1
[2010/05/02 11:39:03 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\CyberLink
[2010/05/02 11:38:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\CyberLink
[2010/05/02 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\PowerCinema
[2010/05/02 11:32:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\My Maps
[2010/05/02 11:32:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Mindjet
[2010/05/02 11:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mindjet
[2010/05/02 11:30:40 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/05/02 11:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/05/02 11:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/05/02 11:14:11 | 000,054,016 | ---- | C] (OrangeWare Corporation) -- C:\Windows\SysWow64\drivers\ousb2hub.sys
[2010/05/02 11:14:11 | 000,039,040 | ---- | C] (OrangeWare Corporation) -- C:\Windows\SysWow64\drivers\ousbehci.sys
[2010/05/02 11:14:11 | 000,000,000 | ---D | C] -- C:\Windows\Drivers
[2010/05/01 22:57:37 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org
[2010/05/01 22:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2010/05/01 22:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010/05/01 22:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/01 22:32:48 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\GoodSync
[2010/05/01 22:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\GoodSync
[2010/05/01 22:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\Siber Systems
[2010/05/01 22:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/05/01 16:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010/05/01 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/05/01 16:26:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Google
[2010/05/01 15:59:34 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Articles from Web
[2010/05/01 13:20:44 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Backlink Generator - Site Installed
[2010/05/01 13:15:06 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Cross Posting
[2010/05/01 13:07:19 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Google10 Box Maps
[2010/05/01 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Internet Pictures
[2010/05/01 11:47:37 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Dragon Preferred 10.1
[2010/05/01 11:23:04 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Offline business info
[2010/05/01 11:18:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\AG
[2010/05/01 11:18:19 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Answer Sites
[2010/05/01 11:18:15 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Home Foreclosure
[2010/05/01 11:13:25 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Aticles to publish
[2010/05/01 11:05:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Template
[2010/05/01 10:59:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Amanda's Backlinks
[2010/05/01 10:58:01 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Stop Foreclosure Process
[2010/05/01 08:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2010/04/29 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/04/27 18:12:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Thunderbird
[2010/04/27 18:12:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Thunderbird
[2010/04/27 17:01:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/04/27 17:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010/04/27 16:08:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\tjnet
[2010/04/27 15:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2010/04/27 15:33:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\My RoboForm Data
[2010/04/27 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2010/04/27 15:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Micro Niche Finder 5.0
[2010/04/27 15:19:52 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Micro Niche Finder
[2010/04/27 15:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Micro Niche Finder
[2010/04/27 15:13:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Mozilla
[2010/04/27 15:13:50 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Mozilla
[2010/04/27 14:49:04 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\mjusbsp
[2010/04/27 14:31:52 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\WinBatch
[2010/04/27 14:26:36 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\LogiShrd
[2010/04/27 14:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2010/04/27 14:26:28 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2010/04/27 14:17:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Macromedia
[2010/04/27 14:17:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Adobe
[2010/04/27 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\HpUpdate
[2010/04/27 14:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2010/04/27 14:09:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Hewlett-Packard
[2010/04/27 14:09:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\PictureMover
[2010/04/27 14:07:46 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Hewlett-Packard
[2010/04/27 14:07:30 | 000,000,000 | R--D | C] -- C:\Users\Gary\Searches
[2010/04/27 14:07:10 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Identities
[2010/04/27 14:07:00 | 000,000,000 | R--D | C] -- C:\Users\Gary\Contacts
[2010/04/27 14:06:57 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\VirtualStore
[2010/04/27 14:06:31 | 000,000,000 | --SD | C] -- C:\Users\Gary\AppData\Roaming\Microsoft
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Videos
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Saved Games
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Pictures
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Music
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Links
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Favorites
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Downloads
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\My Documents
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Desktop
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\Temporary Internet Files
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Templates
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Start Menu
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\SendTo
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Recent
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\PrintHood
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\NetHood
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Videos
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Pictures
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Music
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\My Documents
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Local Settings
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\History
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Cookies
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Application Data
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\Application Data
[2010/04/27 14:06:31 | 000,000,000 | -H-D | C] -- C:\Users\Gary\AppData
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Temp
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Microsoft
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Media Center Programs
[2010/04/27 14:06:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/04/26 15:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010/03/08 10:59:18 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 90 Days ==========[/color

 

For some reason the browser is hanging up after the transfer saying it transferring. I doubt it is taking that long to transfer. let me know if I need to send some or all of this please.

