What the Tech logo
Welcome! Register for a free account (or login) > How does it work?
  1. Quickly register. It will only take 60 seconds.
  2. Start a new topic. Ask your question. Wait for an email reply.
  3. Is your system infected? Begin reading the malware removal guide.
 register button
2 Pages V  < 1 2  
 Closed TopicStart new topic
> [Resolved] Computer does not shutdown properly, Vundo---
TJS12
post Nov 7 2009, 05:44 PM
Post #16


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
OTL logfile created on: 11/7/2009 6:44:03 PM - Run 2
OTL by OldTimer - Version 3.1.3.4 Folder = C:\Documents and Settings\CFM East\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.70 Gb Total Space | 207.93 Gb Free Space | 89.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CFMEAST
Current User Name: CFM East
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\CFM East\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
PRC - C:\WINDOWS\system32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\system32\BCMWLTRY.EXE (Dell Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
PRC - C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
PRC - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
PRC - C:\WINDOWS\OA001Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
PRC - C:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
PRC - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
PRC - C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\CFM East\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (wltrysvc) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (dcpsysmgrsvc) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (STacSV) -- c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (ASFAgent) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (WavxDMgr) -- C:\WINDOWS\system32\drivers\WavxDMgr.sys (Wave Systems Corp.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (OA001Ufd) -- C:\WINDOWS\system32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (OA001Vid) -- C:\WINDOWS\system32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - (OA001Afx) -- C:\WINDOWS\system32\drivers\OA001Afx.sys (Creative Technology Ltd.)
DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (AESTAud) -- C:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation)
DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (cvusbdrv) -- C:\WINDOWS\system32\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (PBADRV) -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys (Dell Inc)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USREL/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USREL/1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/28 00:10:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/15 02:00:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/06 15:21:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/06 15:21:35 | 00,000,000 | ---D | M]

[2009/11/05 05:32:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Extensions
[2009/11/05 05:32:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/07 15:54:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Firefox\Profiles\28wjzkua.default\extensions
[2009/11/05 05:33:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Firefox\Profiles\28wjzkua.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/05 05:31:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/06 15:21:35 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/06 15:21:31 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 15:21:31 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/06 15:21:32 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/16 12:58:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/10/16 12:58:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/10/16 12:58:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/10/16 12:58:44 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/10/16 12:58:44 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/16 12:58:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/10/16 12:58:44 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OA001Mon] C:\WINDOWS\OA001Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8A177687-28EB-48DB-9CCB-5C5254D10568} file://D:\setup\Requirements\EduSpeak.EduSpeakX\EduSpeakX.cab (EduSpeak Recognizer ActiveX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.14.50.1 195.14.50.21
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/26 09:56:54 | 00,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/04/25 16:29:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/06 13:50:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009/11/06 13:21:34 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/06 13:19:40 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/11/06 13:19:40 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/11/06 13:19:40 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/11/06 13:19:40 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/11/06 13:19:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/06 12:54:56 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/06 12:43:27 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/05 17:42:24 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\%USERPROFILE%
[2009/11/05 05:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/05 05:57:03 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/05 05:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\SUPERAntiSpyware.com
[2009/11/05 05:56:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/05 05:51:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Malwarebytes
[2009/11/05 05:51:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/05 05:51:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/05 05:51:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/05 05:51:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/05 05:44:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/11/05 05:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\Downloads
[2009/11/05 05:32:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Mozilla
[2009/11/05 05:32:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Mozilla
[2009/11/05 05:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/11/05 05:28:17 | 00,092,019 | ---- | C] (Mozilla) -- C:\Documents and Settings\CFM East\Desktop\Firefox Setup 3.5.4.exe
[2009/11/04 12:32:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/01 08:26:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Temp
[2009/10/30 11:49:28 | 00,013,696 | ---- | C] (Skyhook Wireless) -- C:\WINDOWS\System32\drivers\wpsnuio.sys
[2009/10/30 11:49:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Skyhook Wireless
[2009/10/29 09:00:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/10/28 14:36:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\TOSHIBA
[2009/10/26 17:40:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/10/26 17:39:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2009/10/26 17:25:28 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/10/26 16:48:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Desktop\BASE & OPTION 1 BID package
[2009/10/26 16:43:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/10/26 16:38:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\Former Desktop Files
[2009/10/26 15:55:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\my documents
[2009/10/26 14:22:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\CutePDF Writer
[2009/10/26 14:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2009/10/26 14:10:03 | 00,000,000 | ---D | C] -- C:\Program Files\Acro Software
[2009/10/26 10:56:42 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2009/10/26 10:55:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Desktop\Work Folder
[2009/10/26 10:55:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/10/26 10:19:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Program Files\AutoCAD 2010
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Autodesk
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Autodesk
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/10/26 10:18:08 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/10/26 10:18:08 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/10/26 10:18:06 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/10/26 10:18:03 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/10/26 10:17:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/10/26 09:56:54 | 00,000,000 | ---D | C] -- C:\Autodesk
[2009/10/26 09:43:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\AdobeUM
[2009/10/26 09:19:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2009/10/24 08:14:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/10/24 06:11:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles

========== Files - Modified Within 30 Days ==========

[2009/11/07 18:36:34 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/07 18:33:50 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/11/07 18:32:00 | 00,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/07 14:01:10 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/07 09:12:16 | 00,557,242 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/07 09:12:16 | 00,466,982 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/07 09:12:16 | 00,080,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/07 09:08:22 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/11/07 09:08:15 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\WavXMapDrive.bat
[2009/11/07 09:08:14 | 00,189,747 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/07 09:08:13 | 00,053,196 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/11/07 09:08:11 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/07 09:07:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/07 09:07:48 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/07 09:07:43 | 37,454,06976 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/07 09:07:13 | 02,621,440 | -H-- | M] () -- C:\Documents and Settings\CFM East\NTUSER.DAT
[2009/11/07 09:07:00 | 04,840,176 | -H-- | M] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\IconCache.db
[2009/11/07 03:15:32 | 00,271,360 | ---- | M] () -- C:\Documents and Settings\CFM East\My Documents\backup.pst
[2009/11/07 03:15:32 | 00,271,360 | ---- | M] () -- C:\Documents and Settings\CFM East\My Documents\archive.pst
[2009/11/06 13:29:03 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/06 13:28:56 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/06 13:24:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Xé
[2009/11/06 13:21:38 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/06 12:52:35 | 03,562,655 | R--- | M] () -- C:\Documents and Settings\CFM East\Desktop\ComboFix.exe
[2009/11/06 10:53:52 | 00,267,264 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/11/06 03:14:58 | 00,291,328 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\gmer.exe
[2009/11/05 06:08:23 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\jamediwe
[2009/11/05 05:57:04 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/05 05:32:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/11/05 05:31:57 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/05 05:28:18 | 00,092,019 | ---- | M] (Mozilla) -- C:\Documents and Settings\CFM East\Desktop\Firefox Setup 3.5.4.exe
[2009/11/02 14:57:16 | 00,054,477 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\nutrametrix invoice.pdf
[2009/10/31 18:26:16 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Windows Media Player.lnk
[2009/10/31 14:48:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/30 12:13:53 | 00,095,232 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Mo_Kelley_TJ_NFL_picks_2009(1).xls
[2009/10/30 11:49:28 | 00,013,696 | ---- | M] (Skyhook Wireless) -- C:\WINDOWS\System32\drivers\wpsnuio.sys
[2009/10/27 05:20:03 | 00,349,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/26 17:38:38 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2009/10/26 11:13:24 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/10/26 10:56:14 | 00,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/26 10:19:16 | 00,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2009/10/26 10:10:41 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/25 06:11:34 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009/10/22 22:59:55 | 00,000,574 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CFM Server.lnk
[2009/10/22 05:43:48 | 00,268,800 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Project1.mpp
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/10/18 08:50:43 | 00,000,128 | ---- | M] () -- C:\Documents and Settings\CFM East\webct_upload_applet.properties

