Solved Control Panel Not Working

scorekeeper · 2010/06/16

[Resolved] Control Panel Not Working

Tried to run control panel but got something really strange.

I took a snapshot and you can see it at http://www.infosports.com/scorekeeper/images/cp.jpg

When I tried to run add/remove programs I got this error. http://www.infosports.com/scorekeeper/images/cp1.jpg

I told it to continue running the script and got more messages. http://www.infosports.com/scorekeeper/images/cp2.jpg

The same things seems to be happening when I try to run anything on that 1st list from the CP.

Any ideas?

////////////////////////////////////////

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 2000 Professional
Boot Device: \Device\Harddisk0\Partition1
Install Date:
System Uptime: 6/16/2010 12:36:27 AM (10 hours ago)

Motherboard: | | SiS-645-961B
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | Socket 478 | 2405/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 24 GiB total, 8.599 GiB free.
D: is FIXED (NTFS) - 33 GiB total, 19.171 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 8 GiB total, 3.456 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_A40810FD&REV_90\3&61AAA01&0&18
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_A40810FD&REV_90\3&61AAA01&0&18
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_1103&DEV_0004&SUBSYS_00011103&REV_05\3&61AAA01&0&78
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_1103&DEV_0004&SUBSYS_00011103&REV_05\3&61AAA01&0&78
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

ABE
ABE Setup
ABE Tutorial
Ad-Aware
Adobe Acrobat 4.0
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop 5.5
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.1.0
Adobe SVG Viewer 3.0
CC_ccProxyExt
ccCommon
ccPxyCore
CodeStuff Starter
Confidence Online(tm) for Web Applications
Connection Keep Alive
ESET Online Scanner v3
FinePrint pdfFactory
FTP Explorer
Google Earth
Google Toolbar for Internet Explorer
HiJackThis
Hijackthis 1.99.1
ieSupportManager
InstallShield Express Visual FoxPro Limited Edition
Interbase
Internet Explorer Q903235
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 20
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Lizard Safeguard - PDF Viewer 2.5.122
Logitech iTouch Software
Logitech MouseWare 9.71
Logitech Resource Center
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft DirectX Transform optional components
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Visual FoxPro 6.0
Microsoft Visual FoxPro 7.0 Professional - English
Microsoft Windows Journal Viewer
Microsoft XML Parser
Mozilla Firefox (3.6.3)
MSDN Library - July 2001
MSDN Library - Visual Studio 6.0a
MSRedist
Musicmatch® Jukebox
NETGEAR WG111 Software
Norton AntiSpam
Norton AntiVirus 2006
Norton Cleanup
Norton GoBack 4.1
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton SystemWorks
Norton SystemWorks 2006 Basic Edition
Norton SystemWorks 2006 Basic Edition (Symantec Corporation)
Norton Utilities
Norton WMI Update
NSW_DRM_COLLECTION
NTI CD-Maker 2000 Plus
OE-Mail Recovery 1.7
OmniFormat
PCI Audio Applications
PCI Audio Driver
Pdf995
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for DirectX 9 (KB941568)
Security Update for DirectX 9 (KB951698)
Security Update for DirectX 9.0 (KB971633)
Security Update for DirectX 9.0 (KB975560)
Security Update for DirectX 9.0 (KB975562)
Security Update for DirectX 9.0 (KB976138)
Security Update for DirectX 9.0b (KB961373)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft .NET Framework 2.0 (KB947746)
Security Update for Windows 2000 (KB904706)
Security Update for Windows 2000 (KB923689)
Security Update for Windows 2000 (KB941569)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB975025)
Security Update for Windows Media Player (KB977816)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 6.4 (KB954600)
Security Update for Windows Media Player 6.4 (KB974112)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Media Player 9 (KB973540)
SPBBC
SymNet
Update Rollup 1 for Windows 2000 SP4
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual FoxPro 7.0 Baseline - English
Visual FoxPro 7.0 Professional - English
WebFldrs
Windows 2000 Hotfix - KB834707
Windows 2000 Hotfix - KB842773
Windows 2000 Hotfix - KB867282
Windows 2000 Hotfix - KB883939
Windows 2000 Hotfix - KB887797
Windows 2000 Hotfix - KB889293
Windows 2000 Hotfix - KB890046
Windows 2000 Hotfix - KB890923
Windows 2000 Hotfix - KB893756
Windows 2000 Hotfix - KB894320
Windows 2000 Hotfix - KB896358
Windows 2000 Hotfix - KB896422
Windows 2000 Hotfix - KB896423
Windows 2000 Hotfix - KB896424
Windows 2000 Hotfix - KB896688
Windows 2000 Hotfix - KB896727
Windows 2000 Hotfix - KB897715
Windows 2000 Hotfix - KB899587
Windows 2000 Hotfix - KB899588
Windows 2000 Hotfix - KB899589
Windows 2000 Hotfix - KB900725
Windows 2000 Hotfix - KB901017
Windows 2000 Hotfix - KB901214
Windows 2000 Hotfix - KB902400
Windows 2000 Hotfix - KB905414
Windows 2000 Hotfix - KB905495
Windows 2000 Hotfix - KB905749
Windows 2000 Hotfix - KB905915
Windows 2000 Hotfix - KB908519
Windows 2000 Hotfix - KB908523
Windows 2000 Hotfix - KB908531
Windows 2000 Hotfix - KB911280
Windows 2000 Hotfix - KB911567
Windows 2000 Hotfix - KB912812
Windows 2000 Hotfix - KB912919
Windows 2000 Hotfix - KB913580
Windows 2000 Hotfix - KB914388
Windows 2000 Hotfix - KB914389
Windows 2000 Hotfix - KB916281
Windows 2000 Hotfix - KB917008
Windows 2000 Hotfix - KB917159
Windows 2000 Hotfix - KB917422
Windows 2000 Hotfix - KB917537
Windows 2000 Hotfix - KB917736
Windows 2000 Hotfix - KB917953
Windows 2000 Hotfix - KB918118
Windows 2000 Hotfix - KB918899
Windows 2000 Hotfix - KB920213
Windows 2000 Hotfix - KB920670
Windows 2000 Hotfix - KB920683
Windows 2000 Hotfix - KB920685
Windows 2000 Hotfix - KB920958
Windows 2000 Hotfix - KB921398
Windows 2000 Hotfix - KB921503
Windows 2000 Hotfix - KB921883
Windows 2000 Hotfix - KB922582
Windows 2000 Hotfix - KB922616
Windows 2000 Hotfix - KB922760
Windows 2000 Hotfix - KB923191
Windows 2000 Hotfix - KB923414
Windows 2000 Hotfix - KB923561
Windows 2000 Hotfix - KB923694
Windows 2000 Hotfix - KB923810
Windows 2000 Hotfix - KB923980
Windows 2000 Hotfix - KB924191
Windows 2000 Hotfix - KB924270
Windows 2000 Hotfix - KB924667
Windows 2000 Hotfix - KB925454
Windows 2000 Hotfix - KB925486
Windows 2000 Hotfix - KB925902
Windows 2000 Hotfix - KB926122
Windows 2000 Hotfix - KB926436
Windows 2000 Hotfix - KB927891
Windows 2000 Hotfix - KB928090
Windows 2000 Hotfix - KB928843
Windows 2000 Hotfix - KB929969
Windows 2000 Hotfix - KB930178
Windows 2000 Hotfix - KB931768
Windows 2000 Hotfix - KB931784
Windows 2000 Hotfix - KB932168
Windows 2000 Hotfix - KB933566
Windows 2000 Hotfix - KB933729
Windows 2000 Hotfix - KB935839
Windows 2000 Hotfix - KB935840
Windows 2000 Hotfix - KB936021
Windows 2000 Hotfix - KB937143
Windows 2000 Hotfix - KB937894
Windows 2000 Hotfix - KB938127
Windows 2000 Hotfix - KB938464
Windows 2000 Hotfix - KB938827
Windows 2000 Hotfix - KB938829
Windows 2000 Hotfix - KB939653
Windows 2000 Hotfix - KB941202
Windows 2000 Hotfix - KB941644
Windows 2000 Hotfix - KB941693
Windows 2000 Hotfix - KB942615
Windows 2000 Hotfix - KB943055
Windows 2000 Hotfix - KB943485
Windows 2000 Hotfix - KB944338
Windows 2000 Hotfix - KB944533
Windows 2000 Hotfix - KB945553
Windows 2000 Hotfix - KB947864
Windows 2000 Hotfix - KB948590
Windows 2000 Hotfix - KB948881
Windows 2000 Hotfix - KB950749
Windows 2000 Hotfix - KB950759
Windows 2000 Hotfix - KB950760
Windows 2000 Hotfix - KB950974
Windows 2000 Hotfix - KB951066
Windows 2000 Hotfix - KB951748
Windows 2000 Hotfix - KB951748-V2
Windows 2000 Hotfix - KB952004
Windows 2000 Hotfix - KB952954
Windows 2000 Hotfix - KB953838
Windows 2000 Hotfix - KB953839
Windows 2000 Hotfix - KB954211
Windows 2000 Hotfix - KB955069
Windows 2000 Hotfix - KB955759
Windows 2000 Hotfix - KB956390
Windows 2000 Hotfix - KB956391
Windows 2000 Hotfix - KB956802
Windows 2000 Hotfix - KB956844
Windows 2000 Hotfix - KB957095
Windows 2000 Hotfix - KB957097
Windows 2000 Hotfix - KB958215
Windows 2000 Hotfix - KB958470
Windows 2000 Hotfix - KB958644
Windows 2000 Hotfix - KB958687
Windows 2000 Hotfix - KB958690
Windows 2000 Hotfix - KB958869
Windows 2000 Hotfix - KB959426
Windows 2000 Hotfix - KB960225
Windows 2000 Hotfix - KB960714
Windows 2000 Hotfix - KB960715
Windows 2000 Hotfix - KB960803
Windows 2000 Hotfix - KB960859
Windows 2000 Hotfix - KB961371
Windows 2000 Hotfix - KB961371-V2
Windows 2000 Hotfix - KB961501
Windows 2000 Hotfix - KB963027
Windows 2000 Hotfix - KB967715
Windows 2000 Hotfix - KB968537
Windows 2000 Hotfix - KB969059
Windows 2000 Hotfix - KB969897
Windows 2000 Hotfix - KB969898
Windows 2000 Hotfix - KB969947
Windows 2000 Hotfix - KB970238
Windows 2000 Hotfix - KB971468
Windows 2000 Hotfix - KB971486
Windows 2000 Hotfix - KB971557
Windows 2000 Hotfix - KB971961
Windows 2000 Hotfix - KB972260
Windows 2000 Hotfix - KB972270
Windows 2000 Hotfix - KB973346
Windows 2000 Hotfix - KB973354
Windows 2000 Hotfix - KB973507
Windows 2000 Hotfix - KB973525
Windows 2000 Hotfix - KB973869
Windows 2000 Hotfix - KB973904
Windows 2000 Hotfix - KB974318
Windows 2000 Hotfix - KB974392
Windows 2000 Hotfix - KB974455
Windows 2000 Hotfix - KB974571
Windows 2000 Hotfix - KB976325
Windows 2000 Hotfix - KB976749
Windows 2000 Hotfix - KB977165
Windows 2000 Hotfix - KB977914
Windows 2000 Hotfix - KB978037
Windows 2000 Hotfix - KB978207
Windows 2000 Hotfix - KB978251
Windows 2000 Hotfix - KB978262
Windows 2000 Hotfix - KB978542
Windows 2000 Hotfix - KB978601
Windows 2000 Hotfix - KB978706
Windows 2000 Hotfix - KB979309
Windows 2000 Hotfix - KB979482
Windows 2000 Hotfix - KB979559
Windows 2000 Hotfix - KB979683
Windows 2000 Hotfix - KB980182
Windows 2000 Hotfix - KB980195
Windows 2000 Hotfix - KB980218
Windows 2000 Hotfix - KB980232
Windows 2000 Hotfix - KB981350
Windows 2000 Hotfix - KB982381
Windows 2000 Hotfix (SP5) Q818043
Windows Installer 3.1 (KB893803)
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows Media Player Hotfix [See Q828026 for more information]
Windows Media Player system update (9 Series)
WinPatrol
WinPatrol 2007 Restore/Remove First
WinZip
WLAN Cardbus
WordPerfect Office 2002 Professional
Yahoo! Toolbar

==== End Of File ===========================

DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 10:07:09.84 on Wed 06/16/2010
Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.511.188 [GMT -7:00]

============== Running Processes ===============

C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINNT\Mixer.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\2\fppdis1.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Internet Security 2006: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar4.dll
TB: Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_5_7_0.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\system32\browseui.dll
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [EM_EXEC] c:\progra~1\logitech\mousew~1\system\EM_EXEC.EXE
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe "
mRun: [C-Media Mixer] Mixer.exe /startup
mRun: [pdfFactory Dispatcher v1] c:\winnt\system32\spool\drivers\w32x86\2\fppdis1.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [SSC_UserPrompt] "c:\program files\common files\symantec shared\security center\UsrPrmpt.exe "
mRun: [SymTray - Norton SystemWorks] c:\program files\common files\symantec shared\Symtray.exe SetReg
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRunOnce: [SymTray - Norton SystemWorks] c:\program files\common files\symantec shared\Symtrdr.exe
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\smartw~1.lnk - c:\program files\netgear\wg111 configuration utility\WG111CFG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wlanca~1.lnk - c:\program files\802.11 wireless lan\wlan cardbus\RtlWake.exe
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - hxxp://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201320796428
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\q4k9xxk3.default\
FF - prefs.js: browser.startup.homepage - hxxps://mailguard.calweb.com/login.php?lang=en|http://www.infosports.com/scorekeep....php?f=2|http://www.whitehouse.gov/feed/blog/
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-4-27 64160]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-12-19 54968]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2007-11-4 192104]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2007-11-4 202344]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2007-11-4 169576]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\norton~1\norton~2\NPROTECT.EXE [2005-11-3 95832]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-11-4 1247600]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-7-6 101936]
R3 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.EXE [2007-11-4 139888]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090706.016\NAVENG.Sys [2009-7-6 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090706.016\NavEx15.Sys [2009-7-6 876144]
R3 openhci;Microsoft USB Open Host Controller Driver;c:\winnt\system32\drivers\openhci.sys [1999-12-7 24784]
R3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-12-19 337592]
R3 SiS300;SiS300;c:\winnt\system32\drivers\sis300p.sys [2002-12-27 52272]
R3 Winacpci;Winacpci;c:\winnt\system32\drivers\winacpci.sys [2002-12-26 602128]
S3 rtl8180;WLAN Cardbus/PCI Adapter;c:\winnt\system32\drivers\rtl8180.sys [2003-9-25 155152]
S3 s3legacy;s3legacy;c:\winnt\system32\drivers\s3legacy.sys [2002-12-23 65456]
S3 SAVScan;Symantec AVScan;c:\program files\norton internet security\norton antivirus\SAVScan.exe [2005-12-19 198416]