the is the last of the OTL.txt file


[2010/05/30 13:43:39 | 001,835,008 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT
[2010/05/30 13:32:14 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/30 13:32:14 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/30 13:31:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/30 13:25:48 | 000,000,991 | ---- | M] () -- C:\Users\Gary\Desktop\magicJack.lnk
[2010/05/30 13:25:17 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/30 13:25:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/30 13:25:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/30 13:23:56 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/30 13:22:25 | 001,965,715 | -H-- | M] () -- C:\Users\Gary\AppData\Local\IconCache.db
[2010/05/30 09:49:18 | 000,492,489 | ---- | M] () -- C:\Users\Gary\Desktop\monthlycash.pdf
[2010/05/30 06:50:38 | 000,785,623 | ---- | M] () -- C:\Users\Gary\Desktop\TheCopywritingFormula.pdf
[2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2010/05/29 13:33:56 | 003,700,645 | ---- | M] () -- C:\Users\Gary\Desktop\ComboFix.exe
[2010/05/29 11:29:16 | 000,206,722 | ---- | M] () -- C:\Windows\XHeader Uninstaller.exe
[2010/05/29 11:29:16 | 000,000,953 | ---- | M] () -- C:\Users\Gary\Desktop\XHeader.lnk
[2010/05/29 10:07:04 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2010/05/29 10:05:49 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/29 08:46:10 | 000,740,616 | ---- | M] () -- C:\Users\Gary\Desktop\article-marketing[1].pdf
[2010/05/29 02:40:52 | 000,000,132 | ---- | M] () -- C:\Windows\SysNative\rezumatenoi.dat
[2010/05/28 08:58:03 | 000,001,015 | ---- | M] () -- C:\Users\Gary\Desktop\Eusing Free Registry Cleaner.lnk
[2010/05/28 08:57:19 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Core FTP Lite.lnk
[2010/05/28 08:48:14 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/05/28 08:46:49 | 000,001,028 | ---- | M] () -- C:\Users\Gary\Desktop\ZoneAlarm Security.lnk
[2010/05/27 18:25:56 | 000,002,016 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/05/27 12:40:04 | 000,000,016 | ---- | M] () -- C:\Windows\SysNative\asdict.dat
[2010/05/27 12:40:04 | 000,000,004 | ---- | M] () -- C:\Windows\SysNative\aspdict-en.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pcwords2.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pcwords.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pc_sign.slf
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\ab_bl.sig
[2010/05/27 12:40:03 | 000,000,000 | ---- | M] () -- C:\pcconf.ini
[2010/05/27 11:31:42 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2010/05/27 10:27:35 | 000,002,200 | ---- | M] () -- C:\Users\Public\Desktop\The Shield Deluxe 2010.lnk
[2010/05/27 10:24:32 | 000,137,570 | ---- | M] () -- C:\BdUninstallTool2010.05.27-10.19.39.reg
[2010/05/27 08:37:36 | 000,000,860 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/05/26 18:08:44 | 000,000,974 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2010/05/26 07:25:44 | 000,634,474 | ---- | M] () -- C:\Users\Gary\Desktop\Web-Traffic-Mechanic.pdf
[2010/05/25 12:26:52 | 000,000,290 | ---- | M] () -- C:\Users\Gary\Documents\SEOLDFASTINDEX.REG
[2010/05/25 12:23:43 | 000,002,669 | ---- | M] () -- C:\Users\Public\Desktop\SEO FAST Indexer.lnk
[2010/05/24 16:55:08 | 000,078,951 | ---- | M] () -- C:\Users\Gary\Desktop\LightningCashBlueprintsProcessMap.pdf
[2010/05/24 16:54:59 | 000,794,435 | ---- | M] () -- C:\Users\Gary\Desktop\LightningCashBlueprints.pdf
[2010/05/24 11:47:37 | 000,229,787 | ---- | M] () -- C:\Users\Gary\Desktop\Shoppers Safety Guide.pdf
[2010/05/24 00:33:25 | 000,001,738 | ---- | M] () -- C:\Users\Gary\Desktop\Passwords-Karen tappart.rtf
[2010/05/23 17:32:21 | 000,717,102 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/05/23 17:32:21 | 000,617,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/05/23 17:32:21 | 000,104,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/05/23 09:41:27 | 000,002,613 | ---- | M] () -- C:\Users\Public\Desktop\SerpAssist Lite!.lnk
[2010/05/22 16:42:10 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2010/05/22 13:06:23 | 000,001,127 | ---- | M] () -- C:\Users\Gary\Desktop\The Authority Loophole.lnk
[2010/05/22 11:04:32 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Desktop\Traffic Travis.lnk
[2010/05/22 00:00:27 | 000,002,625 | ---- | M] () -- C:\Users\Public\Desktop\Magic Submitter.lnk
[2010/05/21 23:57:55 | 000,001,226 | ---- | M] () -- C:\Users\Gary\Desktop\Revo Uninstaller.lnk
[2010/05/21 01:10:09 | 000,000,019 | ---- | M] () -- C:\Users\Public\Documents\CTDChannels_Version.3dc48cd1.cdf
[2010/05/20 17:15:25 | 000,000,019 | ---- | M] () -- C:\Users\Public\Documents\CTDChannels_Version.cd27244d.cdf
[2010/05/20 17:02:41 | 000,003,059 | ---- | M] () -- C:\Users\Gary\Desktop\Magic Article Submitter.lnk
[2010/05/20 17:02:04 | 000,002,615 | ---- | M] () -- C:\Users\Public\Desktop\Magic Article Rewriter.lnk
[2010/05/20 16:45:39 | 000,627,761 | ---- | M] () -- C:\Users\Gary\The Article Leverage System.pdf
[2010/05/19 08:13:16 | 000,001,847 | ---- | M] () -- C:\Users\Gary\Desktop\CCleaner.lnk
[2010/05/19 08:11:06 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/19 08:09:58 | 000,001,220 | ---- | M] () -- C:\Users\Gary\Desktop\Spybot - Search & Destroy.lnk
[2010/05/18 16:35:29 | 000,001,738 | ---- | M] () -- C:\Users\Gary\Desktop\passwords.rtf
[2010/05/18 11:27:32 | 001,079,461 | ---- | M] () -- C:\Users\Gary\Desktop\great research tool ever.pdf
[2010/05/18 11:26:06 | 000,273,378 | ---- | M] () -- C:\Users\Gary\Desktop\Travis Niche Information.pdf
[2010/05/17 09:55:57 | 000,103,249 | ---- | M] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier-ProcessMap.pdf
[2010/05/17 09:55:56 | 000,429,362 | ---- | M] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier.pdf
[2010/05/15 21:59:15 | 000,001,611 | ---- | M] () -- C:\Users\Gary\Desktop\DivX Movies.lnk
[2010/05/15 21:58:57 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 21:58:46 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/05/13 20:05:14 | 000,711,168 | ---- | M] () -- C:\Windows\is-I3AKN.exe
[2010/05/13 20:05:14 | 000,010,562 | ---- | M] () -- C:\Windows\is-I3AKN.msg
[2010/05/13 20:05:14 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\Micro Niche Finder 5.0.lnk
[2010/05/13 20:05:14 | 000,000,583 | ---- | M] () -- C:\Windows\is-I3AKN.lst
[2010/05/13 15:25:54 | 000,495,347 | ---- | M] () -- C:\Users\Gary\Desktop\435 seo ontrial-sequence.pdf
[2010/05/13 15:03:01 | 000,057,271 | ---- | M] () -- C:\Users\Gary\Desktop\500Bookmarking.pdf
[2010/05/13 12:25:24 | 000,730,638 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 11:19:32 | 000,003,065 | ---- | M] () -- C:\Users\Gary\Desktop\Traffic Mania - RSSBot.lnk
[2010/05/12 18:20:44 | 006,296,004 | ---- | M] () -- C:\Users\Gary\Desktop\ErnieFord.wmv
[2010/05/12 13:52:31 | 000,001,736 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/05/12 12:46:34 | 000,072,080 | ---- | M] () -- C:\Users\Gary\g2mdlhlpx.exe
[2010/05/12 12:08:09 | 000,000,993 | ---- | M] () -- C:\Users\Gary\Desktop\PIXresizer.lnk
[2010/05/11 07:25:02 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Article Submitter.lnk
[2010/05/07 23:37:08 | 000,061,558 | ---- | M] () -- C:\Users\Gary\Documents\little girls.jpg
[2010/05/07 23:34:16 | 000,000,024 | ---- | M] () -- C:\Windows\SW_Win3112X32.DLL
[2010/05/07 23:34:15 | 000,000,823 | ---- | M] () -- C:\Users\Gary\Desktop\Convert Document To Image.lnk
[2010/05/07 23:16:28 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/07 22:42:54 | 000,546,304 | ---- | M] () -- C:\Users\Gary\Documents\little girls.doc
[2010/05/07 22:15:04 | 000,030,720 | ---- | M] () -- C:\Users\Gary\Documents\Chiggers.rrp
[2010/05/07 08:57:44 | 000,075,057 | ---- | M] () -- C:\Users\Gary\Desktop\Walton-Feed-May-2-2010.csv
[2010/05/07 01:57:10 | 000,007,168 | ---- | M] () -- C:\Users\Gary\Documents\Foreclosure.rrp
[2010/05/07 01:05:22 | 000,000,736 | ---- | M] () -- C:\Users\Gary\Documents\Rapid Rewriter Article Spinner And MORE!.htm
[2010/05/07 00:35:10 | 000,295,977 | ---- | M] () -- C:\Users\Gary\Documents\233Geek-Free-SEO.pdf
[2010/05/06 23:41:57 | 000,059,035 | ---- | M] () -- C:\Users\Gary\Documents\Alzheimers_disease_prevention.html
[2010/05/02 15:18:56 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | M] () -- C:\Users\Gary\Desktop\Shortcut to TubeSucker.exe.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | M] () -- C:\Users\Gary\Desktop\Shortcut to ProgrammableTabBrowser.exe.lnk
[2010/05/02 13:42:30 | 000,085,256 | ---- | M] () -- C:\Users\Gary\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/02 13:32:28 | 000,352,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/05/01 22:58:14 | 000,001,197 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/27 14:24:55 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/04/27 14:11:29 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010/04/27 14:10:39 | 000,524,288 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/27 14:10:39 | 000,524,288 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/27 14:10:39 | 000,065,536 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/27 14:06:31 | 000,000,020 | -HS- | M] () -- C:\Users\Gary\ntuser.ini
[2010/04/27 14:05:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/04/27 14:05:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/04/26 15:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010/04/14 23:12:14 | 001,391,203 | ---- | M] () -- C:\Users\Gary\Desktop\50 Sites Pay To Write-Personal.zip
[2010/03/11 09:45:14 | 001,220,608 | ---- | M] () -- C:\Windows\SysWow64\pdf2bmp.dll
[2010/03/08 10:59:18 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2010/03/08 07:15:12 | 000,319,488 | ---- | M] () -- C:\Windows\SysWow64\WordConverterX2.ocx
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/30 09:49:15 | 000,492,489 | ---- | C] () -- C:\Users\Gary\Desktop\monthlycash.pdf
[2010/05/30 06:50:32 | 000,785,623 | ---- | C] () -- C:\Users\Gary\Desktop\TheCopywritingFormula.pdf
[2010/05/29 13:33:44 | 003,700,645 | ---- | C] () -- C:\Users\Gary\Desktop\ComboFix.exe
[2010/05/29 11:29:16 | 000,206,722 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/05/29 11:29:16 | 000,000,953 | ---- | C] () -- C:\Users\Gary\Desktop\XHeader.lnk
[2010/05/29 10:05:49 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/29 08:46:10 | 000,740,616 | ---- | C] () -- C:\Users\Gary\Desktop\article-marketing[1].pdf
[2010/05/29 02:40:52 | 000,000,132 | ---- | C] () -- C:\Windows\SysNative\rezumatenoi.dat
[2010/05/28 08:58:03 | 000,001,015 | ---- | C] () -- C:\Users\Gary\Desktop\Eusing Free Registry Cleaner.lnk
[2010/05/28 08:57:19 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Core FTP Lite.lnk
[2010/05/28 08:46:49 | 000,001,028 | ---- | C] () -- C:\Users\Gary\Desktop\ZoneAlarm Security.lnk
[2010/05/28 08:46:20 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/05/27 18:23:05 | 000,002,016 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/05/27 12:40:04 | 000,000,016 | ---- | C] () -- C:\Windows\SysNative\asdict.dat
[2010/05/27 12:40:04 | 000,000,004 | ---- | C] () -- C:\Windows\SysNative\aspdict-en.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pcwords2.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pcwords.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pc_sign.slf
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\ab_bl.sig
[2010/05/27 12:40:03 | 000,000,000 | ---- | C] () -- C:\pcconf.ini
[2010/05/27 11:31:42 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2010/05/27 10:27:35 | 000,002,200 | ---- | C] () -- C:\Users\Public\Desktop\The Shield Deluxe 2010.lnk
[2010/05/27 10:19:39 | 000,137,570 | ---- | C] () -- C:\BdUninstallTool2010.05.27-10.19.39.reg
[2010/05/26 18:45:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/05/26 07:25:40 | 000,634,474 | ---- | C] () -- C:\Users\Gary\Desktop\Web-Traffic-Mechanic.pdf
[2010/05/25 12:26:51 | 000,000,290 | ---- | C] () -- C:\Users\Gary\Documents\SEOLDFASTINDEX.REG
[2010/05/25 12:23:43 | 000,002,669 | ---- | C] () -- C:\Users\Public\Desktop\SEO FAST Indexer.lnk
[2010/05/24 16:55:06 | 000,078,951 | ---- | C] () -- C:\Users\Gary\Desktop\LightningCashBlueprintsProcessMap.pdf
[2010/05/24 16:54:56 | 000,794,435 | ---- | C] () -- C:\Users\Gary\Desktop\LightningCashBlueprints.pdf
[2010/05/24 11:47:34 | 000,229,787 | ---- | C] () -- C:\Users\Gary\Desktop\Shoppers Safety Guide.pdf
[2010/05/24 00:33:25 | 000,001,738 | ---- | C] () -- C:\Users\Gary\Desktop\Passwords-Karen tappart.rtf
[2010/05/23 09:41:27 | 000,002,613 | ---- | C] () -- C:\Users\Public\Desktop\SerpAssist Lite!.lnk
[2010/05/23 08:12:02 | 000,015,360 | -HS- | C] () -- C:\Users\Gary\Thumbs.db
[2010/05/22 13:06:23 | 000,001,127 | ---- | C] () -- C:\Users\Gary\Desktop\The Authority Loophole.lnk
[2010/05/22 11:04:32 | 000,000,975 | ---- | C] () -- C:\Users\Gary\Desktop\Traffic Travis.lnk
[2010/05/22 00:00:27 | 000,002,625 | ---- | C] () -- C:\Users\Public\Desktop\Magic Submitter.lnk
[2010/05/20 17:15:49 | 000,000,019 | ---- | C] () -- C:\Users\Public\Documents\CTDChannels_Version.3dc48cd1.cdf
[2010/05/20 17:02:41 | 000,003,059 | ---- | C] () -- C:\Users\Gary\Desktop\Magic Article Submitter.lnk
[2010/05/20 16:45:39 | 000,627,761 | ---- | C] () -- C:\Users\Gary\The Article Leverage System.pdf
[2010/05/19 08:13:16 | 000,001,847 | ---- | C] () -- C:\Users\Gary\Desktop\CCleaner.lnk
[2010/05/19 08:11:06 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/19 08:09:58 | 000,001,220 | ---- | C] () -- C:\Users\Gary\Desktop\Spybot - Search & Destroy.lnk
[2010/05/18 16:35:29 | 000,001,738 | ---- | C] () -- C:\Users\Gary\Desktop\passwords.rtf
[2010/05/18 11:27:32 | 001,079,461 | ---- | C] () -- C:\Users\Gary\Desktop\great research tool ever.pdf
[2010/05/18 11:26:06 | 000,273,378 | ---- | C] () -- C:\Users\Gary\Desktop\Travis Niche Information.pdf
[2010/05/17 18:40:02 | 000,000,019 | ---- | C] () -- C:\Users\Public\Documents\CTDChannels_Version.cd27244d.cdf
[2010/05/17 09:55:52 | 000,103,249 | ---- | C] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier-ProcessMap.pdf
[2010/05/17 09:55:42 | 000,429,362 | ---- | C] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier.pdf
[2010/05/15 21:59:15 | 000,001,611 | ---- | C] () -- C:\Users\Gary\Desktop\DivX Movies.lnk
[2010/05/15 21:58:57 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 21:58:46 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/05/13 20:05:14 | 000,711,168 | ---- | C] () -- C:\Windows\is-I3AKN.exe
[2010/05/13 20:05:14 | 000,010,562 | ---- | C] () -- C:\Windows\is-I3AKN.msg
[2010/05/13 20:05:14 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\Micro Niche Finder 5.0.lnk
[2010/05/13 20:05:14 | 000,000,583 | ---- | C] () -- C:\Windows\is-I3AKN.lst
[2010/05/13 15:25:54 | 000,495,347 | ---- | C] () -- C:\Users\Gary\Desktop\435 seo ontrial-sequence.pdf
[2010/05/13 15:03:00 | 000,057,271 | ---- | C] () -- C:\Users\Gary\Desktop\500Bookmarking.pdf
[2010/05/13 12:25:24 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 11:19:32 | 000,003,065 | ---- | C] () -- C:\Users\Gary\Desktop\Traffic Mania - RSSBot.lnk
[2010/05/12 18:20:37 | 006,296,004 | ---- | C] () -- C:\Users\Gary\Desktop\ErnieFord.wmv
[2010/05/12 13:52:31 | 000,001,736 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/05/12 12:46:34 | 000,072,080 | ---- | C] () -- C:\Users\Gary\g2mdlhlpx.exe
[2010/05/12 12:08:09 | 000,000,993 | ---- | C] () -- C:\Users\Gary\Desktop\PIXresizer.lnk
[2010/05/11 08:48:30 | 000,002,615 | ---- | C] () -- C:\Users\Public\Desktop\Magic Article Rewriter.lnk
[2010/05/11 07:25:02 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Article Submitter.lnk
[2010/05/08 11:47:28 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2010/05/07 23:37:08 | 000,061,558 | ---- | C] () -- C:\Users\Gary\Documents\little girls.jpg
[2010/05/07 23:32:21 | 000,000,024 | ---- | C] () -- C:\Windows\SW_Win3112X32.DLL
[2010/05/07 23:32:04 | 001,220,608 | ---- | C] () -- C:\Windows\SysWow64\pdf2bmp.dll
[2010/05/07 23:32:04 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\WordConverterX2.ocx
[2010/05/07 23:32:04 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\CSVSpecialProcessing.dll
[2010/05/07 23:32:04 | 000,000,823 | ---- | C] () -- C:\Users\Gary\Desktop\Convert Document To Image.lnk
[2010/05/07 23:32:03 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\SII_PDF.dll
[2010/05/07 23:32:03 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\SARzilla.dll
[2010/05/07 23:32:03 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\DVM.dll
[2010/05/07 23:32:03 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\RegisterExe.exe
[2010/05/07 23:32:03 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx151ic.ini
[2010/05/07 18:31:24 | 000,546,304 | ---- | C] () -- C:\Users\Gary\Documents\little girls.doc
[2010/05/07 14:35:50 | 000,030,720 | ---- | C] () -- C:\Users\Gary\Documents\Chiggers.rrp
[2010/05/07 08:57:33 | 000,075,057 | ---- | C] () -- C:\Users\Gary\Desktop\Walton-Feed-May-2-2010.csv
[2010/05/07 01:57:10 | 000,007,168 | ---- | C] () -- C:\Users\Gary\Documents\Foreclosure.rrp
[2010/05/07 01:05:21 | 000,000,736 | ---- | C] () -- C:\Users\Gary\Documents\Rapid Rewriter Article Spinner And MORE!.htm
[2010/05/07 00:35:10 | 000,295,977 | ---- | C] () -- C:\Users\Gary\Documents\233Geek-Free-SEO.pdf
[2010/05/06 23:41:55 | 000,059,035 | ---- | C] () -- C:\Users\Gary\Documents\Alzheimers_disease_prevention.html
[2010/05/04 17:21:08 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2010/05/02 15:19:42 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/02 15:18:56 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | C] () -- C:\Users\Gary\Desktop\Shortcut to TubeSucker.exe.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | C] () -- C:\Users\Gary\Desktop\Shortcut to ProgrammableTabBrowser.exe.lnk
[2010/05/02 12:02:00 | 000,001,226 | ---- | C] () -- C:\Users\Gary\Desktop\Revo Uninstaller.lnk
[2010/05/01 22:58:14 | 000,001,197 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/05/01 22:04:18 | 000,014,646 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2010/05/01 16:26:42 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/01 16:26:41 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/01 11:05:21 | 000,000,974 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2010/04/27 14:49:23 | 000,000,991 | ---- | C] () -- C:\Users\Gary\Desktop\magicJack.lnk
[2010/04/27 14:25:22 | 000,082,289 | ---- | C] () -- C:\Windows\SysNative\lvcoin64.ini
[2010/04/27 14:24:55 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/04/27 14:07:37 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010/04/27 14:06:31 | 001,835,008 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT
[2010/04/27 14:06:31 | 000,524,288 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/27 14:06:31 | 000,524,288 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/27 14:06:31 | 000,262,144 | -HS- | C] () -- C:\Users\Gary\ntuser.dat.LOG1
[2010/04/27 14:06:31 | 000,065,536 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/27 14:06:31 | 000,000,020 | -HS- | C] () -- C:\Users\Gary\ntuser.ini
[2010/04/27 14:06:31 | 000,000,000 | -HS- | C] () -- C:\Users\Gary\ntuser.dat.LOG2
[2010/04/25 01:23:26 | 000,315,535 | ---- | C] () -- C:\Users\Gary\Desktop\LinkChecker.zip
[2010/04/25 00:53:03 | 001,391,203 | ---- | C] () -- C:\Users\Gary\Desktop\50 Sites Pay To Write-Personal.zip
[2009/09/29 16:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/05/22 11:04:32 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Affilorama
[2010/05/29 14:37:10 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\BitDefender
[2010/05/28 08:48:02 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\CheckPoint
[2010/05/02 14:56:44 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Foxit Software
[2010/05/29 17:59:31 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\GoodSync
[2010/05/07 22:36:16 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\IrfanView
[2010/04/27 14:26:28 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2010/05/30 13:25:52 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\mjusbsp
[2010/05/13 18:58:58 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\NetSpell
[2010/05/01 22:57:37 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org
[2010/04/27 14:09:54 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\PictureMover
[2010/05/01 11:05:23 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Template
[2010/05/27 10:27:23 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\The Shield Deluxe
[2010/05/29 10:21:49 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Thunderbird
[2010/04/27 14:31:52 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\WinBatch
[2010/04/27 14:11:29 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2009/07/13 22:08:49 | 000,009,364 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: AGP440.SYS >
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2009/06/25 16:06:52 | 000,001,024 | ---- | M] () MD5=231CD46A29C26A58BDE1C7146B702399 -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\lib\eventlog.dll
[2007/05/17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2009/10/05 23:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/10/05 23:35:29 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/10/05 23:31:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/10/05 22:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: IASTORV.SYS >
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USERINIT.EXE >
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TempFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >

 

OTL Extras logfile created on: 5/30/2010 1:43:30 PM - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.19 Gb Total Space | 231.55 Gb Free Space | 80.62% Space Free | Partition Type: NTFS
Drive D: | 10.80 Gb Total Space | 1.55 Gb Free Space | 14.33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 232.88 Gb Total Space | 109.20 Gb Free Space | 46.89% Space Free | Partition Type: NTFS

Computer Name: GARY-PC
Current User Name: Gary
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1 "
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A07F0CC3-40FC-46AF-91B1-09ECF546057D}" = SEO Link Dominator - fast Indexer and Pinger
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BADC5319-A2A0-4BE1-A7C3-A271AE0E791D}" = The Shield Deluxe 2010
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F9D3AF5-BB74-474A-92C8-410839303DB5}" = TubeSucker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{6D5A23C9-D061-4C94-BB48-1A3614698B06}" = Magic Submitter
"{7387442F-CB81-4775-96FA-C038CF479C3E}" = Magic Tokens Database 2.0
"{7FC8C210-A319-4835-A87D-B935EFB4C148}" = Microsoft Live Search Toolbar
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8198DD04-D0F6-4674-A2D9-E6546347D62D}" = RSSBot
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC64863-2C70-4FA5-A08D-9115894D4D2E}" = SERPAssist Lite!
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85CDBC3-BEDF-4243-A107-4BF81351F84B}" = Magic Article Submitter
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{B6D8028B-B6FA-52FB-339A-7FD07E21D78B}" = ASHelper
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BEDE6836-8ED5-4444-B895-CE54968CFC4C}" = Magic Article Rewriter
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D9CB84BA-4461-44C3-BD33-6752D234AE4F}" = Magic Article Submitter
"{DA0A5873-4B54-4179-9C0C-BA313C56EA37}" = Mindjet MindManager Viewer 6
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{ED34F80D-850F-449A-A715-099E9E6C628D}" = Proxy Scraper
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = AI RoboForm (All Users)
"ashelper.ASHelper.46130C60F2252FA5A4446077F84AA968F38F8488.1" = ASHelper
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Convert Document To Image_is1" = Convert Document To Image
"Core FTP LE 2.1" = Core FTP LE 2.1
"DE273599-96B0-4836-97C2-B2025C625F81" = The Authority Loophole
"DivX Setup.divx.com" = DivX Setup
"Doc-Docx to Image Converter 3000_is1" = Doc-Docx to Image Converter 3000 7.4
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Foxit Reader" = Foxit Reader
"Free-Buttons.org" = Free-Buttons.org
"Google Chrome" = Google Chrome
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micro Niche Finder 5.0_is1" = Micro Niche Finder 5.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OnlyWire" = OnlyWire
"Picasa 3" = Picasa 3
"PIXresizer_is1" = PIXresizer 2.0.4
"Revo Uninstaller" = Revo Uninstaller 1.88
"Traffic Travis_is1" = Traffic Travis 3.2.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XHeader" = XHeader
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457
"LastPass" = LastPass (uninstall only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/2/2010 6:17:56 PM | Computer Name = Gary-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 1.9.2.3743, time
stamp: 0x4bb4be02 Faulting module name: FOXITR~1.OCX, version: 1.0.1.1113, time stamp:
0x4afcef8f Exception code: 0xc0000005 Fault offset: 0x00002ccd Faulting process id:
0xb98 Faulting application start time: 0x01caea454cea7fc0 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX
Report
Id: 8edd9d90-5638-11df-b9ca-e0cb4e4ccbb1

Error - 5/5/2010 7:26:31 AM | Computer Name = Gary-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 5/5/2010 7:27:47 AM | Computer Name = Gary-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "l:\jeds computer\Desktop\freecommanderportable\App\freecommander\DelZip179.dll ".Error
in manifest or policy file "l:\jeds computer\Desktop\freecommanderportable\App\freecommander\DelZip179.dll "
on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is
invalid.