========== Files Created - No Company Name ==========

[2009/11/06 13:50:15 | 00,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/11/06 13:21:38 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/11/06 13:21:36 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/11/06 13:21:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Xé
[2009/11/06 13:19:40 | 00,267,264 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/06 13:19:40 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/06 13:19:40 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/06 13:19:40 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/06 13:19:40 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/06 12:52:35 | 03,562,655 | R--- | C] () -- C:\Documents and Settings\CFM East\Desktop\ComboFix.exe
[2009/11/05 05:57:04 | 00,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/05 05:51:45 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/05 05:32:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/05 05:31:57 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/05 05:16:43 | 04,840,176 | -H-- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\IconCache.db
[2009/11/02 14:57:15 | 00,054,477 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\nutrametrix invoice.pdf
[2009/10/30 12:13:53 | 00,095,232 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\Mo_Kelley_TJ_NFL_picks_2009(1).xls
[2009/10/28 14:36:00 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\SNMP_PP.DLL
[2009/10/27 15:40:27 | 00,271,360 | ---- | C] () -- C:\Documents and Settings\CFM East\My Documents\archive.pst
[2009/10/26 17:54:26 | 00,271,360 | ---- | C] () -- C:\Documents and Settings\CFM East\My Documents\backup.pst
[2009/10/26 17:38:38 | 00,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/10/26 17:38:38 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2009/10/26 17:19:53 | 00,332,288 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\pdx-ac7p.exe
[2009/10/26 14:10:17 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/10/26 10:19:16 | 00,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2009/10/22 22:59:55 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CFM Server.lnk
[2009/10/22 02:34:02 | 00,268,800 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\Project1.mpp
[2009/10/16 13:22:44 | 00,291,328 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\gmer.exe
[2009/09/11 08:22:45 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/08 05:05:12 | 00,012,912 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/08 05:05:12 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\CFM East\Application Data\desktop.ini
[2009/09/08 05:05:12 | 00,000,051 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\setup.txt
[2009/09/08 05:05:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\WavXMapDrive.bat
[2009/07/28 02:50:42 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/07/28 02:50:42 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/07/28 02:50:42 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/07/28 02:50:42 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/07/28 02:49:35 | 00,001,156 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/07/28 00:41:53 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/07/28 00:36:07 | 00,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/28 00:35:13 | 00,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/07/28 00:32:42 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/07/28 00:21:23 | 00,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/07/28 00:18:59 | 00,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/04/22 09:58:30 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\DTMessageLib.dll
[2009/04/10 12:01:12 | 00,143,360 | R--- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/02/26 16:54:52 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2009/02/26 16:54:50 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2009/02/26 16:54:48 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2009/02/26 16:54:48 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2009/02/26 16:54:46 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2009/02/26 16:54:44 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2009/02/26 16:54:44 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2009/02/26 16:54:42 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2009/02/26 16:54:40 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2009/02/26 16:54:40 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2009/02/26 16:54:38 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2009/02/26 16:54:36 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2009/02/26 16:54:34 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2009/02/26 16:54:34 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2009/02/26 16:54:32 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2009/02/26 16:54:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2009/02/26 16:54:30 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2009/02/26 16:54:28 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2009/02/26 16:54:28 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2009/02/26 16:54:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2009/02/26 16:54:24 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2009/02/26 16:54:24 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2009/02/26 16:54:20 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2009/02/26 16:54:20 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2009/02/17 09:51:28 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2009/02/17 09:51:28 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2009/02/17 09:51:26 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2009/02/17 09:51:24 | 00,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2009/02/17 09:51:24 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2009/02/17 09:51:24 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2009/02/17 09:51:22 | 00,565,248 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2009/02/17 09:51:22 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2009/02/17 09:51:20 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fi.dll
[2009/02/17 09:51:20 | 00,479,232 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2009/02/17 09:51:20 | 00,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2009/02/17 09:51:18 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2009/02/17 09:51:16 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2009/02/17 09:51:16 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2009/02/17 09:51:16 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2009/02/17 09:51:14 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2009/02/17 09:51:04 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_cs.dll
[2009/02/17 09:51:04 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ar.dll
[2009/02/17 09:51:02 | 00,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_el.dll
[2009/02/17 09:51:02 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_he.dll
[2009/02/17 09:51:00 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-PT.dll
[2009/02/17 09:51:00 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_hu.dll
[2009/02/17 09:50:58 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ro.dll
[2009/02/17 09:50:58 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_tr.dll
[2009/02/17 08:46:36 | 00,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2009/01/06 16:25:36 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2008/12/22 14:13:54 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2008/10/06 18:36:56 | 00,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2008/08/15 08:46:30 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/04/25 16:26:32 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 11:16:28 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2008/04/25 11:16:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2008/04/25 04:22:23 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/03/25 09:46:00 | 00,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/19 05:52:16 | 00,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 05:28:10 | 00,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/06/30 12:58:44 | 00,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 12:58:44 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/12 08:01:16 | 00,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/02/17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/09/10 13:34:00 | 00,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/19 17:28:38 | 01,519,616 | ---- | C] () -- C:\WINDOWS\rcapi.dll
[2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 284 bytes -> C:\WINDOWS\System32\Xé:]pctlsp.log
< End of report >
Go to the top of the page
 
+Quote Post
oldman960
post Nov 7 2009, 11:28 PM
Post #17


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,727
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Hi TJS12,

We need some file informantion
  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path, one at a time if more than file is listed, into the "Suspicious files to scan" box on the top of the page:

    C:\WINDOWS\System32\jamediwe
  • Click on the Upload button
  • Please ensure the scan is complete and the results saved before submitting the next.
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.