=============== Created Last 30 ================

2010-06-16 17:07:11 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_404.dat
2010-06-16 14:37:12 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_278.dat
2010-06-14 23:02:04 0 d-----w- c:\program files\OE-Mail Recovery
2010-06-13 15:21:17 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_288.dat
2010-06-12 17:47:56 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_ac4.dat
2010-06-11 18:38:45 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_314.dat
2010-06-11 18:38:43 0 d-----w- c:\program files\ESET
2010-06-11 16:44:04 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_26c.dat
2010-06-10 00:33:39 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-06-10 00:33:32 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-10 00:33:30 19288 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-10 00:33:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-06-10 00:33:29 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-09 19:14:42 0 d-----w- c:\program files\Trend Micro
2010-06-08 14:13:34 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_298.dat

==================== Find3M ====================

2010-06-03 23:23:12 8896 ----a-w- c:\winnt\hh.dat
2010-05-03 08:17:20 1650448 ----a-w- c:\winnt\system32\WIN32K.SYS
2010-04-14 23:17:14 576512 ----a-w- c:\winnt\system32\WININET.DLL
2010-04-13 01:12:48 291920 ----a-w- c:\winnt\system32\atmfd.dll
2010-04-13 00:29:19 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2002-12-23 22:46:32 271 ---h--w- c:\program files\desktop.ini
2002-12-23 22:46:32 21952 ---h--w- c:\program files\folder.htt
2001-11-23 04:08:20 712704 ----a-w- c:\winnt\inf\other\audio3d.dll
1999-12-07 12:00:00 32528 ----a-w- c:\winnt\inf\wbfirdma.sys

============= FINISH: 10:07:31.01 ===============

broni · 2010/06/16

STEP 1. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

RESTART COMPUTER

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

scorekeeper · 2010/06/17

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.0.2195 Service Pack 4
Internet Explorer 6.0.2800.1106

6/17/2010 8:16:21 AM
mbam-log-2010-06-17 (08-16-21).txt

Scan type: Quick scan
Objects scanned: 96372
Time elapsed: 7 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

scorekeeper · 2010/06/17

GMER rand and I got a message that it dectected previous gmer activity in a modification.

///////////////////////////

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-17 08:55:47
Windows 5.0.2195 Service Pack 4
Running: yd3tetvy.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwdyqkob.sys

---- System - GMER 1.0.15 ----

SSDT 81CBA9C8 ZwAlertResumeThread
SSDT 81CB9C48 ZwAlertThread
SSDT 81CA3FA8 ZwAllocateVirtualMemory
SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwClose [0xBFE67A40]
SSDT 81CDA008 ZwConnectPort
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xBBAA9020]
SSDT 81CC9848 ZwCreateMutant
SSDT 81CA4188 ZwCreateThread
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xBBAA92A0]
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xBBAA9800]
SSDT 81CC9A28 ZwFreeVirtualMemory
SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwFsControlFile [0xBFE67AD0]
SSDT 81CB91A8 ZwImpersonateAnonymousToken
SSDT 81CBC4E8 ZwImpersonateThread
SSDT 81CC85C8 ZwMapViewOfSection
SSDT 81CB9708 ZwOpenEvent
SSDT 81CB34A8 ZwOpenProcessToken
SSDT 81CC0448 ZwOpenThreadToken
SSDT 81CA1EE8 ZwQueryValueKey
SSDT 81CA0F08 ZwResumeThread
SSDT 81CB58C8 ZwSetContextThread
SSDT 81CC0508 ZwSetInformationProcess
SSDT 81CC9288 ZwSetInformationThread
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xBBAA9A50]
SSDT 81CB7468 ZwSuspendThread
SSDT 81CB2A88 ZwTerminateProcess
SSDT 81CB9568 ZwTerminateThread
SSDT 81CB9BC8 ZwUnmapViewOfSection
SSDT 81CA3EE8 ZwWriteVirtualMemory

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExA] [732E78DE] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [732E78DE] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1100] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\Disk \Device\Harddisk0\DR0 GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation)

AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\Disk \Device\Harddisk1\DR1 GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)

---- Services - GMER 1.0.15 ----

Service C:\WINNT\system32\MSTask.exe? (*** hidden *** ) [AUTO] Schedule <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----

broni · 2010/06/17

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

scorekeeper · 2010/06/18

ComboFix 10-06-17.03 - Administrator 06/18/2010 12:31:28.3.1 - x86
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.511.118 [GMT -7:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\winnt\system32\win.com

.
((((((((((((((((((((((((( Files Created from 2010-05-18 to 2010-06-18 )))))))))))))))))))))))))))))))
.

2010-06-18 19:29 . 2010-06-18 19:29 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_400.dat
2010-06-18 13:58 . 2010-06-18 13:58 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_274.dat
2010-06-14 23:02 . 2010-06-14 23:02 -------- d-----w- c:\program files\OE-Mail Recovery
2010-06-13 15:21 . 2010-06-13 15:21 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_288.dat
2010-06-12 17:47 . 2010-06-12 17:47 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_ac4.dat
2010-06-11 20:58 . 2010-06-11 21:10 -------- d-----w- c:\winnt\BDOSCAN8
2010-06-11 18:38 . 2010-06-11 18:38 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_314.dat
2010-06-11 18:38 . 2010-06-11 18:38 -------- d-----w- c:\program files\ESET
2010-06-11 16:44 . 2010-06-11 16:44 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_26c.dat
2010-06-10 00:33 . 2010-06-10 00:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-06-10 00:33 . 2010-04-29 22:39 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-10 00:33 . 2010-06-10 00:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-10 00:33 . 2010-04-29 22:39 19288 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-10 00:33 . 2010-06-17 15:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-09 19:14 . 2010-06-09 19:14 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-09 19:14 . 2010-06-09 19:14 -------- d-----w- c:\program files\Trend Micro
2010-06-08 14:13 . 2010-06-08 14:13 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_298.dat
2010-05-26 17:34 . 2010-05-26 17:34 503808 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-35aee0ac-n\msvcp71.dll
2010-05-26 17:34 . 2010-05-26 17:34 499712 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-35aee0ac-n\jmc.dll
2010-05-26 17:34 . 2010-05-26 17:34 348160 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-35aee0ac-n\msvcr71.dll
2010-05-26 17:34 . 2010-05-26 17:34 61440 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-40f8df77-n\decora-sse.dll
2010-05-26 17:34 . 2010-05-26 17:34 12800 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-40f8df77-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-15 00:10 . 2002-12-26 08:46 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-06-14 19:05 . 2003-01-01 21:50 -------- d-----w- c:\program files\Norton SystemWorks
2010-06-14 19:00 . 2003-01-01 22:12 80440 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-05 19:23 . 2007-04-07 19:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-03 23:23 . 2006-12-26 01:14 8896 ----a-w- c:\winnt\hh.dat
2010-05-14 21:14 . 2010-05-14 21:14 503808 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1745013d-n\msvcp71.dll
2010-05-14 21:14 . 2010-05-14 21:14 499712 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1745013d-n\jmc.dll
2010-05-14 21:14 . 2010-05-14 21:14 348160 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1745013d-n\msvcr71.dll
2010-05-14 21:14 . 2010-05-14 21:14 61440 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5e8d7382-n\decora-sse.dll
2010-05-14 21:14 . 2010-05-14 21:14 12800 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5e8d7382-n\decora-d3d.dll
2010-05-14 21:14 . 2006-12-12 18:44 -------- d-----w- c:\program files\Common Files\Java
2010-05-14 21:13 . 2006-12-12 18:47 -------- d-----w- c:\program files\Java
2010-05-03 08:17 . 1999-12-07 12:00 1650448 ----a-w- c:\winnt\system32\WIN32K.SYS
2010-04-14 23:17 . 2010-04-14 23:17 576512 ----a-w- c:\winnt\system32\WININET.DLL
2010-04-13 01:12 . 2003-08-13 23:20 291920 ----a-w- c:\winnt\system32\atmfd.dll
2010-04-13 00:29 . 2010-05-14 21:14 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2010-03-27 23:08 . 2010-03-27 23:08 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-03-27 23:07 . 2010-03-27 23:07 79488 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-27 23:01 . 2010-03-27 23:01 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2002-12-23 22:46 . 2002-12-23 22:46 21952 ---h--w- c:\program files\folder.htt
.

------- Sigcheck -------

[-] 2003-06-19 19:05 . 8C718AA8C77041B3285D55A0CE980867 . 86672 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\atapi.sys
[-] 2003-06-19 19:05 . 8C718AA8C77041B3285D55A0CE980867 . 86672 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\atapi.sys

[-] 2003-06-19 19:05 . 5D3D77C9EB3A8E6A14CC8E1252B6CC5C . 17840 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\asyncmac.sys
[-] 2003-06-19 19:05 . 5D3D77C9EB3A8E6A14CC8E1252B6CC5C . 17840 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\asyncmac.sys

[-] 1999-12-07 12:00 . DF012C2853281CE2BF536E8DE871C8C1 . 4080 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\beep.sys
[-] 1999-12-07 12:00 . DF012C2853281CE2BF536E8DE871C8C1 . 4080 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\beep.sys

[-] 2003-06-19 20:05 . 399055F5C4A98F39B47D26888A72145D . 24528 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\kbdclass.sys
[-] 2003-06-19 20:05 . 399055F5C4A98F39B47D26888A72145D . 24528 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\kbdclass.sys
[-] 2003-06-19 19:05 . 399055F5C4A98F39B47D26888A72145D . 24528 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\kbdclass.sys

[-] 2003-06-19 19:05 . FB4F2D0595BD3546A4DD915E4A9B4809 . 170928 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\ndis.sys
[-] 2003-06-19 19:05 . FB4F2D0595BD3546A4DD915E4A9B4809 . 170928 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\ndis.sys

[-] 2005-05-10 09:20 . 7DC1F0F9BF87CA5CEE9A46C9A63DC1D3 . 513424 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\ntfs.sys
[-] 2005-05-10 09:20 . 7DC1F0F9BF87CA5CEE9A46C9A63DC1D3 . 513424 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\ntfs.sys
[-] 2003-06-19 19:05 . F6AB0E765D5B80443B93C52C42F2602A . 534192 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB820888$\ntfs.sys
[-] 2003-06-19 19:05 . F6AB0E765D5B80443B93C52C42F2602A . 534192 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\ntfs.sys
[-] 2003-06-04 23:11 . 04E06B3B098087D2D0DBAA56280DCAB2 . 514320 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\ntfs.sys

[-] 1999-12-07 12:00 . 280209CDE798720A24D232BF9CFDA8E9 . 2800 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\null.sys
[-] 1999-12-07 12:00 . 280209CDE798720A24D232BF9CFDA8E9 . 2800 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\null.sys

[-] 2005-04-08 11:54 . B4F3ECAAEBC715EDBEA44A28FDEDA851 . 71440 . . [ERROR: 0x0] . . c:\winnt\system32\browser.dll
[-] 2005-04-08 11:54 . B4F3ECAAEBC715EDBEA44A28FDEDA851 . 71440 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\browser.dll
[-] 2004-03-24 02:17 . 1B19559C80946E1FABF21859DB42CD54 . 69904 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\browser.dll
[-] 2003-06-19 19:05 . 38A6BC551496C24118BD1524425AF2FE . 68880 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\browser.dll
[-] 2003-06-19 19:05 . 38A6BC551496C24118BD1524425AF2FE . 68880 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\browser.dll

[-] 2004-12-19 22:30 . F19D0A319AB4BF5496F08807CB9B8651 . 33552 . . [ERROR: 0x0] . . c:\winnt\system32\LSASS.EXE
[-] 2004-12-19 22:30 . F19D0A319AB4BF5496F08807CB9B8651 . 33552 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\lsass.exe
[-] 2004-02-25 23:59 . 0C13D582EDAF90CBEA454A1AC535B913 . 33552 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\lsass.exe
[-] 2003-06-19 19:05 . 271229760CCED993E9E7CAB1C7274134 . 33552 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\lsass.exe
[-] 2003-06-19 19:05 . 271229760CCED993E9E7CAB1C7274134 . 33552 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\lsass.exe

[-] 2005-08-16 08:35 . 600104D606AB3E9B9AB36076E6261A05 . 100112 . . [ERROR: 0x0] . . c:\winnt\system32\netman.dll
[-] 2005-08-16 08:35 . 600104D606AB3E9B9AB36076E6261A05 . 100112 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\netman.dll
[-] 2003-06-19 19:05 . 648A07AB73E49EF547A48D240CD36125 . 95504 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB905414$\netman.dll
[-] 2003-06-19 19:05 . 648A07AB73E49EF547A48D240CD36125 . 95504 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\netman.dll