Error - 5/6/2010 3:31:18 AM | Computer Name = Gary-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 5/7/2010 5:45:28 AM | Computer Name = Gary-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 5/9/2010 9:33:48 AM | Computer Name = Gary-PC | Source = Google Update | ID = 20
Description =

Error - 5/9/2010 10:33:48 AM | Computer Name = Gary-PC | Source = Google Update | ID = 20
Description =

Error - 5/9/2010 11:33:47 AM | Computer Name = Gary-PC | Source = Google Update | ID = 20
Description =

Error - 5/9/2010 12:33:47 PM | Computer Name = Gary-PC | Source = Google Update | ID = 20
Description =

Error - 5/9/2010 1:33:48 PM | Computer Name = Gary-PC | Source = Google Update | ID = 20
Description =

[ Media Center Events ]
Error - 5/9/2010 12:49:51 PM | Computer Name = Gary-PC | Source = MCUpdate | ID = 0
Description = 9:49:49 AM - Error connecting to the internet. 9:49:49 AM - Unable
to contact server..

Error - 5/9/2010 1:50:33 PM | Computer Name = Gary-PC | Source = MCUpdate | ID = 0
Description = 10:50:31 AM - Error connecting to the internet. 10:50:31 AM - Unable
to contact server..

[ System Events ]
Error - 5/28/2010 11:47:53 AM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7030
Description = The ZoneAlarm Toolbar IswSvc service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 5/28/2010 11:50:21 AM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 5/28/2010 11:51:38 AM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
is3srv szkg5

Error - 5/28/2010 12:05:13 PM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 5/28/2010 12:07:08 PM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
is3srv szkg5

Error - 5/28/2010 12:07:54 PM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Search service to connect.

Error - 5/28/2010 12:07:54 PM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053

Error - 5/28/2010 12:07:55 PM | Computer Name = Gary-PC | Source = DCOM | ID = 10005
Description =

Error - 5/29/2010 4:24:24 AM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 5/29/2010 4:26:19 AM | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
is3srv szkg5


< End of report >

 