Thanks
Go to the top of the page
 
+Quote Post
TJS12
post Nov 8 2009, 02:49 AM
Post #18


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
VirSCAN.org Scanned Report :
Scanned time : 2009/11/08 16:31:28 (CST)
Scanner results: Scanners did not find malware!
File Name : jamediwe
File Size : 6456 byte
File Type : data
MD5 : 3702f76e34383cf7ae666d29a346d4b7
SHA1 : 7c3d3368f610db451a640ac58fc108775bad6a34
Online report : http://virscan.org/report/84b3a1971312018c...1c5cac804d.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20091108053125 2009-11-08 5.14 -
AhnLab V3 2009.11.07.00 2009.11.07 2009-11-07 1.61 -
AntiVir 8.2.1.61 7.1.6.203 2009-11-06 0.22 -
Antiy 2.0.18 20091105.3216324 2009-11-05 0.12 -
Arcavir 2009 200911070243 2009-11-07 0.02 -
Authentium 5.1.1 200911080353 2009-11-08 1.20 -
AVAST! 4.7.4 091107-1 2009-11-07 0.00 -
AVG 8.5.288 270.14.54/2488 2009-11-08 0.30 -
BitDefender 7.81008.4482326 7.28809 2009-11-08 4.00 -
CA (VET) 35.1.0 7107 2009-11-05 14.14 -
ClamAV 0.95.2 9999 2009-11-07 0.01 -
Comodo 3.12 2882 2009-11-08 0.77 -
CP Secure 1.3.0.5 2009.11.08 2009-11-08 0.01 -
Dr.Web 4.44.0.9170 2009.11.08 2009-11-08 6.48 -
F-Prot 4.4.4.56 20091107 2009-11-07 1.17 -
F-Secure 7.02.73807 2009.11.07.01 2009-11-07 0.05 -
Fortinet 2.81-3.120 11.35 2009-11-07 0.18 -
GData 19.8765/19.544 20091108 2009-11-08 7.93 -
ViRobot 20091106 2009.11.06 2009-11-06 0.43 -
Ikarus T3.1.01.74 2009.11.08.74482 2009-11-08 4.00 -
JiangMin 11.0.800 2009.11.08 2009-11-08 4.23 -
Kaspersky 5.5.10 2009.11.08 2009-11-08 0.03 -
KingSoft 2009.2.5.15 2009.11.7.15 2009-11-07 0.88 -
McAfee 5.3.00 5795 2009-11-07 3.35 -
Microsoft 1.5202 2009.11.08 2009-11-08 6.21 -
Norman 6.01.09 6.01.00 2009-11-06 4.01 -
Panda 9.05.01 2009.11.07 2009-11-07 3.32 -
Trend Micro 8.700-1004 6.612.02 2009-11-07 0.02 -
Quick Heal 10.00 2009.11.07 2009-11-07 1.46 -
Rising 20.0 21.54.61.00 2009-11-08 0.29 -
Sophos 3.00.1 4.46 2009-11-08 2.98 -
Sunbelt 5496 5496 2009-11-07 1.84 -
Symantec 1.3.0.24 20091107.004 2009-11-07 0.26 -
nProtect 20091108.01 6121832 2009-11-08 8.99 -
The Hacker 6.5.0.2 v00063 2009-11-06 0.68 -
VBA32 3.12.10.11 20091107.1528 2009-11-07 2.07 -
VirusBuster 4.5.11.10 10.113.10/2003696 2009-11-07 2.47 -
Go to the top of the page
 
+Quote Post
oldman960
post Nov 8 2009, 11:51 AM
Post #19


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,727
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Hi TJS12,

Your java is out of date. Click your start button, open Control panel.
  • Locate the Java icon (it looks like a coffee cup)
  • double click it to open it
  • click the Update tab
  • Click update now


After the java is updated, reboot your computer if not prompted to.


Next, clear the java cache

To clear the Java Plug-in cache:
  • Click Start > Control Panel.
  • Double-click the Java icon in the control panel.
  • On the General tab, Click Settings under Temporary Internet Files.
  • On the Temporary Files Settings screen, Click Delete Files.
  • check all boxes
  • Click OK


*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


Please go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions.
  • You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computerr under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Change the Files of type to Text file (.txt)
  • Set the Save In to Desktop
  • click the Save button.
  • Please post this log in your next reply.


Please post back with
  • Kaspersky log
How's the computer?