[-] 2004-10-05 17:43 . DCD38D8178BF1BEA585F2F003EE3460E . 362496 . . [ERROR: 0x0] . . c:\winnt\system32\qmgr.dll
[-] 2004-10-05 17:43 . DCD38D8178BF1BEA585F2F003EE3460E . 362496 . . [ERROR: 0x0] . . c:\winnt\system32\BITS\qmgr.dll
[-] 2004-10-05 17:43 . DCD38D8178BF1BEA585F2F003EE3460E . 362496 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\qmgr.dll
[-] 2003-06-19 19:05 . FE02334DB8598E2706A51A24DD33AB00 . 244224 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB842773$\qmgr.dll
[-] 2003-06-19 19:05 . FE02334DB8598E2706A51A24DD33AB00 . 244224 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\qmgr.dll

[-] 2005-09-05 08:18 . 037EBCF93DF5F0C31CCD2FF7E31E3BA5 . 212240 . . [ERROR: 0x0] . . c:\winnt\system32\rpcss.dll
[-] 2005-09-05 08:18 . 037EBCF93DF5F0C31CCD2FF7E31E3BA5 . 212240 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\rpcss.dll
[-] 2005-04-08 11:54 . 391AFA6F7FE9AA667B2C54DFAE2D0FBD . 273680 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 01:27 . 10789155522BE499A232AD2773AC1DF0 . 212240 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\rpcss.dll
[-] 2004-03-11 21:29 . 4A72D5DD3AAD4B967ABE12D2A3044B98 . 211728 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB873333$\rpcss.dll
[-] 2003-08-23 21:48 . EBF7D8A02D8A32926B19EA4C6AD4FE0E . 192272 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB828741$\rpcss.dll
[-] 2003-07-05 17:15 . F2096A09599496237540E3B5B571A9E0 . 188688 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB824146$\rpcss.dll
[-] 2003-06-19 19:05 . B49E4F60ED7E5918E44396768F9F02F2 . 239376 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB823980$\rpcss.dll
[-] 2003-06-19 19:05 . B49E4F60ED7E5918E44396768F9F02F2 . 239376 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\rpcss.dll

[-] 2005-04-08 11:51 . B861B4E6E9637EB76A40C10C552E0229 . 92944 . . [ERROR: 0x0] . . c:\winnt\system32\SERVICES.EXE
[-] 2005-04-08 11:51 . B861B4E6E9637EB76A40C10C552E0229 . 92944 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\services.exe
[-] 2003-06-19 19:05 . CFED2D28F5B8A24127E9E06043070643 . 89360 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\services.exe
[-] 2003-06-19 19:05 . CFED2D28F5B8A24127E9E06043070643 . 89360 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\services.exe

[-] 2005-07-12 04:59 . FACFB75ECC070103619FA044E0B210D3 . 47376 . . [ERROR: 0x0] . . c:\winnt\system32\spoolsv.exe
[-] 2005-07-12 04:59 . FACFB75ECC070103619FA044E0B210D3 . 47376 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\spoolsv.exe
[-] 2003-06-19 19:05 . 987DAF317B917CFC973DE8364D62A76C . 45328 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB896423$\spoolsv.exe
[-] 2003-06-19 19:05 . 987DAF317B917CFC973DE8364D62A76C . 45328 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\spoolsv.exe

[-] 2005-04-08 11:51 . BB1DAF6A5737652646D52665251A0265 . 186640 . . [ERROR: 0x0] . . c:\winnt\system32\WINLOGON.EXE
[-] 2005-04-08 11:51 . BB1DAF6A5737652646D52665251A0265 . 186640 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\WINLOGON.EXE
[-] 2004-08-24 22:59 . 5922E8055EB439A58EF29530D8567A40 . 182544 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB841533$\winlogon.exe
[-] 2004-08-24 22:59 . 5922E8055EB439A58EF29530D8567A40 . 182544 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\winlogon.exe
[-] 2004-03-11 02:37 . 563B3DE5B6EE842CFFA8813F9EF4CB5C . 181520 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB840987$\winlogon.exe
[-] 2003-06-19 19:05 . 3980C28D116D438BBB36FB38526FDE1A . 181008 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\winlogon.exe
[-] 2003-06-19 19:05 . 3980C28D116D438BBB36FB38526FDE1A . 181008 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\winlogon.exe

[-] 2006-08-28 08:44 . F4230CAA2B9166E5114441F6B7B2DC3F . 530192 . . [ERROR: 0x0] . . c:\winnt\system32\comctl32.dll
[-] 2006-08-28 08:44 . F4230CAA2B9166E5114441F6B7B2DC3F . 530192 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\comctl32.dll
[-] 2003-06-19 19:05 . 7A0C4F7B3FAF67A8FE4FE3A24BB39927 . 550672 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\comctl32.dll
[-] 2002-08-29 14:14 . 9EDC93CC795DFF919C6CD953912838A9 . 529680 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB923191$\comctl32.dll

[-] 2005-04-21 08:08 . 7D77D4AF905903AEDBEED9989857A9A5 . 78096 . . [ERROR: 0x0] . . c:\winnt\system32\cryptsvc.dll
[-] 2005-04-21 08:08 . 7D77D4AF905903AEDBEED9989857A9A5 . 78096 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\cryptsvc.dll
[-] 2004-03-24 02:17 . 644108E90CA7F628AA5650C31A2E74F5 . 76048 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\cryptsvc.dll
[-] 2003-06-19 19:05 . 385F52746FD8558D43999AEED250769A . 76048 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\cryptsvc.dll
[-] 2003-06-19 19:05 . 385F52746FD8558D43999AEED250769A . 76048 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\cryptsvc.dll

[-] 2008-07-10 10:00 . 019BD72A117C13DF44D6CA3B96A345D6 . 251152 . . [ERROR: 0x0] . . c:\winnt\system32\es.dll
[-] 2008-07-10 10:00 . 019BD72A117C13DF44D6CA3B96A345D6 . 251152 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\es.dll
[-] 2005-09-05 08:18 . D8D44D8ED1B35285A83984ACF5D13CB3 . 242448 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB950974$\es.dll
[-] 2004-03-11 21:29 . 0400F13BDEC0E1F04C1AD2002D5650A4 . 239888 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB902400$\es.dll
[-] 2003-06-19 19:05 . FACD7422F6FBC7CD3AEA3AFCB8382ECF . 233232 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB828741$\es.dll
[-] 2003-06-19 19:05 . FACD7422F6FBC7CD3AEA3AFCB8382ECF . 233232 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\es.dll

[-] 2003-06-19 19:05 . 873794CE17DD72420D9C4072D4D112E5 . 96528 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\imm32.dll
[-] 2003-06-19 19:05 . 873794CE17DD72420D9C4072D4D112E5 . 96528 . . [ERROR: 0x0] . . c:\winnt\system32\imm32.dll

[-] 2007-04-16 12:44 . 18D623471DE9DCC2CEA310B2F3FBA15A . 712976 . . [ERROR: 0x0] . . c:\winnt\Driver Cache\i386\kernel32.dll
[-] 2007-04-16 12:44 . 0AB23B46CCAEBA64D748A5CF79CB4BB6 . 712976 . . [ERROR: 0x0] . . c:\winnt\system32\KERNEL32.DLL
[-] 2007-04-16 12:44 . 18D623471DE9DCC2CEA310B2F3FBA15A . 712976 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\kernel32.dll
[-] 2006-06-21 06:52 . 84AE59F949F127A3D8D4F4A09D0CE0BD . 712976 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB935839$\kernel32.dll
[-] 2005-08-16 09:39 . 694E9BC2ADE4F30C99D8A59340307E1A . 712464 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB917422$\kernel32.dll
[-] 2004-06-22 01:35 . CBFC72131FB475249DB3667239F3F4EA . 712464 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB891711$\kernel32.dll
[-] 2004-06-17 23:05 . 276ABD5DD2053008C6C327C590DD806D . 712464 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB841533$\kernel32.dll
[-] 2004-06-17 23:05 . 276ABD5DD2053008C6C327C590DD806D . 712464 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\kernel32.dll
[-] 2004-03-24 02:17 . 5E9BB22C56919870FC80444E655F8AF6 . 742160 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB840987$\kernel32.dll
[-] 2003-06-19 19:05 . AFFDA6F602A8F0DBA615279C28B3BDF8 . 743184 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\kernel32.dll
[-] 2003-06-19 19:05 . 1E93BDAAE187253D18711DA5C210474A . 743184 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\kernel32.dll

[-] 2005-09-23 11:03 . EB0EA3EF05D648455D691348C819E479 . 17680 . . [ERROR: 0x0] . . c:\winnt\system32\linkinfo.dll
[-] 2005-09-23 11:03 . EB0EA3EF05D648455D691348C819E479 . 17680 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\linkinfo.dll
[-] 2005-04-08 11:54 . 4EDE648460D79405487672EFF49805F6 . 17168 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB900725$\linkinfo.dll
[-] 2004-09-02 20:03 . 814222ED1C5C31B135B6F97585FE6B41 . 17168 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\linkinfo.dll
[-] 1999-12-07 12:00 . A5977BF56A537AFDF2464F1314C315CF . 16144 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB841356$\linkinfo.dll

[-] 2003-06-19 19:05 . EF290209052ED43DDFDB8F0E74EC79EF . 20240 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\lpk.dll
[-] 2003-06-19 19:05 . EF290209052ED43DDFDB8F0E74EC79EF . 20240 . . [ERROR: 0x0] . . c:\winnt\system32\lpk.dll

[-] 2003-06-19 19:05 . BA7BE6F92680B28B9031170659FD222D . 286773 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\msvcrt.dll
[-] 2003-06-19 19:05 . BA7BE6F92680B28B9031170659FD222D . 286773 . . [ERROR: 0x0] . . c:\winnt\system32\msvcrt.dll

[-] 2005-04-08 11:54 . BE8FC3C74AB5212CD4067E8973764AD6 . 366864 . . [ERROR: 0x0] . . c:\winnt\system32\NETLOGON.DLL
[-] 2005-04-08 11:54 . BE8FC3C74AB5212CD4067E8973764AD6 . 366864 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\NETLOGON.DLL
[-] 2004-03-24 02:17 . 21537BC1F1AB7667A3828B2344E6D4BA . 371472 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\netlogon.dll
[-] 2003-06-19 19:05 . 11B91C26925F56F577089FF88AA0BEC0 . 371984 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\netlogon.dll
[-] 2003-06-19 19:05 . 11B91C26925F56F577089FF88AA0BEC0 . 371984 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\netlogon.dll

[-] 2003-06-19 19:05 . 0A35F356726069B95F4BB2A99203FDD4 . 13584 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\powrprof.dll
[-] 2003-06-19 19:05 . 0A35F356726069B95F4BB2A99203FDD4 . 13584 . . [ERROR: 0x0] . . c:\winnt\system32\powrprof.dll

[-] 2005-01-12 19:39 . 6FCCE1622E75C7DC46509F7EC4B314A3 . 114448 . . [ERROR: 0x0] . . c:\winnt\system32\scecli.dll
[-] 2005-01-12 19:39 . 6FCCE1622E75C7DC46509F7EC4B314A3 . 114448 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\scecli.dll
[-] 2004-03-24 02:17 . 0B476C9305098B37BE70F0AC29E671E5 . 111376 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\scecli.dll
[-] 2003-06-19 19:05 . FF11B32A906D75CD96957B66E318DAD0 . 114448 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\scecli.dll
[-] 2003-06-19 19:05 . FF11B32A906D75CD96957B66E318DAD0 . 114448 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\scecli.dll

[-] 1999-12-07 12:00 . 9E64AD53CFD9DA2D22E8A924F8C6E62C . 7952 . . [ERROR: 0x0] . . c:\winnt\system32\svchost.exe
[-] 1999-12-07 12:00 . 9E64AD53CFD9DA2D22E8A924F8C6E62C . 7952 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\svchost.exe

[-] 2005-07-02 11:30 . E1086008E7BCE8621F09E6F13B89CC31 . 175888 . . [ERROR: 0x0] . . c:\winnt\system32\tapisrv.dll
[-] 2005-07-02 11:30 . E1086008E7BCE8621F09E6F13B89CC31 . 175888 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\tapisrv.dll
[-] 2003-06-19 19:05 . 83C78929A8DB0AA545B5F90A4786783C . 173328 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB893756$\tapisrv.dll
[-] 2003-06-19 19:05 . 83C78929A8DB0AA545B5F90A4786783C . 173328 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\tapisrv.dll

[-] 2007-03-06 11:17 . 40023A7103796B1AF6CA41A6DBC54775 . 381200 . . [ERROR: 0x0] . . c:\winnt\system32\USER32.DLL
[-] 2007-03-06 11:17 . 40023A7103796B1AF6CA41A6DBC54775 . 381200 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\USER32.DLL
[-] 2005-04-21 08:08 . 63A7731CF4BA8565B9F07908FAC05C3B . 419600 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB925902$\user32.dll
[-] 2005-03-12 07:54 . 05CB047C49480A2157911B0A1C7E4C10 . 380688 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\user32.dll
[-] 2004-12-29 09:14 . 6CDD0DEAC5BBF7BA47D52E237FFDAE43 . 380688 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB890859$\user32.dll
[-] 2004-03-24 02:17 . 6AE59F325971F7D151A50A4E00E04DC0 . 403216 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB891711$\user32.dll
[-] 2003-06-19 19:05 . 11ED538DB87D8CF38017A63A82AA805D . 403216 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\user32.dll
[-] 2003-06-19 19:05 . 11ED538DB87D8CF38017A63A82AA805D . 403216 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\user32.dll

[-] 2003-06-19 19:05 . BF179C5B8A722CC79AEF1CA90D6C7D48 . 17680 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\userinit.exe
[-] 2003-06-19 19:05 . BF179C5B8A722CC79AEF1CA90D6C7D48 . 17680 . . [ERROR: 0x0] . . c:\winnt\system32\USERINIT.EXE