Results of screen317's Security Check version 0.99.4
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ZoneAlarm
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Eusing Free Registry Cleaner
Java(TM) 6 Update 20
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.2
Mozilla Firefox (3.6.3)
Mozilla Thunderbird (3.0.4)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Zone Labs ZoneAlarm zlclient.exe
````````````````````````````````
DNS Vulnerability Check:
GOOD! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

 

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ deleted successfully.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ deleted successfully.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ deleted successfully.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\ProgramData\STOPzilla!\vdb folder moved successfully.
C:\ProgramData\STOPzilla!\Quarantine folder moved successfully.
C:\ProgramData\STOPzilla! folder moved successfully.
ADS C:\ProgramData\TempFC5A2B2 deleted successfully.
ADS C:\ProgramData\Temp:A8ADE5D8 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gary
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 43253358 bytes
->Java cache emptied: 97750 bytes
->FireFox cache emptied: 80158433 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 53790 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2036440 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 396498805 bytes

Total Files Cleaned = 498.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gary
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.5.1 log created on 05302010_145111

Files\Folders moved on Reboot...
C:\Users\Gary\AppData\Local\Mozilla\Firefox\Profiles\2jp1mb9m.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Gary\AppData\Local\Mozilla\Firefox\Profiles\2jp1mb9m.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Gary\AppData\Local\Mozilla\Firefox\Profiles\2jp1mb9m.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Gary\AppData\Local\Mozilla\Firefox\Profiles\2jp1mb9m.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Gary\AppData\Local\Mozilla\Firefox\Profiles\2jp1mb9m.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
File\Folder C:\Windows\temp\ZLT03693.TMP not found!

Registry entries deleted on Reboot...

 

OTL logfile created on: 5/30/2010 3:02:30 PM - Run 2
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.19 Gb Total Space | 231.54 Gb Free Space | 80.62% Space Free | Partition Type: NTFS
Drive D: | 10.80 Gb Total Space | 1.55 Gb Free Space | 14.33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 232.88 Gb Total Space | 109.31 Gb Free Space | 46.94% Space Free | Partition Type: NTFS

Computer Name: GARY-PC
Current User Name: Gary
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010/05/26 13:03:36 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/05/07 10:26:36 | 000,616,960 | ---- | M] () -- C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
PRC - [2010/04/27 15:33:15 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/04/01 10:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/02/26 16:50:28 | 000,087,384 | ---- | M] (magicJack L.P.) -- C:\Users\Gary\AppData\Roaming\mjusbsp\st00000\mjsetup.exe
PRC - [2010/02/26 16:46:32 | 012,526,424 | ---- | M] (magicJack L.P.) -- C:\Users\Gary\AppData\Roaming\mjusbsp\magicJack.exe
PRC - [2010/02/02 00:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 00:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/16 15:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/07/13 18:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009/06/03 13:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
MOD - [2010/05/27 12:38:03 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_extra.m32
MOD - [2010/05/27 12:38:03 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_net.m32
MOD - [2010/05/27 12:37:44 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_nt.m32
MOD - [2010/05/27 12:37:42 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_base.m32
MOD - [2010/05/27 12:37:41 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_fragments.m32
MOD - [2010/05/27 12:37:39 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_registry.m32
MOD - [2010/05/27 12:37:37 | 000,217,088 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\midas32.dll
MOD - [2010/05/26 06:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2009/12/28 23:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009/07/13 18:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 14:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009/06/10 14:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/26 06:35:34 | 000,823,272 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2010/05/10 03:00:33 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/09/28 14:47:26 | 002,273,816 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2009/09/28 14:47:12 | 000,440,928 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2009/09/25 17:24:56 | 000,412,672 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/09/14 00:03:04 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/07/13 18:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 18:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 18:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 18:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 18:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 18:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 18:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 18:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 18:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 18:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 18:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 18:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 18:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 18:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/27 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 18:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 18:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 13:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 13:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/26 06:35:12 | 000,033,008 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009/12/11 03:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/25 23:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/09/17 16:12:16 | 000,162,312 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2009/09/16 22:57:46 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0)
DRV:64bit: - [2009/09/01 15:24:42 | 000,088,584 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2009/08/13 04:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/30 10:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/24 12:26:02 | 000,340,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 18:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 18:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 18:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 18:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 18:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 17:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 17:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 17:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 17:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 17:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 17:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 17:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 17:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 17:06:32 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/13 17:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 17:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 17:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 17:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 17:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 16:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 16:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 16:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 16:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 16:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 16:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 15:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 18:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 14:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 14:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.68.2
FF - prefs.js..extensions.enabledItems: clickbank@geminussoft.com:1.32
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.2
FF - prefs.js..extensions.enabledItems: seo4firefox@seobook.com:3.3.0
FF - prefs.js..extensions.enabledItems: seotoolbar@seobook.com:1.0.17
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.9
FF - prefs.js..extensions.enabledItems: urllister@binnyva.com:1.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.5.12
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.80
FF - prefs.js..extensions.enabledItems: {9BAE5926-8513-417d-8E47-774955A7C60D}:1.1.1d
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.8
FF - prefs.js..extensions.enabledItems: {B7D3E479-CC68-42B5-A338-938ECE35F419}:0.9.0.0
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.0.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdaphffext\ [2010/05/27 10:26:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/30 13:25:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/29 10:05:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: L:\ThunderbirdPortable\App\thunderbird\components [2010/05/29 10:21:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: L:\ThunderbirdPortable\App\thunderbird\plugins [2009/09/10 21:34:54 | 000,000,000 | ---D | M]

[2010/05/29 10:21:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2010/05/29 10:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/05/30 14:59:47 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/05/29 10:19:03 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (affilorama) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{7822cf50-08ee-4915-9872-ee92472df6cb}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2010/05/29 02:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/29 02:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\capturefoxmovie@advancity.net
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\clickbank@geminussoft.com
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\foxyproxy@eric.h.jung
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\rankchecker@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seo4firefox@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seotoolbar@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\spellbound@sourceforge.net
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\staged-xpis
[2010/05/29 10:07:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\support@lastpass.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@alexa.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@ask.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\urllister@binnyva.com
[2010/05/10 07:37:31 | 000,001,657 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\searchplugins\how-i-rank.xml
[2010/05/29 10:05:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\Mozilla Firefox\components\FFComm.dll

O1 HOSTS File: ([2010/05/30 14:52:20 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEToolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe (PCSecurityShield)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [cdloader] C:\Users\Gary\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.7.169.1 66.116.104.21
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell\AutoRun\command - " " = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - " " = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

OTL logfile created on: 5/30/2010 3:02:30 PM - Run 2
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.19 Gb Total Space | 231.54 Gb Free Space | 80.62% Space Free | Partition Type: NTFS
Drive D: | 10.80 Gb Total Space | 1.55 Gb Free Space | 14.33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 232.88 Gb Total Space | 109.31 Gb Free Space | 46.94% Space Free | Partition Type: NTFS

Computer Name: GARY-PC
Current User Name: Gary
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe
PRC - [2010/05/27 18:47:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010/05/26 13:03:36 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/05/07 10:26:36 | 000,616,960 | ---- | M] () -- C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
PRC - [2010/04/27 15:33:15 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/04/01 10:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/02/26 16:50:28 | 000,087,384 | ---- | M] (magicJack L.P.) -- C:\Users\Gary\AppData\Roaming\mjusbsp\st00000\mjsetup.exe
PRC - [2010/02/26 16:46:32 | 012,526,424 | ---- | M] (magicJack L.P.) -- C:\Users\Gary\AppData\Roaming\mjusbsp\magicJack.exe
PRC - [2010/02/02 00:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 00:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/16 15:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/07/13 18:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009/06/03 13:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
MOD - [2010/05/27 12:38:03 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_extra.m32
MOD - [2010/05/27 12:38:03 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_net.m32
MOD - [2010/05/27 12:37:44 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_nt.m32
MOD - [2010/05/27 12:37:42 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_base.m32
MOD - [2010/05/27 12:37:41 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_fragments.m32
MOD - [2010/05/27 12:37:39 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\plugin_registry.m32
MOD - [2010/05/27 12:37:37 | 000,217,088 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas64-v2_52\midas32.dll
MOD - [2010/05/26 06:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2009/12/28 23:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009/07/13 18:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 14:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009/06/10 14:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/26 06:35:34 | 000,823,272 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2010/05/10 03:00:33 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/09/28 14:47:26 | 002,273,816 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2009/09/28 14:47:12 | 000,440,928 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2009/09/25 17:24:56 | 000,412,672 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/09/14 00:03:04 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/07/13 18:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 18:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 18:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 18:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 18:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 18:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 18:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 18:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 18:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 18:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 18:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 18:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 18:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 18:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/27 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/09/27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 18:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 18:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 13:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 13:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/26 06:35:12 | 000,033,008 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009/12/11 03:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/25 23:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/09/17 16:12:16 | 000,162,312 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2009/09/16 22:57:46 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0)