Thanks
Go to the top of the page
 
+Quote Post
TJS12
post Nov 8 2009, 03:30 PM
Post #20


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, November 8, 2009
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, November 08, 2009 18:34:08
Records in database: 3177944
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 68828
Threats found: 6
Infected objects found: 8
Suspicious objects found: 3
Scan duration: 02:07:24


File name / Threat / Threats count
C:\Documents and Settings\CFM East\Local Settings\Application Data\Identities\{1EBC9592-B53B-4312-916E-5C40CCD4F9FE}\Microsoft\Outlook Express\Deleted Items.dbx Suspicious: Password-protected-EXE 1
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Suspicious: Password-protected-EXE 2
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Small.zo 1
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Bredolab.arz 1
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Small.zs 2
C:\Qoobox\Quarantine\C\WINDOWS\system32\_sdra64_.exe.zip Infected: Trojan-Spy.Win32.Zbot.gen 1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\3JNO1EFJ\Z[1].exe Infected: Trojan-Spy.Win32.Zbot.gen 1
C:\_OTL\MovedFiles\11062009_124327\C_WINDOWS\system32\huyasuzo.dll Infected: Packed.Win32.Katusha.g 1
C:\_OTL\MovedFiles\11062009_124327\C_WINDOWS\system32\vebiwoju.dll Infected: Packed.Win32.Katusha.g 1

Selected area has been scanned.
Go to the top of the page
 
+Quote Post
TJS12
post Nov 8 2009, 03:31 PM
Post #21


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
it's running much better... but I see there are still issues
Go to the top of the page
 
+Quote Post
oldman960
post Nov 8 2009, 04:22 PM
Post #22


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,727
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Hi TJS12,

Not too bad. Mostly emails. Some of the detections are in files we have already quarantined.

We can't use a tool to remove the ones in your mailboxes as we would probably corrupt the account.

Open OutLook Express and empty the Deleted Items folder in every account on the computer.

Now for these, I can't tell you the name of the emails so you will ned to clean out what you can.
QUOTE
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Suspicious: Password-protected-EXE 2
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Small.zo 1
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Bredolab.arz 1
C:\Documents and Settings\CFM East\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Infected: Backdoor.Win32.Small.zs 2
These are located in OutLook. Open the program and remove any old unsolicited emails. The bad ones usually have an attachment. Also empty the Deleted Items. Again do this with every account.

Next, Double click on OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :

CODE
:Files
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\3JNO1EFJ\Z[1].exe
C:\WINDOWS\System32\jamediwe
C:\WINDOWS\System32\Xé
:Commands
[emptytemp]
[Reboot]


Then click the Run Fix button at the top
  • Let the program run unhindered
.

One final log

  • Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output
  • UNcheck the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.


Please post back with the OTL.txt.

Any problems?

Thanks
Go to the top of the page
 
+Quote Post
TJS12
post Nov 8 2009, 04:38 PM
Post #23


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
OTL logfile created on: 11/8/2009 5:35:58 PM - Run 3
OTL by OldTimer - Version 3.1.3.4 Folder = C:\Documents and Settings\CFM East\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.70 Gb Total Space | 207.98 Gb Free Space | 89.38% Space Free | Partition Type: NTFS
Drive D: | 581.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CFMEAST
Current User Name: CFM East
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\CFM East\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
PRC - C:\WINDOWS\system32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\system32\BCMWLTRY.EXE (Dell Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
PRC - C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
PRC - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
PRC - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
PRC - C:\WINDOWS\OA001Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
PRC - C:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
PRC - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
PRC - C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE ()
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\CFM East\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui1.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui0.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntlanman.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\davclnt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\drprov.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netrap.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (wltrysvc) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (dcpsysmgrsvc) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (STacSV) -- c:\drivers\audio\R213367\stacsv.exe (IDT, Inc.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (ASFAgent) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (WavxDMgr) -- C:\WINDOWS\system32\drivers\WavxDMgr.sys (Wave Systems Corp.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (OA001Ufd) -- C:\WINDOWS\system32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (OA001Vid) -- C:\WINDOWS\system32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - (OA001Afx) -- C:\WINDOWS\system32\drivers\OA001Afx.sys (Creative Technology Ltd.)
DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (AESTAud) -- C:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation)
DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (cvusbdrv) -- C:\WINDOWS\system32\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (PBADRV) -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys (Dell Inc)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USREL/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USREL/1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/28 00:10:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/15 02:00:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/06 15:21:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/06 15:21:35 | 00,000,000 | ---D | M]