[-] 2003-06-19 19:05 . 0190C62DE42396D78DB9BE771CF2403E . 69904 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\ws2_32.dll
[-] 2003-06-19 19:05 . 0190C62DE42396D78DB9BE771CF2403E . 69904 . . [ERROR: 0x0] . . c:\winnt\system32\ws2_32.dll
[-] 2003-06-19 19:05 . 0190C62DE42396D78DB9BE771CF2403E . 69904 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\ws2_32.dll

[-] 1999-12-07 12:00 . 28336B1300EC048124197091354251B6 . 18192 . . [ERROR: 0x0] . . c:\winnt\system32\ws2help.dll
[-] 1999-12-07 12:00 . 28336B1300EC048124197091354251B6 . 18192 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\ws2help.dll

[-] 2003-06-19 19:05 . 59CF2B7DCED9111F48F51B4B570E672D . 243472 . . [ERROR: 0x0] . . c:\winnt\explorer.exe
[-] 2003-06-19 19:05 . 59CF2B7DCED9111F48F51B4B570E672D . 243472 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\explorer.exe

[-] 2005-04-08 11:54 . E7F03344AE103B02135C20112B557051 . 49424 . . [ERROR: 0x0] . . c:\winnt\system32\EVENTLOG.DLL
[-] 2005-04-08 11:54 . E7F03344AE103B02135C20112B557051 . 49424 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\EVENTLOG.DLL
[-] 2004-03-24 02:17 . CEB85BFA135CBDDA10C89E5D31D95F9B . 47888 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\eventlog.dll
[-] 2003-06-19 19:05 . 5738D5804F61A1D30D86FA24DEE56E0C . 47888 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\eventlog.dll
[-] 2003-06-19 19:05 . 5738D5804F61A1D30D86FA24DEE56E0C . 47888 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\eventlog.dll

[-] 2005-04-08 10:34 . 7645645BB506C26B96B8F31893378C4B . 973072 . . [ERROR: 0x0] . . c:\winnt\system32\sfcfiles.dll
[-] 2005-04-08 10:34 . 7645645BB506C26B96B8F31893378C4B . 973072 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\sfcfiles.dll
[-] 2004-03-24 02:17 . 33D82938C20BA61E4EDB6DA85829BF23 . 971536 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\sfcfiles.dll
[-] 2003-06-19 19:05 . A871E77694E9146B3C655A734B1ECF46 . 971024 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB835732$\sfcfiles.dll
[-] 2003-06-19 19:05 . A871E77694E9146B3C655A734B1ECF46 . 971024 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\sfcfiles.dll

[-] 2003-06-19 19:05 . 9C2A16951FD6A21AEF1C29F213A564B2 . 120592 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\appmgmts.dll
[-] 2003-06-19 19:05 . 9C2A16951FD6A21AEF1C29F213A564B2 . 120592 . . [ERROR: 0x0] . . c:\winnt\system32\appmgmts.dll

[-] 2003-06-19 19:05 . 4B10B4DB777EE2EF8E755E7F3D7C4FE8 . 11536 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\acpiec.sys
[-] 2003-06-19 19:05 . 4B10B4DB777EE2EF8E755E7F3D7C4FE8 . 11536 . . [ERROR: 0x0] . . c:\winnt\system32\drivers\acpiec.sys

[-] 2006-11-02 17:31 . 6CE82AC80967541ED3787B62B2242271 . 927504 . . [ERROR: 0x0] . . c:\winnt\system32\MFC40U.DLL
[-] 2006-11-02 17:31 . 6CE82AC80967541ED3787B62B2242271 . 927504 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\mfc40u.dll
[-] 1999-12-07 12:00 . CDDD1A27861C406D1B3906A2B2C60CE3 . 924432 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB924667$\mfc40u.dll

[-] 2005-04-08 11:54 . 4B6E4C650721D2A51B8F51B7E5787552 . 35600 . . [ERROR: 0x0] . . c:\winnt\system32\MSGSVC.DLL
[-] 2005-04-08 11:54 . 4B6E4C650721D2A51B8F51B7E5787552 . 35600 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\msgsvc.dll
[-] 2003-10-02 21:17 . B6C0EECE00ACE0379C0F75274E89E47F . 34064 . . [ERROR: 0x0] . . c:\winnt\$NtUpdateRollupPackUninstall$\msgsvc.dll
[-] 2003-06-19 19:05 . C470CF2972A6DF2214764DA2FE8B768F . 35600 . . [ERROR: 0x0] . . c:\winnt\$NtUninstallKB828035$\msgsvc.dll
[-] 2003-06-19 19:05 . C470CF2972A6DF2214764DA2FE8B768F . 35600 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\msgsvc.dll

[-] 2002-11-27 02:03 . 36678803A8030EE9A771935CFC1848BD . 52224 . . [ERROR: 0x0] . . c:\winnt\system32\mspmsnsv.dll

[-] 2003-06-19 19:05 . 56D893A01269008C28FBF2D025B2FA78 . 401168 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\ntmssvc.dll
[-] 2003-06-19 19:05 . 56D893A01269008C28FBF2D025B2FA78 . 401168 . . [ERROR: 0x0] . . c:\winnt\system32\ntmssvc.dll

[-] 2004-07-09 12:27 . 5BFA0676E082D4DD2CC0B376BB6210A9 . 363520 . . [ERROR: 0x0] . . c:\winnt\system32\dsound.dll
[-] 2004-07-09 12:27 . 5BFA0676E082D4DD2CC0B376BB6210A9 . 363520 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\dsound.dll

[-] 2004-07-09 12:27 . 3120F6D2AB10CDF242EDE54052A8BE47 . 1689600 . . [ERROR: 0x0] . . c:\winnt\system32\d3d9.dll

[-] 2004-07-09 12:27 . 9D9B4A7F83F1240F15876F45F5757887 . 265728 . . [ERROR: 0x0] . . c:\winnt\system32\ddraw.dll
[-] 2001-10-30 16:10 . 137B2496CBDD56225087B2F1C545CC42 . 252416 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\ddraw.dll

[-] 2003-06-19 19:05 . 6A8E009F98DD75553066C17B43AFB0A5 . 164112 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\olepro32.dll
[-] 2003-06-19 19:05 . 6A8E009F98DD75553066C17B43AFB0A5 . 164112 . . [ERROR: 0x0] . . c:\winnt\system32\OLEPRO32.DLL
[-] 2003-06-19 19:05 . 6A8E009F98DD75553066C17B43AFB0A5 . 164112 . . [ERROR: 0x0] . . c:\winnt\system32\dllcache\olepro32.dll

[-] 2003-06-19 19:05 . B5AA069B3DFD6F4F28E09EA1B83BF782 . 42256 . . [ERROR: 0x0] . . c:\winnt\ServicePackFiles\i386\perfctrs.dll
[-] 2003-06-19 19:05 . B5AA069B3DFD6F4F28E09EA1B83BF782 . 42256 . . [ERROR: 0x0] . . c:\winnt\system32\PERFCTRS.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager "= "mobsync.exe" [2003-06-19 111376]
"zBrowser Launcher "= "c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"EM_EXEC "= "c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 28672]
"MMTray "= "c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 135168]
"C-Media Mixer "= "Mixer.exe" [2002-10-16 1818624]
"pdfFactory Dispatcher v1 "= "c:\winnt\System32\spool\DRIVERS\W32X86\2\fppdis1.exe" [2002-06-12 352256]
"ccApp "= "c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-23 52840]
"SSC_UserPrompt "= "c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-02 218240]
"SymTray - Norton SystemWorks "= "c:\program files\Common Files\Symantec Shared\Symtray.exe" [2005-11-29 116392]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop "= "c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2003-06-19 186640]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-12-27 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Smart Wizard Wireless Settings.lnk - c:\program files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe [2005-7-16 1056864]
WLAN Cardbus.lnk - c:\program files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe [2003-12-26 716800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@= "Service "

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [4/27/2009 2:15 PM 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 2:34 PM 1029456]
R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~1\NORTON~2\NPROTECT.EXE [11/3/2005 5:08 PM 95832]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [7/6/2009 11:40 AM 101936]
R3 openhci;Microsoft USB Open Host Controller Driver;c:\winnt\system32\drivers\openhci.sys [12/7/1999 5:00 AM 24784]
R3 SiS300;SiS300;c:\winnt\system32\drivers\sis300p.sys [12/27/2002 1:36 AM 52272]
R3 Winacpci;Winacpci;c:\winnt\system32\drivers\winacpci.sys [12/26/2002 1:08 AM 602128]
S3 rtl8180;WLAN Cardbus/PCI Adapter;c:\winnt\system32\drivers\rtl8180.sys [9/25/2003 1:02 PM 155152]
S3 s3legacy;s3legacy;c:\winnt\system32\drivers\s3legacy.sys [12/23/2002 11:44 AM 65456]
.
Contents of the 'Scheduled Tasks' folder

2010-06-15 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 22:16]

2010-06-18 c:\winnt\Tasks\Norton AntiVirus - Run Full System Scan - Administrator.job
- c:\progra~1\NORTON~2\NORTON~1\Navw32.exe [2007-11-05 20:13]

2006-07-15 c:\winnt\Tasks\Norton AntiVirus - Run Norton QuickScan - Administrator.job
- c:\progra~1\NORTON~2\NORTON~1\Navw32.exe [2007-11-05 20:13]

2010-06-14 c:\winnt\Tasks\Norton SystemWorks One Button Checkup.job
- c:\program files\Norton SystemWorks\OBC.exe [2005-11-29 18:47]

2010-06-13 c:\winnt\Tasks\Symantec Drmc.job
- c:\program files\Common Files\Symantec Shared\SymDrmc.exe [2005-10-27 02:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
LSP: %SystemRoot%\system32\msafd.dll
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\
FF - prefs.js: browser.startup.homepage - hxxps://mailguard.calweb.com/login.php?lang=en|http://www.infosports.com/scorekeep....php?f=2|http://www.whitehouse.gov/feed/blog/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-18 12:54
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(216)
c:\winnt\system32\wzcdlg.dll
c:\winnt\system32\WZCSAPI.DLL
.
Completion time: 2010-06-18 12:58:31
ComboFix-quarantined-files.txt 2010-06-18 19:58

Pre-Run: 10,906,583,040 bytes free
Post-Run: 12,784,836,608 bytes free

- - End Of File - - 0AE5C1E06B97810D955728D4DFFF45AC

broni · 2010/06/18

Please, delete your GMER file, download fresh one, run it and post fresh log.

scorekeeper · 2010/06/19

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-19 08:50:14
Windows 5.0.2195 Service Pack 4
Running: 9rn22rof.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwdyqkob.sys

---- System - GMER 1.0.15 ----

SSDT 81CB2C88 ZwAlertResumeThread
SSDT 81CBA548 ZwAlertThread
SSDT 81CB3FA8 ZwAllocateVirtualMemory
SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwClose [0xBFE67A40]
SSDT 81D241E8 ZwConnectPort
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xBBAA9020]
SSDT 81CB1EE8 ZwCreateMutant
SSDT 81CB3DC8 ZwCreateThread
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xBBAA92A0]
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xBBAA9800]
SSDT 81CB42C8 ZwFreeVirtualMemory
SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwFsControlFile [0xBFE67AD0]
SSDT 81CB25C8 ZwImpersonateAnonymousToken
SSDT 81CB6C88 ZwImpersonateThread
SSDT 81CB44E8 ZwMapViewOfSection
SSDT 81CB2E88 ZwOpenEvent
SSDT 81CA05C8 ZwOpenProcessToken
SSDT 81CB4808 ZwOpenThreadToken
SSDT 81CB2EE8 ZwQueryValueKey
SSDT 81CC6FC8 ZwResumeThread
SSDT 81CA0C08 ZwSetContextThread
SSDT 81CB48C8 ZwSetInformationProcess
SSDT 81CB62A8 ZwSetInformationThread
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xBBAA9A50]
SSDT 81CB5928 ZwSuspendThread
SSDT 81CA0328 ZwTerminateProcess
SSDT 81CB33A8 ZwTerminateThread
SSDT 81CA08A8 ZwUnmapViewOfSection
SSDT 81CB3EE8 ZwWriteVirtualMemory

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\Explorer.EXE [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExA] [732E78DE] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [4AD84AE3] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [4AD84C9A] C:\WINNT\AppPatch\AcLayers.DLL (Windows 2000 Shim Accessory DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryW] [732E786F] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [732E7955] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [732E78DE] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!LoadLibraryA] [732E7800] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!FreeLibrary] [732E7A04] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINNT\Explorer.EXE[1460] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!GetProcAddress] [732E771E] C:\WINNT\system32\shim.dll (Shim Engine DLL/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\Disk \Device\Harddisk0\DR0 GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation)

AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\Disk \Device\Harddisk1\DR1 GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)

---- Services - GMER 1.0.15 ----

Service C:\WINNT\system32\MSTask.exe? (*** hidden *** ) [AUTO] Schedule <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----

broni · 2010/06/19

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

scorekeeper · 2010/06/19

OTL logfile created on: 6/19/2010 12:01:11 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 278.00 Mb Available Physical Memory | 54.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 11.81 Gb Free Space | 48.39% Space Free | Partition Type: NTFS
Drive D: | 32.85 Gb Total Space | 19.20 Gb Free Space | 58.46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 7.81 Gb Total Space | 3.46 Gb Free Space | 44.28% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACKS-MACHINE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/03/01 15:16:23 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/22 22:19:26 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/01/17 14:03:06 | 000,135,168 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2005/11/29 11:50:06 | 000,116,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymTray.exe
PRC - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
PRC - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
PRC - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe
PRC - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2004/06/05 15:10:08 | 001,056,864 | ---- | M] () -- C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
PRC - [2004/03/18 10:33:26 | 000,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
PRC - [2003/06/19 12:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\WinMgmt.exe
PRC - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/01/23 18:08:46 | 000,716,800 | ---- | M] () -- C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINNT\mixer.exe
PRC - [2002/07/09 10:50:00 | 000,028,672 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2002/06/12 00:17:40 | 000,352,256 | ---- | M] (FinePrint Software, LLC) -- C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe
PRC - [1999/03/17 22:38:10 | 008,798,260 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE

========== Modules (SafeList) ==========

MOD - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2007/01/22 22:25:58 | 000,377,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCL40.DLL
MOD - [2005/11/14 08:24:04 | 000,607,920 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\ShellExt.dll
MOD - [2005/09/23 18:38:24 | 000,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2004/03/18 10:26:50 | 000,004,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\itchhk.dll
MOD - [2004/03/18 10:26:48 | 000,114,688 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2004/03/18 10:26:12 | 000,005,120 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\KbdHook.dll
MOD - [2003/06/19 12:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 12:05:04 | 000,021,776 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wsock32.dll
MOD - [2003/06/19 12:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll
MOD - [2003/03/18 22:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msvcp71.dll
MOD - [2003/02/21 06:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\Msvcr71.dll
MOD - [2002/07/09 10:50:00 | 000,024,576 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL
MOD - [1999/12/07 05:00:00 | 000,011,536 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\netrap.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/05/23 13:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/01/16 12:25:28 | 000,045,696 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/05/15 18:24:33 | 002,086,592 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/02/03 18:29:36 | 000,072,328 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/12/19 20:41:56 | 000,198,416 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe -- (GBPoll)
SRV - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -- (Speed Disk service)
SRV - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\WinMgmt.exe -- (WinMgmt)
SRV - [2003/06/19 12:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 12:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\FAXSVC.EXE -- (Fax)
SRV - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 12:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [2000/06/23 06:00:00 | 001,702,400 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibserver.exe -- (InterBaseServer)
SRV - [2000/06/23 06:00:00 | 000,022,016 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibguard.exe -- (InterBaseGuardian)

========== Driver Services (SafeList) ==========

DRV - [2009/04/27 14:14:22 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/04/15 13:04:26 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/04/15 13:04:26 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/04/15 13:04:26 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVENG.SYS -- (NAVENG)
DRV - [2009/02/25 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2009/01/06 11:44:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/10/02 23:55:42 | 000,158,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20071031.003\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2007/10/01 15:49:26 | 000,189,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINNT\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/01 15:49:20 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/01 15:49:16 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/01 15:49:10 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/10/01 15:49:04 | 000,098,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/01 15:48:56 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/04/09 21:44:52 | 000,391,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/12/15 12:17:13 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2006/07/07 18:47:23 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/19 20:41:58 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/12/19 20:41:56 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/11/14 08:24:04 | 000,117,760 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GoBack2k.sys -- (GoBack2K)
DRV - [2005/11/14 08:24:04 | 000,015,360 | R--- | M] (Symantec Corporation) [File_System | Auto | Stopped] -- C:\WINNT\system32\drivers\GBFSHook.sys -- (GBFSHook)
DRV - [2005/11/14 08:24:04 | 000,005,632 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GBDevice.sys -- (GBDevice)
DRV - [2005/11/03 16:56:04 | 000,081,748 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2005/11/03 16:43:42 | 000,090,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\SdDriver.SYS -- (SDdriver)
DRV - [2005/02/06 12:32:16 | 000,058,000 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdr4_2K.sys -- (Cdr4_2K)
DRV - [2005/02/06 12:32:16 | 000,023,420 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2004/07/09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/06/04 13:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/05/20 09:46:42 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINNT\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/05/20 09:46:38 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/10 14:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\itchfltr.sys -- (itchfltr)
DRV - [2003/06/19 12:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 12:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 12:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 12:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 12:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003/06/19 12:05:04 | 000,009,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/06/19 12:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 12:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2003/01/28 17:41:26 | 000,155,152 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rtl8180.sys -- (rtl8180)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2002/08/14 16:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/09 02:50:00 | 000,070,382 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lmouflt2.sys -- (lmouflt2)
DRV - [2002/07/09 02:50:00 | 000,050,862 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\L8042pr2.sys -- (l8042pr2)
DRV - [2002/07/09 02:50:00 | 000,006,030 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lkbdflt2.sys -- (lkbdflt2)
DRV - [2002/03/26 13:43:34 | 000,006,016 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [1999/12/07 05:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [1999/12/07 05:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [1999/10/29 16:28:02 | 000,052,272 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\sis300p.sys -- (SiS300)
DRV - [1999/09/25 03:37:28 | 000,065,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\s3legacy.sys -- (s3legacy)
DRV - [1999/09/25 00:55:30 | 000,602,128 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\winacpci.sys -- (Winacpci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://mailguard.calweb.com/login.php?lang=en|http://www.infosports.com/scorekeeper|http://www.baseball-fever.com/forumdisplay.php?f=53|http://www.infosports.com/forum/viewforum.php?f=2|http://www.whitehouse.gov/feed/blog/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..network.proxy.no_proxies_on: "localhost "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/15 14:13:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/14 14:14:25 | 000,000,000 | ---D | M]

[2008/08/26 11:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions
[2010/06/13 18:31:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/14 14:14:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/06/18 12:54:33 | 000,000,027 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINNT\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [pdfFactory Dispatcher v1] C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKLM..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe (Symantec Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKLM..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe (Symantec Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WLAN Cardbus.lnk = C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (Symantec SmartIssue)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201320796428 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/23 15:47:14 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/02/13 09:27:08 | 000,000,107 | ---- | M] () - F:\AUTOEXEC.NS0 -- [ FAT32 ]
O32 - AutoRun File - [2002/02/13 10:06:08 | 000,000,107 | ---- | M] () - F:\AutoExec.bat -- [ FAT32 ]
O32 - AutoRun File - [2003/08/14 16:21:16 | 000,000,000 | ---D | M] - F:\AUTOTRONICS -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - C:\WINNT\system32\ias [2003/08/13 16:21:18 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found
SystemRestore not available.

========== Files/Folders - Created Within 90 Days ==========

[2010/06/18 12:58:33 | 000,000,000 | ---D | C] -- C:\WINNT\temp
[2010/06/18 12:29:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINNT\SWXCACLS.exe
[2010/06/18 12:29:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINNT\SWREG.exe
[2010/06/18 12:29:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINNT\SWSC.exe
[2010/06/18 12:29:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINNT\NIRCMD.exe
[2010/06/18 12:29:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/14 16:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\OE-Mail Recovery
[2010/06/12 08:16:52 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 13:58:07 | 000,000,000 | ---D | C] -- C:\WINNT\BDOSCAN8
[2010/06/11 11:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/10 11:21:36 | 000,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2010/06/09 17:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/06/09 17:33:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/06/09 17:33:30 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/06/09 17:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/09 17:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/09 12:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/14 14:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/02 13:37:42 | 000,000,000 | ---D | C] -- C:\Scorekeeping For Dummies

========== Files - Modified Within 90 Days ==========

[2010/06/19 12:01:17 | 003,784,704 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/19 08:55:55 | 000,000,051 | ---- | M] () -- C:\WINNT\iTouch.ini
[2010/06/19 08:54:57 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/06/19 08:54:49 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_274.dat
[2010/06/19 08:53:15 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/18 12:58:33 | 000,000,564 | ---- | M] () -- C:\WINNT\tasks\Norton AntiVirus - Run Full System Scan - Administrator.job
[2010/06/18 12:54:50 | 000,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2010/06/18 12:54:33 | 000,000,027 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts
[2010/06/18 12:26:39 | 003,714,766 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/16 07:43:56 | 000,002,446 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/15 17:02:34 | 004,386,326 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:45 | 001,871,931 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\tasks\Ad-Aware Update (Weekly).job
[2010/06/14 16:02:06 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/14 12:05:52 | 000,000,308 | ---- | M] () -- C:\WINNT\tasks\Norton SystemWorks One Button Checkup.job
[2010/06/14 12:00:02 | 000,080,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/13 18:14:36 | 000,098,304 | ---- | M] () -- C:\WINNT\System32\dfrg.msc
[2010/06/13 11:04:38 | 000,029,478 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/13 08:20:53 | 000,287,704 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/13 00:00:00 | 000,000,324 | ---- | M] () -- C:\WINNT\tasks\Symantec Drmc.job
[2010/06/12 10:47:56 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 15:07:37 | 000,001,410 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/11 11:38:45 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/09 12:15:14 | 000,002,394 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/06/08 07:13:34 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/06/07 15:28:30 | 000,348,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\obr2010.doc
[2010/06/04 13:59:55 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Pitching.lnk
[2010/06/04 13:54:23 | 000,054,156 | -H-- | M] () -- C:\WINNT\QTFont.qfn
[2010/06/04 11:24:27 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Combined.lnk
[2010/06/04 11:16:11 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2010.lnk
[2010/06/03 16:23:12 | 000,008,896 | ---- | M] () -- C:\WINNT\hh.dat
[2010/06/02 16:01:55 | 000,001,411 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV.lnk
[2010/06/01 09:55:37 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Batting.lnk
[2010/05/30 16:57:32 | 000,001,359 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\All Games.lnk
[2010/05/30 08:29:52 | 000,000,420 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Cbatting.lnk
[2010/05/30 08:25:29 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CPitching.lnk
[2010/05/22 12:43:37 | 000,001,309 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/05/20 16:30:56 | 000,000,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Labor.lnk
[2010/05/18 13:58:04 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Special.lnk
[2010/05/17 15:38:10 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Foxcmd7 multi.lnk
[2010/05/15 14:33:47 | 000,001,409 | ---- | M] () -- C:\WINNT\QTFont.for
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 10:53:21 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV Stats.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINNT\PEV.exe
[2010/04/24 08:40:39 | 002,256,607 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:52 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/15 19:07:00 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CDefense.lnk
[2010/04/10 18:43:12 | 000,002,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\InstallShield.lnk
[2010/04/05 08:55:59 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/04/04 14:13:21 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Card.lnk
[2010/04/04 14:06:48 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Board.lnk
[2010/04/02 15:53:01 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WP.lnk

========== Files Created - No Company Name ==========

[2010/06/19 08:54:49 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_274.dat
[2010/06/18 12:29:40 | 000,256,512 | ---- | C] () -- C:\WINNT\PEV.exe
[2010/06/18 12:29:40 | 000,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2010/06/18 12:29:40 | 000,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2010/06/18 12:29:40 | 000,077,312 | ---- | C] () -- C:\WINNT\MBR.exe
[2010/06/18 12:29:40 | 000,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2010/06/18 12:26:16 | 003,714,766 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/15 17:02:10 | 004,386,326 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:43 | 001,871,931 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/14 17:42:24 | 000,002,446 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/14 16:02:06 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/13 11:04:37 | 000,029,478 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/12 10:47:56 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/11 11:38:45 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/08 07:13:34 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/05/15 14:33:47 | 000,054,156 | -H-- | C] () -- C:\WINNT\QTFont.qfn
[2010/05/15 14:33:47 | 000,001,409 | ---- | C] () -- C:\WINNT\QTFont.for
[2010/04/24 08:40:39 | 002,256,607 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:16 | 000,000,436 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/05 08:52:27 | 000,001,309 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/04/05 08:52:27 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/01/23 17:16:53 | 000,170,424 | ---- | C] () -- C:\WINNT\xobglu32.dll
[2010/01/23 17:16:53 | 000,063,488 | ---- | C] () -- C:\WINNT\xobglu16.dll
[2010/01/23 14:44:58 | 000,051,716 | ---- | C] () -- C:\WINNT\System32\pdf995mon.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINNT\bdoscandellang.ini
[2007/04/06 14:41:57 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2007/03/18 20:02:11 | 000,009,472 | ---- | C] () -- C:\WINNT\unsqz.dll
[2007/03/18 20:01:48 | 000,000,024 | ---- | C] () -- C:\WINNT\@loha.ini
[2006/12/15 12:17:13 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\drivers\CO_Mon.sys
[2005/09/23 14:03:48 | 000,000,122 | ---- | C] () -- C:\WINNT\mdm.ini
[2005/07/16 19:17:51 | 000,651,264 | ---- | C] () -- C:\WINNT\System32\libeay32.dll
[2005/07/16 19:17:51 | 000,147,456 | ---- | C] () -- C:\WINNT\System32\ssleay32.dll
[2005/02/06 13:23:27 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2003/12/26 17:56:50 | 000,139,264 | ---- | C] () -- C:\WINNT\System32\CfgResDll.dll
[2003/12/26 17:56:50 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\WakeResDll.dll
[2003/05/10 07:42:28 | 000,000,051 | ---- | C] () -- C:\WINNT\WININIT.INI
[2003/01/18 16:04:42 | 000,000,060 | ---- | C] () -- C:\WINNT\wpd99.drv
[2003/01/08 11:00:13 | 003,673,360 | ---- | C] () -- C:\WINNT\System32\MSO97RT.DLL
[2002/12/28 01:42:00 | 000,004,239 | ---- | C] () -- C:\WINNT\cdPlayer.ini
[2002/12/27 23:47:04 | 000,000,171 | ---- | C] () -- C:\WINNT\KPCMS.INI
[2002/12/27 23:46:35 | 000,210,944 | ---- | C] () -- C:\WINNT\System32\MSVCRT10.DLL
[2002/12/27 06:44:26 | 000,004,333 | ---- | C] () -- C:\WINNT\mixerdef.ini
[2002/12/27 06:43:47 | 000,033,909 | ---- | C] () -- C:\WINNT\cmijack.ini
[2002/12/27 06:43:46 | 000,019,458 | ---- | C] () -- C:\WINNT\cmaudio.ini
[2002/12/27 06:42:24 | 000,000,411 | ---- | C] () -- C:\WINNT\CMISETUP.INI
[2002/12/27 06:42:24 | 000,000,026 | ---- | C] () -- C:\WINNT\CMCDPLAY.INI
[2002/12/27 06:30:32 | 000,000,051 | ---- | C] () -- C:\WINNT\iTouch.ini
[2002/12/27 01:40:17 | 000,151,552 | ---- | C] () -- C:\WINNT\System32\setuplib.dll
[2002/12/26 18:32:15 | 000,000,318 | ---- | C] () -- C:\WINNT\QBUILD.INI
[2002/12/26 07:34:08 | 000,096,768 | ---- | C] () -- C:\WINNT\System32\LGUICOM.DLL
[2002/12/26 07:34:08 | 000,000,488 | ---- | C] () -- C:\WINNT\Cmousecc.ini
[2002/12/23 23:10:59 | 000,000,956 | ---- | C] () -- C:\WINNT\ODBC.INI
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC_MMX.dll
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC.dll
[2002/12/23 16:22:17 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\Hmpg12.dll
[2002/12/23 16:22:17 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\multiplex_vcd.dll
[1999/12/07 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[1999/12/07 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[1999/12/07 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[1999/12/07 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[1999/12/07 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 000,040,448 | ---- | C] () -- C:\WINNT\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/11/12 15:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blitware
[2006/02/01 10:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/01/13 12:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LockLizard
[2005/09/18 18:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Musicmatch
[2010/01/23 15:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\pdf995
[2006/12/15 11:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2006/12/15 12:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WholeSecurity
[2007/04/07 12:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2008/03/02 15:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/01/13 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LockLizard
[2009/07/04 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/01/23 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2002/12/24 00:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2007/04/06 13:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/09/23 12:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/01/20 14:59:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2003/06/19 12:05:04 | 000,150,528 | RHS- | M] () -- C:\arcldr.exe
[2003/06/19 12:05:04 | 000,163,840 | RHS- | M] () -- C:\arcsetup.exe
[2009/11/12 15:46:00 | 007,456,088 | ---- | M] (Blitware Technology Inc. ) -- C:\DriverRobot_Setup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2002/12/23 11:41:55 | 000,081,920 | ---- | M] () -- C:\WINNT\system32\config\default.sav
[2002/12/23 11:41:55 | 000,536,576 | ---- | M] () -- C:\WINNT\system32\config\software.sav
[2002/12/23 11:41:55 | 000,356,352 | ---- | M] () -- C:\WINNT\system32\config\system.sav