DRV:64bit: - [2009/09/01 15:24:42 | 000,088,584 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2009/08/13 04:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/30 10:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/24 12:26:02 | 000,340,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 18:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 18:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 18:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 18:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 18:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 17:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 17:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 17:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 17:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 17:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 17:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 17:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 17:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 17:06:32 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/13 17:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 17:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 17:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 17:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 17:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 16:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 16:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 16:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 16:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 16:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 16:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 15:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 18:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 14:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 14:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.68.2
FF - prefs.js..extensions.enabledItems: clickbank@geminussoft.com:1.32
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.2
FF - prefs.js..extensions.enabledItems: seo4firefox@seobook.com:3.3.0
FF - prefs.js..extensions.enabledItems: seotoolbar@seobook.com:1.0.17
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.9
FF - prefs.js..extensions.enabledItems: urllister@binnyva.com:1.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.5.12
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.80
FF - prefs.js..extensions.enabledItems: {9BAE5926-8513-417d-8E47-774955A7C60D}:1.1.1d
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.8
FF - prefs.js..extensions.enabledItems: {B7D3E479-CC68-42B5-A338-938ECE35F419}:0.9.0.0
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.0.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdaphffext\ [2010/05/27 10:26:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/30 13:25:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/29 10:05:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: L:\ThunderbirdPortable\App\thunderbird\components [2010/05/29 10:21:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: L:\ThunderbirdPortable\App\thunderbird\plugins [2009/09/10 21:34:54 | 000,000,000 | ---D | M]

[2010/05/29 10:21:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2010/05/29 10:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/05/30 14:59:47 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/05/29 10:19:03 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (affilorama) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{7822cf50-08ee-4915-9872-ee92472df6cb}
[2010/05/29 10:15:10 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/05/29 10:15:01 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419}
[2010/05/29 10:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2010/05/29 02:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/29 02:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\capturefoxmovie@advancity.net
[2010/05/29 10:15:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\clickbank@geminussoft.com
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\foxyproxy@eric.h.jung
[2010/05/29 10:15:06 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\rankchecker@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seo4firefox@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\seotoolbar@seobook.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\spellbound@sourceforge.net
[2010/05/29 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\staged-xpis
[2010/05/29 10:07:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\support@lastpass.com
[2010/05/29 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@alexa.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\toolbar@ask.com
[2010/05/29 10:15:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\extensions\urllister@binnyva.com
[2010/05/10 07:37:31 | 000,001,657 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\2jp1mb9m.default\searchplugins\how-i-rank.xml
[2010/05/29 10:05:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\Mozilla Firefox\components\FFComm.dll

O1 HOSTS File: ([2010/05/30 14:52:20 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEToolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe (PCSecurityShield)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [cdloader] C:\Users\Gary\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.7.169.1 66.116.104.21
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell\AutoRun\command - " " = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - " " = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[2010/05/30 14:51:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/29 17:44:00 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010/05/29 17:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010/05/29 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\BitDefender
[2010/05/29 14:20:04 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2010/05/29 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\xheader-data
[2010/05/29 11:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XHeader
[2010/05/29 11:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thraex Software
[2010/05/29 11:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free-Buttons.org
[2010/05/29 10:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/05/29 08:25:00 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Firefox backup files
[2010/05/28 17:06:07 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Katie
[2010/05/28 08:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner
[2010/05/28 08:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoreFTP
[2010/05/28 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\ForceField Shared Files
[2010/05/28 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\CheckPoint
[2010/05/28 08:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/05/28 08:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm
[2010/05/28 08:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/05/28 08:46:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2010/05/28 08:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2010/05/28 08:42:56 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010/05/28 08:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010/05/27 18:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/05/27 18:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/05/27 10:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/05/27 10:27:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\The Shield Deluxe
[2010/05/27 10:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\The Shield Deluxe
[2010/05/27 10:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2010/05/27 08:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010/05/27 08:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2010/05/26 18:45:23 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010/05/26 18:42:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\ElevatedDiagnostics
[2010/05/26 17:28:57 | 000,000,000 | -HSD | C] -- C:\ProgramData\System Restore
[2010/05/25 12:49:48 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\pingotech
[2010/05/25 12:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrafficMystic.com
[2010/05/25 12:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\stephenhawkins
[2010/05/25 11:25:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\SEO
[2010/05/25 09:56:27 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Site Tools - Ideas
[2010/05/25 09:41:33 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\SoulMate Kit
[2010/05/23 17:35:15 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Computer Pics
[2010/05/23 09:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Informec
[2010/05/23 08:12:20 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Selecting Niches
[2010/05/22 13:06:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
[2010/05/22 13:06:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Authority Loophole
[2010/05/22 11:04:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Affilorama
[2010/05/22 11:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Traffic Travis v3
[2010/05/22 00:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alexandr Krulik
[2010/05/20 16:31:39 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Magic Article Submitter ETC
[2010/05/19 08:16:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Registry Backup
[2010/05/19 08:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/05/19 08:11:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Malwarebytes
[2010/05/19 08:11:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/05/19 08:11:03 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/05/19 08:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/05/19 08:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/19 08:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/05/19 08:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/05/19 01:03:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/05/16 01:32:02 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Downloads
[2010/05/16 00:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/05/15 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\DivX
[2010/05/15 21:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/05/15 21:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/05/15 21:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010/05/15 21:57:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010/05/15 21:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/05/15 18:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Magic Submitter
[2010/05/13 19:40:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\DanielRankMover
[2010/05/13 19:02:11 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Lindas Site
[2010/05/13 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\NetSpell
[2010/05/13 11:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incansoft
[2010/05/12 13:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnlyWire
[2010/05/12 12:08:08 | 000,991,232 | ---- | C] (Viscom Software ) -- C:\Windows\SysWow64\imageviewer2.ocx
[2010/05/12 12:08:08 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\threed32.ocx
[2010/05/12 12:08:08 | 000,151,552 | ---- | C] (Domenico Statuto - CCRP) -- C:\Windows\SysWow64\ccrpfd6.ocx
[2010/05/12 12:08:08 | 000,110,592 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\SysWow64\ccrpbds6.dll
[2010/05/12 12:08:08 | 000,106,496 | ---- | C] (Marco Bellinaso) -- C:\Windows\SysWow64\mbprgbar.ocx
[2010/05/12 12:08:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PIXresizer
[2010/05/12 12:02:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Andew
[2010/05/11 09:26:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Prefetch
[2010/05/11 08:48:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Koe
[2010/05/11 07:25:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Article Submission Helper
[2010/05/11 07:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASHelper
[2010/05/10 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\WinRAR
[2010/05/10 11:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/05/10 03:00:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/05/10 03:00:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/05/09 11:00:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Diagnostics
[2010/05/08 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/05/08 11:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LastPass
[2010/05/07 23:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Convert Document To Image
[2010/05/07 23:32:04 | 001,101,824 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151dox.dll
[2010/05/07 23:32:04 | 000,790,528 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151doc.dll
[2010/05/07 23:32:04 | 000,655,360 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151pdf.dll
[2010/05/07 23:32:04 | 000,651,264 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151htm.dll
[2010/05/07 23:32:04 | 000,626,688 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTImageFile.dll
[2010/05/07 23:32:04 | 000,479,232 | ---- | C] (SoftInterface.COM) -- C:\Windows\SysWow64\PDFConverterX.ocx
[2010/05/07 23:32:04 | 000,360,448 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151css.dll
[2010/05/07 23:32:03 | 000,831,488 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151.dll
[2010/05/07 23:32:03 | 000,585,728 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151rtf.dll
[2010/05/07 23:32:03 | 000,376,832 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\txole151.ocx
[2010/05/07 23:32:03 | 000,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151obj.dll
[2010/05/07 23:32:03 | 000,245,760 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151tls.dll
[2010/05/07 23:32:03 | 000,237,568 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151png.flt
[2010/05/07 23:32:03 | 000,200,704 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151jpg.flt
[2010/05/07 23:32:03 | 000,155,648 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151ic.dll
[2010/05/07 23:32:03 | 000,106,496 | ---- | C] (Skogen) -- C:\Windows\SysWow64\SeeThroughPicture.ocx
[2010/05/07 23:32:03 | 000,090,112 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151bmp.flt
[2010/05/07 23:32:03 | 000,073,728 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151tif.flt
[2010/05/07 23:32:03 | 000,065,536 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151wnd.dll
[2010/05/07 23:32:03 | 000,057,344 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151gif.flt
[2010/05/07 23:32:03 | 000,053,248 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\tx151wmf.flt
[2010/05/07 23:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softinterface, Inc
[2010/05/07 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Output Files
[2010/05/07 23:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tempdir
[2010/05/07 23:12:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tool
[2010/05/07 23:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Doc-Docx to Image Converter 3000
[2010/05/07 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\IrfanView
[2010/05/07 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010/05/07 21:00:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Chigger Articles Spun 5-7-10
[2010/05/07 13:46:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Maria
[2010/05/07 01:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rapid Rewriter
[2010/05/06 23:41:30 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Health
[2010/05/05 19:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/05/05 19:41:05 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\hpqLog
[2010/05/05 19:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/05/04 19:44:56 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Foreclosure
[2010/05/04 17:15:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\HP Support Assistant
[2010/05/02 15:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/05/02 15:18:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/05/02 15:18:13 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Adobe