[2009/11/05 05:32:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Extensions
[2009/11/05 05:32:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/07 15:54:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Firefox\Profiles\28wjzkua.default\extensions
[2009/11/05 05:33:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CFM East\Application Data\Mozilla\Firefox\Profiles\28wjzkua.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/05 05:31:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/06 15:21:35 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/06 15:21:31 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 15:21:31 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/06 15:21:32 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/16 12:58:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/10/16 12:58:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/10/16 12:58:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/10/16 12:58:44 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/10/16 12:58:44 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/16 12:58:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/10/16 12:58:44 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OA001Mon] C:\WINDOWS\OA001Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8A177687-28EB-48DB-9CCB-5C5254D10568} file://D:\setup\Requirements\EduSpeak.EduSpeakX\EduSpeakX.cab (EduSpeak Recognizer ActiveX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.14.50.1 195.14.50.21
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/26 09:56:54 | 00,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/04/25 16:29:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/22 08:36:02 | 00,000,060 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/06 13:50:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009/11/06 13:21:34 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/06 13:19:40 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/11/06 13:19:40 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/11/06 13:19:40 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/11/06 13:19:40 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/11/06 13:19:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/06 12:54:56 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/06 12:43:27 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/05 17:42:24 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\%USERPROFILE%
[2009/11/05 05:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/05 05:57:03 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/05 05:57:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\SUPERAntiSpyware.com
[2009/11/05 05:56:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/05 05:51:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Malwarebytes
[2009/11/05 05:51:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/05 05:51:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/05 05:51:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/05 05:51:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/05 05:44:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/11/05 05:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\Downloads
[2009/11/05 05:32:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Mozilla
[2009/11/05 05:32:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Mozilla
[2009/11/05 05:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/11/05 05:28:17 | 00,092,019 | ---- | C] (Mozilla) -- C:\Documents and Settings\CFM East\Desktop\Firefox Setup 3.5.4.exe
[2009/11/04 12:32:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/01 08:26:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Temp
[2009/10/30 11:49:28 | 00,013,696 | ---- | C] (Skyhook Wireless) -- C:\WINDOWS\System32\drivers\wpsnuio.sys
[2009/10/30 11:49:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Skyhook Wireless
[2009/10/29 09:00:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/10/28 14:36:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\TOSHIBA
[2009/10/26 17:40:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/10/26 17:39:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2009/10/26 17:25:28 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/10/26 16:48:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Desktop\BASE & OPTION 1 BID package
[2009/10/26 16:43:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/10/26 16:38:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\Former Desktop Files
[2009/10/26 15:55:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\My Documents\my documents
[2009/10/26 14:22:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\CutePDF Writer
[2009/10/26 14:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2009/10/26 14:10:03 | 00,000,000 | ---D | C] -- C:\Program Files\Acro Software
[2009/10/26 10:56:42 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2009/10/26 10:55:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Desktop\Work Folder
[2009/10/26 10:55:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/10/26 10:19:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Program Files\AutoCAD 2010
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Local Settings\Application Data\Autodesk
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\Autodesk
[2009/10/26 10:18:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/10/26 10:18:08 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/10/26 10:18:08 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/10/26 10:18:06 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/10/26 10:18:03 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/10/26 10:17:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/10/26 09:56:54 | 00,000,000 | ---D | C] -- C:\Autodesk
[2009/10/26 09:43:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CFM East\Application Data\AdobeUM
[2009/10/26 09:19:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2009/10/24 08:14:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/10/24 06:11:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles

========== Files - Modified Within 30 Days ==========

[2009/11/08 17:35:56 | 00,557,242 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/08 17:35:56 | 00,466,982 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/08 17:35:56 | 00,080,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/08 17:32:00 | 00,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/08 17:32:00 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/11/08 17:31:53 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/11/08 17:31:48 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\WavXMapDrive.bat
[2009/11/08 17:31:47 | 00,189,747 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/08 17:31:46 | 00,053,196 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/11/08 17:31:19 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/08 17:31:07 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/08 17:31:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/08 17:31:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/08 17:31:00 | 37,454,06976 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/08 17:30:22 | 02,883,584 | -H-- | M] () -- C:\Documents and Settings\CFM East\NTUSER.DAT
[2009/11/08 17:29:50 | 00,271,360 | ---- | M] () -- C:\Documents and Settings\CFM East\My Documents\backup.pst
[2009/11/08 17:29:50 | 00,271,360 | ---- | M] () -- C:\Documents and Settings\CFM East\My Documents\archive.pst
[2009/11/07 18:36:34 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/07 09:07:00 | 04,840,176 | -H-- | M] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\IconCache.db
[2009/11/06 13:29:03 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/06 13:28:56 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/06 13:21:38 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/06 12:52:35 | 03,562,655 | R--- | M] () -- C:\Documents and Settings\CFM East\Desktop\ComboFix.exe
[2009/11/06 10:53:52 | 00,267,264 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/11/06 03:14:58 | 00,291,328 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\gmer.exe
[2009/11/05 05:57:04 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/05 05:32:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/11/05 05:31:57 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/05 05:28:18 | 00,092,019 | ---- | M] (Mozilla) -- C:\Documents and Settings\CFM East\Desktop\Firefox Setup 3.5.4.exe
[2009/11/02 14:57:16 | 00,054,477 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\nutrametrix invoice.pdf
[2009/10/31 18:26:16 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Windows Media Player.lnk
[2009/10/31 14:48:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/30 12:13:53 | 00,095,232 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Mo_Kelley_TJ_NFL_picks_2009(1).xls
[2009/10/30 11:49:28 | 00,013,696 | ---- | M] (Skyhook Wireless) -- C:\WINDOWS\System32\drivers\wpsnuio.sys
[2009/10/27 05:20:03 | 00,349,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/26 17:38:38 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2009/10/26 11:13:24 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/10/26 10:56:14 | 00,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/26 10:19:16 | 00,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2009/10/26 10:10:41 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/25 06:11:34 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009/10/22 22:59:55 | 00,000,574 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CFM Server.lnk
[2009/10/22 05:43:48 | 00,268,800 | ---- | M] () -- C:\Documents and Settings\CFM East\Desktop\Project1.mpp
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/10/18 08:50:43 | 00,000,128 | ---- | M] () -- C:\Documents and Settings\CFM East\webct_upload_applet.properties