========== Files - Unicode (All) ==========
[2002/12/27 06:26:40 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/27 06:26:40 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/26 07:34:24 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\
[2002/12/26 07:34:24 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\
< End of report >

scorekeeper · 2010/06/19

OTL Extras logfile created on: 6/19/2010 12:01:11 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 278.00 Mb Available Physical Memory | 54.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 11.81 Gb Free Space | 48.39% Space Free | Partition Type: NTFS
Drive D: | 32.85 Gb Total Space | 19.20 Gb Free Space | 58.46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 7.81 Gb Total Space | 3.46 Gb Free Space | 44.28% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACKS-MACHINE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [print] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{01558B00-3F19-4E26-8B56-11CA9F97E81C}" = WLAN Cardbus
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F76ACFA-22FE-49F6-BC05-F4EC835F48CC}" = Norton GoBack 4.1
"{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}" = NETGEAR WG111 Software
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}" = CC_ccProxyExt
"{30738666-9805-4926-A78F-91DA33B6C437}" = ccPxyCore
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3B29A786-5803-4E9E-9B58-3014A5B4E519}" = Norton AntiSpam
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5677563D-0CB1-485F-9E18-C5025306BB3F}" = Norton AntiSpam
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.71
"{68E1BAC6-F79F-43C4-AF03-A89F53F748D3}" = Microsoft XML Parser
"{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}" = Norton Utilities
"{6F716D8C-398F-11D3-85E1-005004838609}" = WebFldrs
"{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{77364F85-6219-4CB8-AAA0-6D53368D683D}" = Connection Keep Alive
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{89C83182-6537-4177-8A34-91598524EFD3}" = Visual FoxPro 7.0 Professional - English
"{8E0D233D-8B06-47A1-BA22-3A767CCD69E3}" = WinPatrol
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}" = NSW_DRM_COLLECTION
"{9E23C48E-5483-4971-BA50-089F2FABCD66}" = Norton SystemWorks
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B96F1D26-E664-11D4-8BE8-006097C9A3ED}" = InstallShield Express Visual FoxPro Limited Edition
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{CA31120D-2101-484D-9FF1-195DE96FE346}" = Norton Cleanup
"{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}" = MSRedist
"{D878E385-D14F-11D4-A546-0090278A1BB8}" = Visual FoxPro 7.0 Baseline - English
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{F73E7B59-F951-11D4-884D-00902761A46D}" = WordPerfect Office 2002 Professional
"ABE" = ABE
"ABE Setup" = ABE Setup
"ABE Tutorial" = ABE Tutorial
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 5.5" = Adobe Photoshop 5.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"CodeStuff Starter" = CodeStuff Starter
"DXTXTRA" = Microsoft DirectX Transform optional components
"ESET Online Scanner" = ESET Online Scanner v3
"FinePrint pdfFactory" = FinePrint pdfFactory
"FTP Explorer" = FTP Explorer
"HijackThis" = HijackThis 1.99.1
"Hijackthis_is1" = Hijackthis 1.99.1
"ieSupportManager" = ieSupportManager
"Interbase" = Interbase
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Lizard Safeguard - PDF Viewer_is1" = Lizard Safeguard - PDF Viewer 2.5.122
"Logitech Resource Center" = Logitech Resource Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft Developer Network - Visual Studio 6.0a" = MSDN Library - Visual Studio 6.0a
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSDN Library - July 2001" = MSDN Library - July 2001
"NTI CD-Maker 2000 Plus" = NTI CD-Maker 2000 Plus
"OE-Mail Recovery_is1" = OE-Mail Recovery 1.7
"OmniFormat" = OmniFormat
"PCI Audio Applications" = PCI Audio Applications
"PCI Audio Driver" = PCI Audio Driver
"Pdf995" = Pdf995
"Q818043" = Windows 2000 Hotfix (SP5) Q818043
"Q828026" = Windows Media Player Hotfix [See Q828026 for more information]
"Q903235" = Internet Explorer Q903235
"QuickTime" = QuickTime
"SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition (Symantec Corporation)
"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2006 (Symantec Corporation)
"Update Rollup 1" = Update Rollup 1 for Windows 2000 SP4
"Visual FoxPro 6.0" = Microsoft Visual FoxPro 6.0
"Visual FoxPro 7.0 Professional - English" = Microsoft Visual FoxPro 7.0 Professional - English
"WinPatrol 2007" = WinPatrol 2007 Restore/Remove First
"WinZip" = WinZip
"WMP7" = Windows Media Player system update (9 Series)
"WordPerfect Office 2002 Professional" = WordPerfect Office 2002 Professional
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Confidence Online EE" = Confidence Online(tm) for Web Applications

< End of report >

broni · 2010/06/19

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
[2005/09/23 12:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

scorekeeper · 2010/06/19

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ deleted successfully.
File Protocol\Filter\Class Install Handler - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1205 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 83957672 bytes
->Flash cache emptied: 1514 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: shell32.dll unable to determine bytes removed.

Total Files Cleaned = 80.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

Total Flash Files Cleaned = 0.00 mb

C:\WINNT\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.6.0 log created on 06192010_144435

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

scorekeeper · 2010/06/19

OTL logfile created on: 6/19/2010 3:28:19 PM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 58.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 11.85 Gb Free Space | 48.54% Space Free | Partition Type: NTFS
Drive D: | 32.85 Gb Total Space | 19.20 Gb Free Space | 58.46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 7.81 Gb Total Space | 3.46 Gb Free Space | 44.28% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACKS-MACHINE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/03/01 15:16:23 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/05/23 13:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/22 22:19:26 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/01/17 14:03:06 | 000,135,168 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2005/11/29 11:50:06 | 000,116,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymTray.exe
PRC - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
PRC - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
PRC - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe
PRC - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2004/06/05 15:10:08 | 001,056,864 | ---- | M] () -- C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
PRC - [2004/03/18 10:33:26 | 000,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
PRC - [2003/06/19 12:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\WinMgmt.exe
PRC - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/01/23 18:08:46 | 000,716,800 | ---- | M] () -- C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINNT\mixer.exe
PRC - [2002/07/09 10:50:00 | 000,028,672 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2002/06/12 00:17:40 | 000,352,256 | ---- | M] (FinePrint Software, LLC) -- C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe

========== Modules (SafeList) ==========

MOD - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2007/01/22 22:25:58 | 000,377,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCL40.DLL
MOD - [2005/11/14 08:24:04 | 000,607,920 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\ShellExt.dll
MOD - [2005/09/23 18:38:24 | 000,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2004/03/18 10:26:50 | 000,004,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\itchhk.dll
MOD - [2004/03/18 10:26:48 | 000,114,688 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2003/06/19 12:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 12:05:04 | 000,021,776 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wsock32.dll
MOD - [2003/06/19 12:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll
MOD - [2003/03/18 22:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msvcp71.dll
MOD - [2003/02/21 06:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\Msvcr71.dll
MOD - [2002/07/09 10:50:00 | 000,024,576 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL

========== Win32 Services (SafeList) ==========

SRV - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/05/23 13:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/01/16 12:25:28 | 000,045,696 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/05/15 18:24:33 | 002,086,592 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/02/03 18:29:36 | 000,072,328 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/12/19 20:41:56 | 000,198,416 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe -- (GBPoll)
SRV - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -- (Speed Disk service)
SRV - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\WinMgmt.exe -- (WinMgmt)
SRV - [2003/06/19 12:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 12:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\FAXSVC.EXE -- (Fax)
SRV - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 12:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [2000/06/23 06:00:00 | 001,702,400 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibserver.exe -- (InterBaseServer)
SRV - [2000/06/23 06:00:00 | 000,022,016 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibguard.exe -- (InterBaseGuardian)

========== Driver Services (SafeList) ==========

DRV - [2009/04/27 14:14:22 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/04/15 13:04:26 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/04/15 13:04:26 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/04/15 13:04:26 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVENG.SYS -- (NAVENG)
DRV - [2009/02/25 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2009/01/06 11:44:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/10/02 23:55:42 | 000,158,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20071031.003\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2007/10/01 15:49:26 | 000,189,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINNT\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/01 15:49:20 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/01 15:49:16 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/01 15:49:10 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/10/01 15:49:04 | 000,098,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/01 15:48:56 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/04/09 21:44:52 | 000,391,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/12/15 12:17:13 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2006/07/07 18:47:23 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/19 20:41:58 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/12/19 20:41:56 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/11/14 08:24:04 | 000,117,760 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GoBack2k.sys -- (GoBack2K)
DRV - [2005/11/14 08:24:04 | 000,015,360 | R--- | M] (Symantec Corporation) [File_System | Auto | Stopped] -- C:\WINNT\system32\drivers\GBFSHook.sys -- (GBFSHook)
DRV - [2005/11/14 08:24:04 | 000,005,632 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GBDevice.sys -- (GBDevice)
DRV - [2005/11/03 16:56:04 | 000,081,748 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2005/11/03 16:43:42 | 000,090,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\SdDriver.SYS -- (SDdriver)
DRV - [2005/02/06 12:32:16 | 000,058,000 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdr4_2K.sys -- (Cdr4_2K)
DRV - [2005/02/06 12:32:16 | 000,023,420 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2004/07/09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/06/04 13:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/05/20 09:46:42 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINNT\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/05/20 09:46:38 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/10 14:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\itchfltr.sys -- (itchfltr)
DRV - [2003/06/19 12:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 12:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 12:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 12:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 12:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003/06/19 12:05:04 | 000,009,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/06/19 12:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 12:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2003/01/28 17:41:26 | 000,155,152 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rtl8180.sys -- (rtl8180)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2002/08/14 16:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/09 02:50:00 | 000,070,382 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lmouflt2.sys -- (lmouflt2)
DRV - [2002/07/09 02:50:00 | 000,050,862 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\L8042pr2.sys -- (l8042pr2)
DRV - [2002/07/09 02:50:00 | 000,006,030 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lkbdflt2.sys -- (lkbdflt2)
DRV - [2002/03/26 13:43:34 | 000,006,016 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [1999/12/07 05:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [1999/12/07 05:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [1999/10/29 16:28:02 | 000,052,272 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\sis300p.sys -- (SiS300)
DRV - [1999/09/25 03:37:28 | 000,065,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\s3legacy.sys -- (s3legacy)
DRV - [1999/09/25 00:55:30 | 000,602,128 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\winacpci.sys -- (Winacpci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://mailguard.calweb.com/login.php?lang=en|http://www.infosports.com/scorekeeper|http://www.baseball-fever.com/forumdisplay.php?f=53|http://www.infosports.com/forum/viewforum.php?f=2|http://www.whitehouse.gov/feed/blog/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..network.proxy.no_proxies_on: "localhost "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/15 14:13:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/14 14:14:25 | 000,000,000 | ---D | M]

[2008/08/26 11:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions
[2010/06/13 18:31:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/14 14:14:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/06/19 14:44:48 | 000,000,098 | ---- | M]) - C:\WINNT\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINNT\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [pdfFactory Dispatcher v1] C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKLM..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe (Symantec Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKLM..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WLAN Cardbus.lnk = C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (Symantec SmartIssue)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201320796428 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/23 15:47:14 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/02/13 09:27:08 | 000,000,107 | ---- | M] () - F:\AUTOEXEC.NS0 -- [ FAT32 ]
O32 - AutoRun File - [2002/02/13 10:06:08 | 000,000,107 | ---- | M] () - F:\AutoExec.bat -- [ FAT32 ]
O32 - AutoRun File - [2003/08/14 16:21:16 | 000,000,000 | ---D | M] - F:\AUTOTRONICS -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/19 14:44:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/18 12:58:33 | 000,000,000 | ---D | C] -- C:\WINNT\temp
[2010/06/18 12:29:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINNT\SWXCACLS.exe
[2010/06/18 12:29:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINNT\SWREG.exe
[2010/06/18 12:29:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINNT\SWSC.exe
[2010/06/18 12:29:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINNT\NIRCMD.exe
[2010/06/18 12:29:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/14 16:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\OE-Mail Recovery
[2010/06/12 08:16:52 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 13:58:07 | 000,000,000 | ---D | C] -- C:\WINNT\BDOSCAN8
[2010/06/11 11:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/10 11:21:36 | 000,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2010/06/09 17:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/06/09 17:33:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/06/09 17:33:30 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/06/09 17:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/09 17:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/09 12:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/14 14:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/02 13:37:42 | 000,000,000 | ---D | C] -- C:\Scorekeeping For Dummies