[2010/05/02 15:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/05/02 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Foxit Software
[2010/05/02 13:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeSucker
[2010/05/02 13:42:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\IsolatedStorage
[2010/05/02 13:37:34 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Software
[2010/05/02 13:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/05/02 12:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MassArticleCreator
[2010/05/02 12:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010/05/02 11:57:42 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Travis Computer
[2010/05/02 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\My Websites1
[2010/05/02 11:39:03 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\CyberLink
[2010/05/02 11:38:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\CyberLink
[2010/05/02 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\PowerCinema
[2010/05/02 11:32:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\My Maps
[2010/05/02 11:32:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Mindjet
[2010/05/02 11:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mindjet
[2010/05/02 11:30:40 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/05/02 11:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/05/02 11:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/05/02 11:14:11 | 000,054,016 | ---- | C] (OrangeWare Corporation) -- C:\Windows\SysWow64\drivers\ousb2hub.sys
[2010/05/02 11:14:11 | 000,039,040 | ---- | C] (OrangeWare Corporation) -- C:\Windows\SysWow64\drivers\ousbehci.sys
[2010/05/02 11:14:11 | 000,000,000 | ---D | C] -- C:\Windows\Drivers
[2010/05/01 22:57:37 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org
[2010/05/01 22:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2010/05/01 22:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010/05/01 22:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/01 22:32:48 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\GoodSync
[2010/05/01 22:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\GoodSync
[2010/05/01 22:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\Siber Systems
[2010/05/01 22:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/05/01 16:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010/05/01 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/05/01 16:26:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Google
[2010/05/01 15:59:34 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Articles from Web
[2010/05/01 13:20:44 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Backlink Generator - Site Installed
[2010/05/01 13:15:06 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Cross Posting
[2010/05/01 13:07:19 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Google10 Box Maps
[2010/05/01 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Internet Pictures
[2010/05/01 11:47:37 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Dragon Preferred 10.1
[2010/05/01 11:23:04 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Offline business info
[2010/05/01 11:18:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\AG
[2010/05/01 11:18:19 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Answer Sites
[2010/05/01 11:18:15 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Home Foreclosure
[2010/05/01 11:13:25 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Aticles to publish
[2010/05/01 11:05:23 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Template
[2010/05/01 10:59:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Amanda's Backlinks
[2010/05/01 10:58:01 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Stop Foreclosure Process
[2010/05/01 08:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2010/04/29 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/04/27 18:12:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Thunderbird
[2010/04/27 18:12:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Thunderbird
[2010/04/27 17:01:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/04/27 17:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010/04/27 16:08:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\tjnet
[2010/04/27 15:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2010/04/27 15:33:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\My RoboForm Data
[2010/04/27 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2010/04/27 15:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Micro Niche Finder 5.0
[2010/04/27 15:19:52 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Micro Niche Finder
[2010/04/27 15:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Micro Niche Finder
[2010/04/27 15:13:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Mozilla
[2010/04/27 15:13:50 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Mozilla
[2010/04/27 14:49:04 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\mjusbsp
[2010/04/27 14:31:52 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\WinBatch
[2010/04/27 14:26:36 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\LogiShrd
[2010/04/27 14:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2010/04/27 14:26:28 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2010/04/27 14:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2010/04/27 14:17:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Macromedia
[2010/04/27 14:17:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Adobe
[2010/04/27 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\HpUpdate
[2010/04/27 14:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2010/04/27 14:09:58 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Hewlett-Packard
[2010/04/27 14:09:32 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\PictureMover
[2010/04/27 14:07:46 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Hewlett-Packard
[2010/04/27 14:07:30 | 000,000,000 | R--D | C] -- C:\Users\Gary\Searches
[2010/04/27 14:07:10 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Identities
[2010/04/27 14:07:00 | 000,000,000 | R--D | C] -- C:\Users\Gary\Contacts
[2010/04/27 14:06:57 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\VirtualStore
[2010/04/27 14:06:31 | 000,000,000 | --SD | C] -- C:\Users\Gary\AppData\Roaming\Microsoft
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Videos
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Saved Games
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Pictures
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Music
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Links
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Favorites
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Downloads
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\My Documents
[2010/04/27 14:06:31 | 000,000,000 | R--D | C] -- C:\Users\Gary\Desktop
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\Temporary Internet Files
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Templates
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Start Menu
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\SendTo
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Recent
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\PrintHood
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\NetHood
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Videos
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Pictures
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Documents\My Music
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\My Documents
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Local Settings
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\History
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Cookies
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\Application Data
[2010/04/27 14:06:31 | 000,000,000 | -HSD | C] -- C:\Users\Gary\AppData\Local\Application Data
[2010/04/27 14:06:31 | 000,000,000 | -H-D | C] -- C:\Users\Gary\AppData
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Temp
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\Microsoft
[2010/04/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Media Center Programs
[2010/04/27 14:06:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/04/26 15:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010/03/08 10:59:18 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

 

[2010/05/30 15:04:56 | 001,835,008 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT
[2010/05/30 15:03:45 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/30 15:03:45 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/30 14:58:23 | 000,000,991 | ---- | M] () -- C:\Users\Gary\Desktop\magicJack.lnk
[2010/05/30 14:56:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/30 14:55:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/30 14:54:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/30 14:53:52 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/30 14:53:20 | 000,000,132 | ---- | M] () -- C:\Windows\SysNative\rezumatenoi.dat
[2010/05/30 14:53:15 | 001,966,497 | -H-- | M] () -- C:\Users\Gary\AppData\Local\IconCache.db
[2010/05/30 14:52:20 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/05/30 14:31:04 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/30 09:49:18 | 000,492,489 | ---- | M] () -- C:\Users\Gary\Desktop\monthlycash.pdf
[2010/05/30 06:50:38 | 000,785,623 | ---- | M] () -- C:\Users\Gary\Desktop\TheCopywritingFormula.pdf
[2010/05/29 14:20:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2010/05/29 13:33:56 | 003,700,645 | ---- | M] () -- C:\Users\Gary\Desktop\ComboFix.exe
[2010/05/29 11:29:16 | 000,206,722 | ---- | M] () -- C:\Windows\XHeader Uninstaller.exe
[2010/05/29 11:29:16 | 000,000,953 | ---- | M] () -- C:\Users\Gary\Desktop\XHeader.lnk
[2010/05/29 10:07:04 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2010/05/29 10:05:49 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/29 08:46:10 | 000,740,616 | ---- | M] () -- C:\Users\Gary\Desktop\article-marketing[1].pdf
[2010/05/28 08:58:03 | 000,001,015 | ---- | M] () -- C:\Users\Gary\Desktop\Eusing Free Registry Cleaner.lnk
[2010/05/28 08:57:19 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Core FTP Lite.lnk
[2010/05/28 08:48:14 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/05/28 08:46:49 | 000,001,028 | ---- | M] () -- C:\Users\Gary\Desktop\ZoneAlarm Security.lnk
[2010/05/27 18:25:56 | 000,002,016 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/05/27 12:40:04 | 000,000,016 | ---- | M] () -- C:\Windows\SysNative\asdict.dat
[2010/05/27 12:40:04 | 000,000,004 | ---- | M] () -- C:\Windows\SysNative\aspdict-en.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pcwords2.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pcwords.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\pc_sign.slf
[2010/05/27 12:40:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\ab_bl.sig
[2010/05/27 12:40:03 | 000,000,000 | ---- | M] () -- C:\pcconf.ini
[2010/05/27 11:31:42 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2010/05/27 10:27:35 | 000,002,200 | ---- | M] () -- C:\Users\Public\Desktop\The Shield Deluxe 2010.lnk
[2010/05/27 10:24:32 | 000,137,570 | ---- | M] () -- C:\BdUninstallTool2010.05.27-10.19.39.reg
[2010/05/26 18:08:44 | 000,000,974 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2010/05/26 07:25:44 | 000,634,474 | ---- | M] () -- C:\Users\Gary\Desktop\Web-Traffic-Mechanic.pdf
[2010/05/25 12:26:52 | 000,000,290 | ---- | M] () -- C:\Users\Gary\Documents\SEOLDFASTINDEX.REG
[2010/05/25 12:23:43 | 000,002,669 | ---- | M] () -- C:\Users\Public\Desktop\SEO FAST Indexer.lnk
[2010/05/24 16:55:08 | 000,078,951 | ---- | M] () -- C:\Users\Gary\Desktop\LightningCashBlueprintsProcessMap.pdf
[2010/05/24 16:54:59 | 000,794,435 | ---- | M] () -- C:\Users\Gary\Desktop\LightningCashBlueprints.pdf
[2010/05/24 11:47:37 | 000,229,787 | ---- | M] () -- C:\Users\Gary\Desktop\Shoppers Safety Guide.pdf
[2010/05/24 00:33:25 | 000,001,738 | ---- | M] () -- C:\Users\Gary\Desktop\Passwords-Karen tappart.rtf
[2010/05/23 17:32:21 | 000,717,102 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/05/23 17:32:21 | 000,617,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/05/23 17:32:21 | 000,104,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/05/23 09:41:27 | 000,002,613 | ---- | M] () -- C:\Users\Public\Desktop\SerpAssist Lite!.lnk
[2010/05/22 16:42:10 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2010/05/22 13:06:23 | 000,001,127 | ---- | M] () -- C:\Users\Gary\Desktop\The Authority Loophole.lnk
[2010/05/22 11:04:32 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Desktop\Traffic Travis.lnk
[2010/05/22 00:00:27 | 000,002,625 | ---- | M] () -- C:\Users\Public\Desktop\Magic Submitter.lnk
[2010/05/21 23:57:55 | 000,001,226 | ---- | M] () -- C:\Users\Gary\Desktop\Revo Uninstaller.lnk
[2010/05/21 01:10:09 | 000,000,019 | ---- | M] () -- C:\Users\Public\Documents\CTDChannels_Version.3dc48cd1.cdf
[2010/05/20 17:15:25 | 000,000,019 | ---- | M] () -- C:\Users\Public\Documents\CTDChannels_Version.cd27244d.cdf
[2010/05/20 17:02:41 | 000,003,059 | ---- | M] () -- C:\Users\Gary\Desktop\Magic Article Submitter.lnk
[2010/05/20 17:02:04 | 000,002,615 | ---- | M] () -- C:\Users\Public\Desktop\Magic Article Rewriter.lnk
[2010/05/20 16:45:39 | 000,627,761 | ---- | M] () -- C:\Users\Gary\The Article Leverage System.pdf
[2010/05/19 08:13:16 | 000,001,847 | ---- | M] () -- C:\Users\Gary\Desktop\CCleaner.lnk
[2010/05/19 08:11:06 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/19 08:09:58 | 000,001,220 | ---- | M] () -- C:\Users\Gary\Desktop\Spybot - Search & Destroy.lnk
[2010/05/18 16:35:29 | 000,001,738 | ---- | M] () -- C:\Users\Gary\Desktop\passwords.rtf
[2010/05/18 11:27:32 | 001,079,461 | ---- | M] () -- C:\Users\Gary\Desktop\great research tool ever.pdf
[2010/05/18 11:26:06 | 000,273,378 | ---- | M] () -- C:\Users\Gary\Desktop\Travis Niche Information.pdf
[2010/05/17 09:55:57 | 000,103,249 | ---- | M] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier-ProcessMap.pdf
[2010/05/17 09:55:56 | 000,429,362 | ---- | M] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier.pdf
[2010/05/15 21:59:15 | 000,001,611 | ---- | M] () -- C:\Users\Gary\Desktop\DivX Movies.lnk
[2010/05/15 21:58:57 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 21:58:46 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/05/13 20:05:14 | 000,711,168 | ---- | M] () -- C:\Windows\is-I3AKN.exe
[2010/05/13 20:05:14 | 000,010,562 | ---- | M] () -- C:\Windows\is-I3AKN.msg
[2010/05/13 20:05:14 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\Micro Niche Finder 5.0.lnk
[2010/05/13 20:05:14 | 000,000,583 | ---- | M] () -- C:\Windows\is-I3AKN.lst
[2010/05/13 15:25:54 | 000,495,347 | ---- | M] () -- C:\Users\Gary\Desktop\435 seo ontrial-sequence.pdf
[2010/05/13 15:03:01 | 000,057,271 | ---- | M] () -- C:\Users\Gary\Desktop\500Bookmarking.pdf
[2010/05/13 12:25:24 | 000,730,638 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 11:19:32 | 000,003,065 | ---- | M] () -- C:\Users\Gary\Desktop\Traffic Mania - RSSBot.lnk
[2010/05/12 18:20:44 | 006,296,004 | ---- | M] () -- C:\Users\Gary\Desktop\ErnieFord.wmv
[2010/05/12 13:52:31 | 000,001,736 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/05/12 12:46:34 | 000,072,080 | ---- | M] () -- C:\Users\Gary\g2mdlhlpx.exe
[2010/05/12 12:08:09 | 000,000,993 | ---- | M] () -- C:\Users\Gary\Desktop\PIXresizer.lnk
[2010/05/11 07:25:02 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Article Submitter.lnk
[2010/05/07 23:37:08 | 000,061,558 | ---- | M] () -- C:\Users\Gary\Documents\little girls.jpg
[2010/05/07 23:34:16 | 000,000,024 | ---- | M] () -- C:\Windows\SW_Win3112X32.DLL
[2010/05/07 23:34:15 | 000,000,823 | ---- | M] () -- C:\Users\Gary\Desktop\Convert Document To Image.lnk
[2010/05/07 23:16:28 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/07 22:42:54 | 000,546,304 | ---- | M] () -- C:\Users\Gary\Documents\little girls.doc
[2010/05/07 22:15:04 | 000,030,720 | ---- | M] () -- C:\Users\Gary\Documents\Chiggers.rrp
[2010/05/07 08:57:44 | 000,075,057 | ---- | M] () -- C:\Users\Gary\Desktop\Walton-Feed-May-2-2010.csv
[2010/05/07 01:57:10 | 000,007,168 | ---- | M] () -- C:\Users\Gary\Documents\Foreclosure.rrp