========== Files Created - No Company Name ==========

[2009/11/06 13:50:15 | 00,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/11/06 13:21:38 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/11/06 13:21:36 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/11/06 13:19:40 | 00,267,264 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/06 13:19:40 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/06 13:19:40 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/06 13:19:40 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/06 13:19:40 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/06 12:52:35 | 03,562,655 | R--- | C] () -- C:\Documents and Settings\CFM East\Desktop\ComboFix.exe
[2009/11/05 05:57:04 | 00,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/05 05:51:45 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/05 05:32:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/05 05:31:57 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/05 05:16:43 | 04,840,176 | -H-- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\IconCache.db
[2009/11/02 14:57:15 | 00,054,477 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\nutrametrix invoice.pdf
[2009/10/30 12:13:53 | 00,095,232 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\Mo_Kelley_TJ_NFL_picks_2009(1).xls
[2009/10/28 14:36:00 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\SNMP_PP.DLL
[2009/10/27 15:40:27 | 00,271,360 | ---- | C] () -- C:\Documents and Settings\CFM East\My Documents\archive.pst
[2009/10/26 17:54:26 | 00,271,360 | ---- | C] () -- C:\Documents and Settings\CFM East\My Documents\backup.pst
[2009/10/26 17:38:38 | 00,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/10/26 17:38:38 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2009/10/26 17:19:53 | 00,332,288 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\pdx-ac7p.exe
[2009/10/26 14:10:17 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/10/26 10:19:16 | 00,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2009/10/22 22:59:55 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CFM Server.lnk
[2009/10/22 02:34:02 | 00,268,800 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\Project1.mpp
[2009/10/16 13:22:44 | 00,291,328 | ---- | C] () -- C:\Documents and Settings\CFM East\Desktop\gmer.exe
[2009/09/11 08:22:45 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/08 05:05:12 | 00,012,912 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/08 05:05:12 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\CFM East\Application Data\desktop.ini
[2009/09/08 05:05:12 | 00,000,051 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\setup.txt
[2009/09/08 05:05:12 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\CFM East\Local Settings\Application Data\WavXMapDrive.bat
[2009/07/28 02:50:42 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/07/28 02:50:42 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/07/28 02:50:42 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/07/28 02:50:42 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/07/28 02:49:35 | 00,001,156 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/07/28 00:41:53 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/07/28 00:36:07 | 00,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/28 00:35:13 | 00,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/07/28 00:32:42 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/07/28 00:21:23 | 00,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/07/28 00:18:59 | 00,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/04/22 09:58:30 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\DTMessageLib.dll
[2009/04/10 12:01:12 | 00,143,360 | R--- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/02/26 16:54:52 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2009/02/26 16:54:50 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2009/02/26 16:54:48 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2009/02/26 16:54:48 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2009/02/26 16:54:46 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2009/02/26 16:54:44 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2009/02/26 16:54:44 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2009/02/26 16:54:42 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2009/02/26 16:54:40 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2009/02/26 16:54:40 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2009/02/26 16:54:38 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2009/02/26 16:54:36 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2009/02/26 16:54:34 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2009/02/26 16:54:34 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2009/02/26 16:54:32 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2009/02/26 16:54:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2009/02/26 16:54:30 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2009/02/26 16:54:28 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2009/02/26 16:54:28 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2009/02/26 16:54:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2009/02/26 16:54:24 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2009/02/26 16:54:24 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2009/02/26 16:54:20 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2009/02/26 16:54:20 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2009/02/17 09:51:28 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2009/02/17 09:51:28 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2009/02/17 09:51:26 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2009/02/17 09:51:24 | 00,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2009/02/17 09:51:24 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2009/02/17 09:51:24 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2009/02/17 09:51:22 | 00,565,248 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2009/02/17 09:51:22 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2009/02/17 09:51:20 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fi.dll
[2009/02/17 09:51:20 | 00,479,232 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2009/02/17 09:51:20 | 00,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2009/02/17 09:51:18 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2009/02/17 09:51:16 | 00,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2009/02/17 09:51:16 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2009/02/17 09:51:16 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2009/02/17 09:51:14 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2009/02/17 09:51:04 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_cs.dll
[2009/02/17 09:51:04 | 00,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ar.dll
[2009/02/17 09:51:02 | 00,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_el.dll
[2009/02/17 09:51:02 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_he.dll
[2009/02/17 09:51:00 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-PT.dll
[2009/02/17 09:51:00 | 00,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_hu.dll
[2009/02/17 09:50:58 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ro.dll
[2009/02/17 09:50:58 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_tr.dll
[2009/02/17 08:46:36 | 00,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2009/01/06 16:25:36 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2008/12/22 14:13:54 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2008/10/06 18:36:56 | 00,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2008/08/15 08:46:30 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/04/25 16:26:32 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 11:16:28 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2008/04/25 11:16:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2008/04/25 04:22:23 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/03/25 09:46:00 | 00,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/19 05:52:16 | 00,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 05:28:10 | 00,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/06/30 12:58:44 | 00,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 12:58:44 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/12 08:01:16 | 00,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/02/17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/09/10 13:34:00 | 00,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/19 17:28:38 | 01,519,616 | ---- | C] () -- C:\WINDOWS\rcapi.dll
[2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
< End of report >
Go to the top of the page
 
+Quote Post
TJS12
post Nov 8 2009, 04:40 PM
Post #24


New Member
*

Group: Authentic Member
Posts: 17
Joined: 5-November 09
Member No.: 88,678
Operating System: Windows XP, 2003, Service pack 3
I don't see any overt problems in how the computer is operating.....
Go to the top of the page
 
+Quote Post
oldman960
post Nov 8 2009, 07:27 PM
Post #25


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,727
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Hi TJS12,

Good, we can clean up our tools.

From your desktop, please delete, if present
  • any notepads/logs that we created
  • GMER.exe
  • GMER.zip


Next

Click the Start button, click Run. Copy and paste the following line into the run box and click OK
Combofix /uninstall

Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

Updates and upgrades

QUOTE
AV: PC Tools AntiVirus 6.1.0.25 *On-access scanning enabled* (Outdated)
From the combofix log. Any reason your antivirus program is out of date?

Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. You have an antivirus program and 2 on demand antispyware program. That's ok as they are on demand they won't conflict with each other.

I recommend you use an antispyware program with resident (real time) scanning. I suggest

Winpatrol
OR
Windows Defender

* If you are behind a router Windows firewall should be fine. Otherwise a 3rd party firewall with outbound monitoring is recommended.

Click FIREWALL for tips, reviews and links to good, free and paid for firewalls. (Note: Zone Alarm is becoming bloatware)

You should also use Spyware Blaster to help immunize your computer.

- SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.

OR

A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS

Please read the info on disabling the DNS Client before installing a custom hosts file.

-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

- Keeping your Windows up-to-date is crucial to your computer's security. Please go to the Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis

- Ensure that Automatic Update is turned on so you get all the latest patches.
Click start, control panel, click Security Center.

- Keep your antivirus program updated, as well as any other security programs you have.

-Check this site out to check for out of date programs
Secunia Personal Software Inspector (PSI) 1.0

-More tips and programs can be found HERE

- You may also want to read this article By Tony Klein
http://www.freedomlist.com/forum/viewtopic.php?t=22879

We will keep this thread open for a couple of days. Please post back if you have any problems or questions. Please post back when you have finished so this thread can be marked "Resolved".

Take care
Go to the top of the page
 
+Quote Post
oldman960
post Nov 11 2009, 12:04 AM
Post #26


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,727
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Go to the top of the page
 
+Quote Post
« Next Oldest · Infections Removal · Next Newest »
 

2 Pages V  < 1 2
Closed TopicStart new topic

 
RSS Time is now: 18th March 2010 - 07:42 AM
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
Powered By IP.Board © 2010  IPS, Inc.