========== Files - Modified Within 90 Days ==========

[2010/06/19 15:28:23 | 003,784,704 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/19 14:48:30 | 000,000,051 | ---- | M] () -- C:\WINNT\iTouch.ini
[2010/06/19 14:47:13 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/06/19 14:47:05 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_270.dat
[2010/06/19 14:45:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/19 14:44:48 | 000,000,098 | ---- | M] () -- C:\WINNT\System32\drivers\etc\Hosts
[2010/06/18 12:58:33 | 000,000,564 | ---- | M] () -- C:\WINNT\tasks\Norton AntiVirus - Run Full System Scan - Administrator.job
[2010/06/18 12:54:50 | 000,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2010/06/18 12:26:39 | 003,714,766 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/16 07:43:56 | 000,002,446 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/15 17:02:34 | 004,386,326 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:45 | 001,871,931 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\tasks\Ad-Aware Update (Weekly).job
[2010/06/14 16:02:06 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/14 12:05:52 | 000,000,308 | ---- | M] () -- C:\WINNT\tasks\Norton SystemWorks One Button Checkup.job
[2010/06/14 12:00:02 | 000,080,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/13 18:14:36 | 000,098,304 | ---- | M] () -- C:\WINNT\System32\dfrg.msc
[2010/06/13 11:04:38 | 000,029,478 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/13 08:20:53 | 000,287,704 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/13 00:00:00 | 000,000,324 | ---- | M] () -- C:\WINNT\tasks\Symantec Drmc.job
[2010/06/12 10:47:56 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 15:07:37 | 000,001,410 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/11 11:38:45 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/09 12:15:14 | 000,002,394 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/06/08 07:13:34 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/06/07 15:28:30 | 000,348,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\obr2010.doc
[2010/06/04 13:59:55 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Pitching.lnk
[2010/06/04 13:54:23 | 000,054,156 | -H-- | M] () -- C:\WINNT\QTFont.qfn
[2010/06/04 11:24:27 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Combined.lnk
[2010/06/04 11:16:11 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2010.lnk
[2010/06/03 16:23:12 | 000,008,896 | ---- | M] () -- C:\WINNT\hh.dat
[2010/06/02 16:01:55 | 000,001,411 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV.lnk
[2010/06/01 09:55:37 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Batting.lnk
[2010/05/30 16:57:32 | 000,001,359 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\All Games.lnk
[2010/05/30 08:29:52 | 000,000,420 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Cbatting.lnk
[2010/05/30 08:25:29 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CPitching.lnk
[2010/05/22 12:43:37 | 000,001,309 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/05/20 16:30:56 | 000,000,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Labor.lnk
[2010/05/18 13:58:04 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Special.lnk
[2010/05/17 15:38:10 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Foxcmd7 multi.lnk
[2010/05/15 14:33:47 | 000,001,409 | ---- | M] () -- C:\WINNT\QTFont.for
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 10:53:21 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV Stats.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINNT\PEV.exe
[2010/04/24 08:40:39 | 002,256,607 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:52 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/15 19:07:00 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CDefense.lnk
[2010/04/10 18:43:12 | 000,002,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\InstallShield.lnk
[2010/04/05 08:55:59 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/04/04 14:13:21 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Card.lnk
[2010/04/04 14:06:48 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Board.lnk
[2010/04/02 15:53:01 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WP.lnk

========== Files Created - No Company Name ==========

[2010/06/19 14:47:05 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_270.dat
[2010/06/18 12:29:40 | 000,256,512 | ---- | C] () -- C:\WINNT\PEV.exe
[2010/06/18 12:29:40 | 000,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2010/06/18 12:29:40 | 000,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2010/06/18 12:29:40 | 000,077,312 | ---- | C] () -- C:\WINNT\MBR.exe
[2010/06/18 12:29:40 | 000,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2010/06/18 12:26:16 | 003,714,766 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/15 17:02:10 | 004,386,326 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:43 | 001,871,931 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/14 17:42:24 | 000,002,446 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/14 16:02:06 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/13 11:04:37 | 000,029,478 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/12 10:47:56 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/11 11:38:45 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/08 07:13:34 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/05/15 14:33:47 | 000,054,156 | -H-- | C] () -- C:\WINNT\QTFont.qfn
[2010/05/15 14:33:47 | 000,001,409 | ---- | C] () -- C:\WINNT\QTFont.for
[2010/04/24 08:40:39 | 002,256,607 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:16 | 000,000,436 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/05 08:52:27 | 000,001,309 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/04/05 08:52:27 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/01/23 17:16:53 | 000,170,424 | ---- | C] () -- C:\WINNT\xobglu32.dll
[2010/01/23 17:16:53 | 000,063,488 | ---- | C] () -- C:\WINNT\xobglu16.dll
[2010/01/23 14:44:58 | 000,051,716 | ---- | C] () -- C:\WINNT\System32\pdf995mon.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINNT\bdoscandellang.ini
[2007/04/06 14:41:57 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2007/03/18 20:02:11 | 000,009,472 | ---- | C] () -- C:\WINNT\unsqz.dll
[2007/03/18 20:01:48 | 000,000,024 | ---- | C] () -- C:\WINNT\@loha.ini
[2006/12/15 12:17:13 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\drivers\CO_Mon.sys
[2005/09/23 14:03:48 | 000,000,122 | ---- | C] () -- C:\WINNT\mdm.ini
[2005/07/16 19:17:51 | 000,651,264 | ---- | C] () -- C:\WINNT\System32\libeay32.dll
[2005/07/16 19:17:51 | 000,147,456 | ---- | C] () -- C:\WINNT\System32\ssleay32.dll
[2005/02/06 13:23:27 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2003/12/26 17:56:50 | 000,139,264 | ---- | C] () -- C:\WINNT\System32\CfgResDll.dll
[2003/12/26 17:56:50 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\WakeResDll.dll
[2003/05/10 07:42:28 | 000,000,051 | ---- | C] () -- C:\WINNT\WININIT.INI
[2003/01/18 16:04:42 | 000,000,060 | ---- | C] () -- C:\WINNT\wpd99.drv
[2003/01/08 11:00:13 | 003,673,360 | ---- | C] () -- C:\WINNT\System32\MSO97RT.DLL
[2002/12/28 01:42:00 | 000,004,239 | ---- | C] () -- C:\WINNT\cdPlayer.ini
[2002/12/27 23:47:04 | 000,000,171 | ---- | C] () -- C:\WINNT\KPCMS.INI
[2002/12/27 23:46:35 | 000,210,944 | ---- | C] () -- C:\WINNT\System32\MSVCRT10.DLL
[2002/12/27 06:44:26 | 000,004,333 | ---- | C] () -- C:\WINNT\mixerdef.ini
[2002/12/27 06:43:47 | 000,033,909 | ---- | C] () -- C:\WINNT\cmijack.ini
[2002/12/27 06:43:46 | 000,019,458 | ---- | C] () -- C:\WINNT\cmaudio.ini
[2002/12/27 06:42:24 | 000,000,411 | ---- | C] () -- C:\WINNT\CMISETUP.INI
[2002/12/27 06:42:24 | 000,000,026 | ---- | C] () -- C:\WINNT\CMCDPLAY.INI
[2002/12/27 06:30:32 | 000,000,051 | ---- | C] () -- C:\WINNT\iTouch.ini
[2002/12/27 01:40:17 | 000,151,552 | ---- | C] () -- C:\WINNT\System32\setuplib.dll
[2002/12/26 18:32:15 | 000,000,318 | ---- | C] () -- C:\WINNT\QBUILD.INI
[2002/12/26 07:34:08 | 000,096,768 | ---- | C] () -- C:\WINNT\System32\LGUICOM.DLL
[2002/12/26 07:34:08 | 000,000,488 | ---- | C] () -- C:\WINNT\Cmousecc.ini
[2002/12/23 23:10:59 | 000,000,956 | ---- | C] () -- C:\WINNT\ODBC.INI
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC_MMX.dll
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC.dll
[2002/12/23 16:22:17 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\Hmpg12.dll
[2002/12/23 16:22:17 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\multiplex_vcd.dll
[1999/12/07 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[1999/12/07 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[1999/12/07 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[1999/12/07 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[1999/12/07 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 000,040,448 | ---- | C] () -- C:\WINNT\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/11/12 15:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blitware
[2006/02/01 10:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/01/13 12:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LockLizard
[2005/09/18 18:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Musicmatch
[2010/01/23 15:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\pdf995
[2006/12/15 11:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2006/12/15 12:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WholeSecurity
[2007/04/07 12:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2008/03/02 15:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/01/13 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LockLizard
[2009/07/04 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/01/23 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2002/12/24 00:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2007/04/06 13:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/20 14:59:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2002/12/27 06:26:40 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/27 06:26:40 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/26 07:34:24 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\
[2002/12/26 07:34:24 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\
< End of report >

scorekeeper · 2010/06/19

OTL logfile created on: 6/19/2010 3:28:19 PM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 58.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 11.85 Gb Free Space | 48.54% Space Free | Partition Type: NTFS
Drive D: | 32.85 Gb Total Space | 19.20 Gb Free Space | 58.46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 7.81 Gb Total Space | 3.46 Gb Free Space | 44.28% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACKS-MACHINE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/03/01 15:16:23 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/05/23 13:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/22 22:19:26 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/01/17 14:03:06 | 000,135,168 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2005/11/29 11:50:06 | 000,116,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymTray.exe
PRC - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
PRC - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
PRC - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe
PRC - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2004/06/05 15:10:08 | 001,056,864 | ---- | M] () -- C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
PRC - [2004/03/18 10:33:26 | 000,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
PRC - [2003/06/19 12:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\WinMgmt.exe
PRC - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/01/23 18:08:46 | 000,716,800 | ---- | M] () -- C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINNT\mixer.exe
PRC - [2002/07/09 10:50:00 | 000,028,672 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2002/06/12 00:17:40 | 000,352,256 | ---- | M] (FinePrint Software, LLC) -- C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe

========== Modules (SafeList) ==========

MOD - [2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2007/01/22 22:25:58 | 000,377,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCL40.DLL
MOD - [2005/11/14 08:24:04 | 000,607,920 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\ShellExt.dll
MOD - [2005/09/23 18:38:24 | 000,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2004/03/18 10:26:50 | 000,004,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\itchhk.dll
MOD - [2004/03/18 10:26:48 | 000,114,688 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2003/06/19 12:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 12:05:04 | 000,021,776 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wsock32.dll
MOD - [2003/06/19 12:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll
MOD - [2003/03/18 22:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msvcp71.dll
MOD - [2003/02/21 06:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\Msvcr71.dll
MOD - [2002/07/09 10:50:00 | 000,024,576 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL

========== Win32 Services (SafeList) ==========

SRV - [2010/03/01 15:16:21 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007/11/04 18:14:08 | 001,247,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/10/01 15:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/05/23 13:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2007/01/22 22:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/22 22:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/01/16 12:25:28 | 000,045,696 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/11/21 18:38:38 | 000,202,344 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/05/15 18:24:33 | 002,086,592 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/05/15 18:24:33 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/02/03 18:29:36 | 000,072,328 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/12/19 20:41:56 | 000,198,416 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2005/11/14 08:24:04 | 000,595,632 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe -- (GBPoll)
SRV - [2005/11/03 20:06:21 | 001,160,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/11/03 17:08:01 | 000,095,832 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2005/11/03 16:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -- (Speed Disk service)
SRV - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\WinMgmt.exe -- (WinMgmt)
SRV - [2003/06/19 12:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 12:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\FAXSVC.EXE -- (Fax)
SRV - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 12:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [2000/06/23 06:00:00 | 001,702,400 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibserver.exe -- (InterBaseServer)
SRV - [2000/06/23 06:00:00 | 000,022,016 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\InterBase\Bin\ibguard.exe -- (InterBaseGuardian)

========== Driver Services (SafeList) ==========

DRV - [2009/04/27 14:14:22 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/04/15 13:04:26 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/04/15 13:04:26 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/04/15 13:04:26 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090706.016\NAVENG.SYS -- (NAVENG)
DRV - [2009/02/25 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2009/01/06 11:44:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/10/02 23:55:42 | 000,158,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20071031.003\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2007/10/01 15:49:26 | 000,189,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINNT\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/01 15:49:20 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/01 15:49:16 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/01 15:49:10 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/10/01 15:49:04 | 000,098,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/01 15:48:56 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/04/09 21:44:52 | 000,391,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/12/15 12:17:13 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2006/07/07 18:47:23 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/19 20:41:58 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/12/19 20:41:56 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/11/14 08:24:04 | 000,117,760 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GoBack2k.sys -- (GoBack2K)
DRV - [2005/11/14 08:24:04 | 000,015,360 | R--- | M] (Symantec Corporation) [File_System | Auto | Stopped] -- C:\WINNT\system32\drivers\GBFSHook.sys -- (GBFSHook)
DRV - [2005/11/14 08:24:04 | 000,005,632 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\GBDevice.sys -- (GBDevice)
DRV - [2005/11/03 16:56:04 | 000,081,748 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2005/11/03 16:43:42 | 000,090,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\SdDriver.SYS -- (SDdriver)
DRV - [2005/02/06 12:32:16 | 000,058,000 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdr4_2K.sys -- (Cdr4_2K)
DRV - [2005/02/06 12:32:16 | 000,023,420 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2004/07/09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/06/04 13:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/05/20 09:46:42 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINNT\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/05/20 09:46:38 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/10 14:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\itchfltr.sys -- (itchfltr)
DRV - [2003/06/19 12:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 12:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 12:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 12:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 12:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003/06/19 12:05:04 | 000,009,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/06/19 12:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 12:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2003/01/28 17:41:26 | 000,155,152 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rtl8180.sys -- (rtl8180)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2002/08/14 16:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/09 02:50:00 | 000,070,382 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lmouflt2.sys -- (lmouflt2)
DRV - [2002/07/09 02:50:00 | 000,050,862 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\L8042pr2.sys -- (l8042pr2)
DRV - [2002/07/09 02:50:00 | 000,006,030 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\lkbdflt2.sys -- (lkbdflt2)
DRV - [2002/03/26 13:43:34 | 000,006,016 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [1999/12/07 05:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [1999/12/07 05:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [1999/10/29 16:28:02 | 000,052,272 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\sis300p.sys -- (SiS300)
DRV - [1999/09/25 03:37:28 | 000,065,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\s3legacy.sys -- (s3legacy)
DRV - [1999/09/25 00:55:30 | 000,602,128 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\winacpci.sys -- (Winacpci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://mailguard.calweb.com/login.php?lang=en|http://www.infosports.com/scorekeeper|http://www.baseball-fever.com/forumdisplay.php?f=53|http://www.infosports.com/forum/viewforum.php?f=2|http://www.whitehouse.gov/feed/blog/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..network.proxy.no_proxies_on: "localhost "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/15 14:13:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/14 14:14:25 | 000,000,000 | ---D | M]