[2010/05/07 01:05:22 | 000,000,736 | ---- | M] () -- C:\Users\Gary\Documents\Rapid Rewriter Article Spinner And MORE!.htm
[2010/05/07 00:35:10 | 000,295,977 | ---- | M] () -- C:\Users\Gary\Documents\233Geek-Free-SEO.pdf
[2010/05/06 23:41:57 | 000,059,035 | ---- | M] () -- C:\Users\Gary\Documents\Alzheimers_disease_prevention.html
[2010/05/02 15:18:56 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | M] () -- C:\Users\Gary\Desktop\Shortcut to TubeSucker.exe.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | M] () -- C:\Users\Gary\Desktop\Shortcut to ProgrammableTabBrowser.exe.lnk
[2010/05/02 13:42:30 | 000,085,256 | ---- | M] () -- C:\Users\Gary\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/02 13:32:28 | 000,352,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/05/01 22:58:14 | 000,001,197 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/27 14:24:55 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/04/27 14:11:29 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010/04/27 14:10:39 | 000,524,288 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/27 14:10:39 | 000,524,288 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/27 14:10:39 | 000,065,536 | -HS- | M] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/27 14:06:31 | 000,000,020 | -HS- | M] () -- C:\Users\Gary\ntuser.ini
[2010/04/27 14:05:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/04/27 14:05:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/04/26 15:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010/04/14 23:12:14 | 001,391,203 | ---- | M] () -- C:\Users\Gary\Desktop\50 Sites Pay To Write-Personal.zip
[2010/03/11 09:45:14 | 001,220,608 | ---- | M] () -- C:\Windows\SysWow64\pdf2bmp.dll
[2010/03/08 10:59:18 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2010/03/08 07:15:12 | 000,319,488 | ---- | M] () -- C:\Windows\SysWow64\WordConverterX2.ocx
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/30 09:49:15 | 000,492,489 | ---- | C] () -- C:\Users\Gary\Desktop\monthlycash.pdf
[2010/05/30 06:50:32 | 000,785,623 | ---- | C] () -- C:\Users\Gary\Desktop\TheCopywritingFormula.pdf
[2010/05/29 13:33:44 | 003,700,645 | ---- | C] () -- C:\Users\Gary\Desktop\ComboFix.exe
[2010/05/29 11:29:16 | 000,206,722 | ---- | C] () -- C:\Windows\XHeader Uninstaller.exe
[2010/05/29 11:29:16 | 000,000,953 | ---- | C] () -- C:\Users\Gary\Desktop\XHeader.lnk
[2010/05/29 10:05:49 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/29 08:46:10 | 000,740,616 | ---- | C] () -- C:\Users\Gary\Desktop\article-marketing[1].pdf
[2010/05/29 02:40:52 | 000,000,132 | ---- | C] () -- C:\Windows\SysNative\rezumatenoi.dat
[2010/05/28 08:58:03 | 000,001,015 | ---- | C] () -- C:\Users\Gary\Desktop\Eusing Free Registry Cleaner.lnk
[2010/05/28 08:57:19 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Core FTP Lite.lnk
[2010/05/28 08:46:49 | 000,001,028 | ---- | C] () -- C:\Users\Gary\Desktop\ZoneAlarm Security.lnk
[2010/05/28 08:46:20 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/05/27 18:23:05 | 000,002,016 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/05/27 12:40:04 | 000,000,016 | ---- | C] () -- C:\Windows\SysNative\asdict.dat
[2010/05/27 12:40:04 | 000,000,004 | ---- | C] () -- C:\Windows\SysNative\aspdict-en.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pcwords2.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pcwords.dat
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\pc_sign.slf
[2010/05/27 12:40:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\ab_bl.sig
[2010/05/27 12:40:03 | 000,000,000 | ---- | C] () -- C:\pcconf.ini
[2010/05/27 11:31:42 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2010/05/27 10:27:35 | 000,002,200 | ---- | C] () -- C:\Users\Public\Desktop\The Shield Deluxe 2010.lnk
[2010/05/27 10:19:39 | 000,137,570 | ---- | C] () -- C:\BdUninstallTool2010.05.27-10.19.39.reg
[2010/05/26 18:45:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/05/26 07:25:40 | 000,634,474 | ---- | C] () -- C:\Users\Gary\Desktop\Web-Traffic-Mechanic.pdf
[2010/05/25 12:26:51 | 000,000,290 | ---- | C] () -- C:\Users\Gary\Documents\SEOLDFASTINDEX.REG
[2010/05/25 12:23:43 | 000,002,669 | ---- | C] () -- C:\Users\Public\Desktop\SEO FAST Indexer.lnk
[2010/05/24 16:55:06 | 000,078,951 | ---- | C] () -- C:\Users\Gary\Desktop\LightningCashBlueprintsProcessMap.pdf
[2010/05/24 16:54:56 | 000,794,435 | ---- | C] () -- C:\Users\Gary\Desktop\LightningCashBlueprints.pdf
[2010/05/24 11:47:34 | 000,229,787 | ---- | C] () -- C:\Users\Gary\Desktop\Shoppers Safety Guide.pdf
[2010/05/24 00:33:25 | 000,001,738 | ---- | C] () -- C:\Users\Gary\Desktop\Passwords-Karen tappart.rtf
[2010/05/23 09:41:27 | 000,002,613 | ---- | C] () -- C:\Users\Public\Desktop\SerpAssist Lite!.lnk
[2010/05/23 08:12:02 | 000,015,360 | -HS- | C] () -- C:\Users\Gary\Thumbs.db
[2010/05/22 13:06:23 | 000,001,127 | ---- | C] () -- C:\Users\Gary\Desktop\The Authority Loophole.lnk
[2010/05/22 11:04:32 | 000,000,975 | ---- | C] () -- C:\Users\Gary\Desktop\Traffic Travis.lnk
[2010/05/22 00:00:27 | 000,002,625 | ---- | C] () -- C:\Users\Public\Desktop\Magic Submitter.lnk
[2010/05/20 17:15:49 | 000,000,019 | ---- | C] () -- C:\Users\Public\Documents\CTDChannels_Version.3dc48cd1.cdf
[2010/05/20 17:02:41 | 000,003,059 | ---- | C] () -- C:\Users\Gary\Desktop\Magic Article Submitter.lnk
[2010/05/20 16:45:39 | 000,627,761 | ---- | C] () -- C:\Users\Gary\The Article Leverage System.pdf
[2010/05/19 08:13:16 | 000,001,847 | ---- | C] () -- C:\Users\Gary\Desktop\CCleaner.lnk
[2010/05/19 08:11:06 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/19 08:09:58 | 000,001,220 | ---- | C] () -- C:\Users\Gary\Desktop\Spybot - Search & Destroy.lnk
[2010/05/18 16:35:29 | 000,001,738 | ---- | C] () -- C:\Users\Gary\Desktop\passwords.rtf
[2010/05/18 11:27:32 | 001,079,461 | ---- | C] () -- C:\Users\Gary\Desktop\great research tool ever.pdf
[2010/05/18 11:26:06 | 000,273,378 | ---- | C] () -- C:\Users\Gary\Desktop\Travis Niche Information.pdf
[2010/05/17 18:40:02 | 000,000,019 | ---- | C] () -- C:\Users\Public\Documents\CTDChannels_Version.cd27244d.cdf
[2010/05/17 09:55:52 | 000,103,249 | ---- | C] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier-ProcessMap.pdf
[2010/05/17 09:55:42 | 000,429,362 | ---- | C] () -- C:\Users\Gary\Desktop\TripleProfitMultiplier.pdf
[2010/05/15 21:59:15 | 000,001,611 | ---- | C] () -- C:\Users\Gary\Desktop\DivX Movies.lnk
[2010/05/15 21:58:57 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/05/15 21:58:46 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/05/13 20:05:14 | 000,711,168 | ---- | C] () -- C:\Windows\is-I3AKN.exe
[2010/05/13 20:05:14 | 000,010,562 | ---- | C] () -- C:\Windows\is-I3AKN.msg
[2010/05/13 20:05:14 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\Micro Niche Finder 5.0.lnk
[2010/05/13 20:05:14 | 000,000,583 | ---- | C] () -- C:\Windows\is-I3AKN.lst
[2010/05/13 15:25:54 | 000,495,347 | ---- | C] () -- C:\Users\Gary\Desktop\435 seo ontrial-sequence.pdf
[2010/05/13 15:03:00 | 000,057,271 | ---- | C] () -- C:\Users\Gary\Desktop\500Bookmarking.pdf
[2010/05/13 12:25:24 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 11:19:32 | 000,003,065 | ---- | C] () -- C:\Users\Gary\Desktop\Traffic Mania - RSSBot.lnk
[2010/05/12 18:20:37 | 006,296,004 | ---- | C] () -- C:\Users\Gary\Desktop\ErnieFord.wmv
[2010/05/12 13:52:31 | 000,001,736 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/05/12 12:46:34 | 000,072,080 | ---- | C] () -- C:\Users\Gary\g2mdlhlpx.exe
[2010/05/12 12:08:09 | 000,000,993 | ---- | C] () -- C:\Users\Gary\Desktop\PIXresizer.lnk
[2010/05/11 08:48:30 | 000,002,615 | ---- | C] () -- C:\Users\Public\Desktop\Magic Article Rewriter.lnk
[2010/05/11 07:25:02 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Article Submitter.lnk
[2010/05/08 11:47:28 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2010/05/07 23:37:08 | 000,061,558 | ---- | C] () -- C:\Users\Gary\Documents\little girls.jpg
[2010/05/07 23:32:21 | 000,000,024 | ---- | C] () -- C:\Windows\SW_Win3112X32.DLL
[2010/05/07 23:32:04 | 001,220,608 | ---- | C] () -- C:\Windows\SysWow64\pdf2bmp.dll
[2010/05/07 23:32:04 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\WordConverterX2.ocx
[2010/05/07 23:32:04 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\CSVSpecialProcessing.dll
[2010/05/07 23:32:04 | 000,000,823 | ---- | C] () -- C:\Users\Gary\Desktop\Convert Document To Image.lnk
[2010/05/07 23:32:03 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\SII_PDF.dll
[2010/05/07 23:32:03 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\SARzilla.dll
[2010/05/07 23:32:03 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\DVM.dll
[2010/05/07 23:32:03 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\RegisterExe.exe
[2010/05/07 23:32:03 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx151ic.ini
[2010/05/07 18:31:24 | 000,546,304 | ---- | C] () -- C:\Users\Gary\Documents\little girls.doc
[2010/05/07 14:35:50 | 000,030,720 | ---- | C] () -- C:\Users\Gary\Documents\Chiggers.rrp
[2010/05/07 08:57:33 | 000,075,057 | ---- | C] () -- C:\Users\Gary\Desktop\Walton-Feed-May-2-2010.csv
[2010/05/07 01:57:10 | 000,007,168 | ---- | C] () -- C:\Users\Gary\Documents\Foreclosure.rrp
[2010/05/07 01:05:21 | 000,000,736 | ---- | C] () -- C:\Users\Gary\Documents\Rapid Rewriter Article Spinner And MORE!.htm
[2010/05/07 00:35:10 | 000,295,977 | ---- | C] () -- C:\Users\Gary\Documents\233Geek-Free-SEO.pdf
[2010/05/06 23:41:55 | 000,059,035 | ---- | C] () -- C:\Users\Gary\Documents\Alzheimers_disease_prevention.html
[2010/05/04 17:21:08 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2010/05/02 15:19:42 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/02 15:18:56 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | C] () -- C:\Users\Gary\Desktop\Shortcut to TubeSucker.exe.lnk
[2010/05/02 13:54:06 | 000,002,871 | ---- | C] () -- C:\Users\Gary\Desktop\Shortcut to ProgrammableTabBrowser.exe.lnk
[2010/05/02 12:02:00 | 000,001,226 | ---- | C] () -- C:\Users\Gary\Desktop\Revo Uninstaller.lnk
[2010/05/01 22:58:14 | 000,001,197 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/05/01 22:04:18 | 000,014,646 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2010/05/01 16:26:42 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/01 16:26:41 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/01 11:05:21 | 000,000,974 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2010/04/27 14:49:23 | 000,000,991 | ---- | C] () -- C:\Users\Gary\Desktop\magicJack.lnk
[2010/04/27 14:25:22 | 000,082,289 | ---- | C] () -- C:\Windows\SysNative\lvcoin64.ini
[2010/04/27 14:24:55 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/04/27 14:07:37 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010/04/27 14:06:31 | 001,835,008 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT
[2010/04/27 14:06:31 | 000,524,288 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/27 14:06:31 | 000,524,288 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/27 14:06:31 | 000,262,144 | -HS- | C] () -- C:\Users\Gary\ntuser.dat.LOG1
[2010/04/27 14:06:31 | 000,065,536 | -HS- | C] () -- C:\Users\Gary\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/27 14:06:31 | 000,000,020 | -HS- | C] () -- C:\Users\Gary\ntuser.ini
[2010/04/27 14:06:31 | 000,000,000 | -HS- | C] () -- C:\Users\Gary\ntuser.dat.LOG2
[2010/04/25 01:23:26 | 000,315,535 | ---- | C] () -- C:\Users\Gary\Desktop\LinkChecker.zip
[2010/04/25 00:53:03 | 001,391,203 | ---- | C] () -- C:\Users\Gary\Desktop\50 Sites Pay To Write-Personal.zip
[2009/09/29 16:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/05/22 11:04:32 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Affilorama
[2010/05/29 14:37:10 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\BitDefender
[2010/05/28 08:48:02 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\CheckPoint
[2010/05/02 14:56:44 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Foxit Software
[2010/05/29 17:59:31 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\GoodSync
[2010/05/07 22:36:16 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\IrfanView
[2010/04/27 14:26:28 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2010/05/30 14:58:26 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\mjusbsp
[2010/05/13 18:58:58 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\NetSpell
[2010/05/01 22:57:37 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org
[2010/04/27 14:09:54 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\PictureMover
[2010/05/01 11:05:23 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Template
[2010/05/27 10:27:23 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\The Shield Deluxe
[2010/05/29 10:21:49 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Thunderbird
[2010/04/27 14:31:52 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\WinBatch
[2010/04/27 14:11:29 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2009/07/13 22:08:49 | 000,009,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

 

Broni, Thank you for all the help. No ZA free does not have anti virus that I am aware of. I am using The Shield. I am not sure but I think I saw a couple of posts here, if not here on another site I was looking for some answers to this beast. It is one of about 3 mentioned I think as being recommended. Do you suggest getting the upgrade on ZA or no?

I'll complete this cleanup action now. Thanks again for the special attention. I appreciate it very much. You are good folks.

 

I unloaded and deleted The Shield Deluxe and installed Avast Free and completed the rest of the instructions. This is the final report as requested.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Monday, May 31, 2010
Operating system: Microsoft (build 7600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, May 30, 2010 22:42:00
Records in database: 4193865
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan statistics:
Objects scanned: 174952
Threats found: 3
Infected objects found: 23
Suspicious objects found: 0
Scan duration: 03:19:38


File name / Threat / Threats count
C:\Users\Gary\Desktop\Home Foreclosure\mortgage2\Debt Articles\Copy (2) of pack1.zip Infected: not-a-virusownloader.Win32.Agent.db 2
C:\Users\Gary\Desktop\Home Foreclosure\mortgage2\Debt Articles\Copy of SQZ1ab.zip Infected: Trojan.Win32.Plapon.a 1
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Social Niche Builder$10-6-26\Reply eMailer Master\readownloads\reabonus\millionairesecret.exe Infected: not-a-virusownloader.Win32.Agent.db 1

 

It would not accept the report because of too many images or something. this is the other half of it.

C:\Users\Gary\Desktop\My Websites1\Sites To Do\Social Niche Builder$10-6-26\Reply eMailer Master\readownloads\reabonus\REAbonus.zip Infected: not-a-virusownloader.Win32.Agent.db 1
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Social Niche Builder$10-6-26\Reply eMailer Master\REAmaster.zip Infected: not-a-virusownloader.Win32.Agent.db 1
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Turnkey Websites\Turnkey Websites\casino1.zip Infected: not-a-virusownloader.Win32.Agent.db 3
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Turnkey Websites\Turnkey Websites\casino2x.zip Infected: not-a-virusownloader.Win32.Agent.db 3
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Turnkey Websites\Turnkey Websites\casino3z.zip Infected: not-a-virusownloader.Win32.Agent.db 3
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Turnkey Websites\Turnkey Websites\casino4ww.zip Infected: not-a-virusownloader.Win32.Agent.db 3
C:\Users\Gary\Desktop\My Websites1\Sites To Do\Turnkey Websites\Turnkey Websites\casino5ew.zip Infected: not-a-virusownloader.Win32.Agent.db 3
C:\Users\Gary\Desktop\Software\Pro Article Writer\newyear\parrr.rar Infected: Trojan.Win32.Agent.djki 1
C:\Users\Gary\Desktop\Software\Pro Article Writer\PAR.rar Infected: Trojan.Win32.Agent.djki 1

Selected area has been scanned.

 

I have a question to go along with this. After the last Temp File Cleaning when the computer restarted it came up with a teatimer.exe message about a disk not being in drive E or something and the usual cancel, retry and something else choices. What is this and where did it come from and why?

Thanks again for all of your help.