[2008/08/26 11:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions
[2010/06/13 18:31:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q4k9xxk3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/18 13:17:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/14 14:14:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/06/19 14:44:48 | 000,000,098 | ---- | M]) - C:\WINNT\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINNT\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [pdfFactory Dispatcher v1] C:\WINNT\system32\spool\drivers\w32x86\2\fppdis1.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKLM..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe (Symantec Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKLM..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WLAN Cardbus.lnk = C:\Program Files\802.11 Wireless LAN\WLAN Cardbus\RtlWake.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab (Symantec SmartIssue)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201320796428 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\NANI.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/23 15:47:14 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/02/13 09:27:08 | 000,000,107 | ---- | M] () - F:\AUTOEXEC.NS0 -- [ FAT32 ]
O32 - AutoRun File - [2002/02/13 10:06:08 | 000,000,107 | ---- | M] () - F:\AutoExec.bat -- [ FAT32 ]
O32 - AutoRun File - [2003/08/14 16:21:16 | 000,000,000 | ---D | M] - F:\AUTOTRONICS -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/19 14:44:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/18 12:58:33 | 000,000,000 | ---D | C] -- C:\WINNT\temp
[2010/06/18 12:29:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINNT\SWXCACLS.exe
[2010/06/18 12:29:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINNT\SWREG.exe
[2010/06/18 12:29:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINNT\SWSC.exe
[2010/06/18 12:29:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINNT\NIRCMD.exe
[2010/06/18 12:29:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/14 16:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\OE-Mail Recovery
[2010/06/12 08:16:52 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 13:58:07 | 000,000,000 | ---D | C] -- C:\WINNT\BDOSCAN8
[2010/06/11 11:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/10 11:21:36 | 000,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2010/06/09 17:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/06/09 17:33:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/06/09 17:33:30 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/06/09 17:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/09 17:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/09 12:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/14 14:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/02 13:37:42 | 000,000,000 | ---D | C] -- C:\Scorekeeping For Dummies

========== Files - Modified Within 90 Days ==========

[2010/06/19 15:28:23 | 003,784,704 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/19 14:48:30 | 000,000,051 | ---- | M] () -- C:\WINNT\iTouch.ini
[2010/06/19 14:47:13 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/06/19 14:47:05 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_270.dat
[2010/06/19 14:45:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/19 14:44:48 | 000,000,098 | ---- | M] () -- C:\WINNT\System32\drivers\etc\Hosts
[2010/06/18 12:58:33 | 000,000,564 | ---- | M] () -- C:\WINNT\tasks\Norton AntiVirus - Run Full System Scan - Administrator.job
[2010/06/18 12:54:50 | 000,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2010/06/18 12:26:39 | 003,714,766 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/16 07:43:56 | 000,002,446 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/15 17:02:34 | 004,386,326 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:45 | 001,871,931 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\tasks\Ad-Aware Update (Weekly).job
[2010/06/14 16:02:06 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/14 12:05:52 | 000,000,308 | ---- | M] () -- C:\WINNT\tasks\Norton SystemWorks One Button Checkup.job
[2010/06/14 12:00:02 | 000,080,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/13 18:14:36 | 000,098,304 | ---- | M] () -- C:\WINNT\System32\dfrg.msc
[2010/06/13 11:04:38 | 000,029,478 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/13 08:20:53 | 000,287,704 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/13 00:00:00 | 000,000,324 | ---- | M] () -- C:\WINNT\tasks\Symantec Drmc.job
[2010/06/12 10:47:56 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/12 08:16:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/11 15:07:37 | 000,001,410 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/11 11:38:45 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/09 12:15:14 | 000,002,394 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/06/08 07:13:34 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/06/07 15:28:30 | 000,348,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\obr2010.doc
[2010/06/04 13:59:55 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Pitching.lnk
[2010/06/04 13:54:23 | 000,054,156 | -H-- | M] () -- C:\WINNT\QTFont.qfn
[2010/06/04 11:24:27 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Combined.lnk
[2010/06/04 11:16:11 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2010.lnk
[2010/06/03 16:23:12 | 000,008,896 | ---- | M] () -- C:\WINNT\hh.dat
[2010/06/02 16:01:55 | 000,001,411 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV.lnk
[2010/06/01 09:55:37 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Batting.lnk
[2010/05/30 16:57:32 | 000,001,359 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\All Games.lnk
[2010/05/30 08:29:52 | 000,000,420 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Cbatting.lnk
[2010/05/30 08:25:29 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CPitching.lnk
[2010/05/22 12:43:37 | 000,001,309 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/05/20 16:30:56 | 000,000,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Labor.lnk
[2010/05/18 13:58:04 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\10 Special.lnk
[2010/05/17 15:38:10 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Foxcmd7 multi.lnk
[2010/05/15 14:33:47 | 000,001,409 | ---- | M] () -- C:\WINNT\QTFont.for
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 10:53:21 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JV Stats.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINNT\PEV.exe
[2010/04/24 08:40:39 | 002,256,607 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:52 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/15 19:07:00 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CDefense.lnk
[2010/04/10 18:43:12 | 000,002,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\InstallShield.lnk
[2010/04/05 08:55:59 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/04/04 14:13:21 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Card.lnk
[2010/04/04 14:06:48 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hoyle Board.lnk
[2010/04/02 15:53:01 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WP.lnk

========== Files Created - No Company Name ==========

[2010/06/19 14:47:05 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_270.dat
[2010/06/18 12:29:40 | 000,256,512 | ---- | C] () -- C:\WINNT\PEV.exe
[2010/06/18 12:29:40 | 000,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2010/06/18 12:29:40 | 000,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2010/06/18 12:29:40 | 000,077,312 | ---- | C] () -- C:\WINNT\MBR.exe
[2010/06/18 12:29:40 | 000,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2010/06/18 12:26:16 | 003,714,766 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2010/06/17 08:06:49 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/15 17:02:10 | 004,386,326 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\alb_rules2008.pdf
[2010/06/15 17:01:43 | 001,871,931 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\umpiresmanual.pdf
[2010/06/14 17:42:24 | 000,002,446 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Outlook.lnk
[2010/06/14 16:02:06 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\OE-Mail Recovery.lnk
[2010/06/13 11:04:37 | 000,029,478 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\10RulesChanges.pdf
[2010/06/13 08:21:17 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_288.dat
[2010/06/12 10:47:56 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_ac4.dat
[2010/06/11 11:38:45 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_314.dat
[2010/06/11 09:44:04 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_26c.dat
[2010/06/08 07:13:34 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/05/15 14:33:47 | 000,054,156 | -H-- | C] () -- C:\WINNT\QTFont.qfn
[2010/05/15 14:33:47 | 000,001,409 | ---- | C] () -- C:\WINNT\QTFont.for
[2010/04/24 08:40:39 | 002,256,607 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\05.softball.umpire.rulebook.pdf
[2010/04/21 11:51:16 | 000,000,436 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Scatter.lnk
[2010/04/05 08:52:27 | 000,001,309 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Lineup.lnk
[2010/04/05 08:52:27 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FxCmd Lineup.lnk
[2010/01/23 17:16:53 | 000,170,424 | ---- | C] () -- C:\WINNT\xobglu32.dll
[2010/01/23 17:16:53 | 000,063,488 | ---- | C] () -- C:\WINNT\xobglu16.dll
[2010/01/23 14:44:58 | 000,051,716 | ---- | C] () -- C:\WINNT\System32\pdf995mon.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINNT\bdoscandellang.ini
[2007/04/06 14:41:57 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2007/03/18 20:02:11 | 000,009,472 | ---- | C] () -- C:\WINNT\unsqz.dll
[2007/03/18 20:01:48 | 000,000,024 | ---- | C] () -- C:\WINNT\@loha.ini
[2006/12/15 12:17:13 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\drivers\CO_Mon.sys
[2005/09/23 14:03:48 | 000,000,122 | ---- | C] () -- C:\WINNT\mdm.ini
[2005/07/16 19:17:51 | 000,651,264 | ---- | C] () -- C:\WINNT\System32\libeay32.dll
[2005/07/16 19:17:51 | 000,147,456 | ---- | C] () -- C:\WINNT\System32\ssleay32.dll
[2005/02/06 13:23:27 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2003/12/26 17:56:50 | 000,139,264 | ---- | C] () -- C:\WINNT\System32\CfgResDll.dll
[2003/12/26 17:56:50 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\WakeResDll.dll
[2003/05/10 07:42:28 | 000,000,051 | ---- | C] () -- C:\WINNT\WININIT.INI
[2003/01/18 16:04:42 | 000,000,060 | ---- | C] () -- C:\WINNT\wpd99.drv
[2003/01/08 11:00:13 | 003,673,360 | ---- | C] () -- C:\WINNT\System32\MSO97RT.DLL
[2002/12/28 01:42:00 | 000,004,239 | ---- | C] () -- C:\WINNT\cdPlayer.ini
[2002/12/27 23:47:04 | 000,000,171 | ---- | C] () -- C:\WINNT\KPCMS.INI
[2002/12/27 23:46:35 | 000,210,944 | ---- | C] () -- C:\WINNT\System32\MSVCRT10.DLL
[2002/12/27 06:44:26 | 000,004,333 | ---- | C] () -- C:\WINNT\mixerdef.ini
[2002/12/27 06:43:47 | 000,033,909 | ---- | C] () -- C:\WINNT\cmijack.ini
[2002/12/27 06:43:46 | 000,019,458 | ---- | C] () -- C:\WINNT\cmaudio.ini
[2002/12/27 06:42:24 | 000,000,411 | ---- | C] () -- C:\WINNT\CMISETUP.INI
[2002/12/27 06:42:24 | 000,000,026 | ---- | C] () -- C:\WINNT\CMCDPLAY.INI
[2002/12/27 06:30:32 | 000,000,051 | ---- | C] () -- C:\WINNT\iTouch.ini
[2002/12/27 01:40:17 | 000,151,552 | ---- | C] () -- C:\WINNT\System32\setuplib.dll
[2002/12/26 18:32:15 | 000,000,318 | ---- | C] () -- C:\WINNT\QBUILD.INI
[2002/12/26 07:34:08 | 000,096,768 | ---- | C] () -- C:\WINNT\System32\LGUICOM.DLL
[2002/12/26 07:34:08 | 000,000,488 | ---- | C] () -- C:\WINNT\Cmousecc.ini
[2002/12/23 23:10:59 | 000,000,956 | ---- | C] () -- C:\WINNT\ODBC.INI
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC_MMX.dll
[2002/12/23 16:22:17 | 000,118,784 | ---- | C] () -- C:\WINNT\System32\HMPV2_ENC.dll
[2002/12/23 16:22:17 | 000,110,592 | ---- | C] () -- C:\WINNT\System32\Hmpg12.dll
[2002/12/23 16:22:17 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\multiplex_vcd.dll
[1999/12/07 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[1999/12/07 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[1999/12/07 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[1999/12/07 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[1999/12/07 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINNT\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 000,040,448 | ---- | C] () -- C:\WINNT\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/11/12 15:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blitware
[2006/02/01 10:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/01/13 12:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LockLizard
[2005/09/18 18:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Musicmatch
[2010/01/23 15:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\pdf995
[2006/12/15 11:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2006/12/15 12:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WholeSecurity
[2007/04/07 12:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2008/03/02 15:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/01/13 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LockLizard
[2009/07/04 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/01/23 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2002/12/24 00:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2007/04/06 13:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/20 14:59:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010/06/15 14:14:42 | 000,000,472 | ---- | M] () -- C:\WINNT\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2002/12/27 06:26:40 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/27 06:26:40 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\Შ
[2002/12/26 07:34:24 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\
[2002/12/26 07:34:24 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\
< End of report >

broni · 2010/06/19

How is your computer doing at the moment?

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, Adware, Dialers, and other potentially dangerous programs
[*] Archives
[*] Mail databases

6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

scorekeeper · 2010/06/19

Kapersky froze my machine.

I've rebooted and will wait for further instructions.

broni · 2010/06/19

You didn't say how your computer is doing...

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Push Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

scorekeeper · 2010/06/20

The machine is running pretty well, considering the age of the OS, the software, and the hardware. In fact other than the control panel issue, I really have no complaints other than the occasional freeze up.

I was going to remove some of the software I’ve picked up over the years that I don’t use. When I found I couldn’t, I got a tad worried. I’ll try ESET and get back 2 U.

Thanx

broni · 2010/06/20

Ok

Log in or Sign up

Solved Control Panel Not Working

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Control Panel Not Working

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

scorekeeper Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches