Dell w/Windows Vista just had virus removed, still bugging

otl.txt

OTL logfile created on: 11/21/2011 6:18:22 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rebecca Marheine\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18762)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.99 Gb Available Physical Memory | 75.51% Memory free
8.10 Gb Paging File | 7.23 Gb Available in Paging File | 89.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 251.74 Gb Free Space | 88.83% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 6.08 Gb Free Space | 41.53% Space Free | Partition Type: NTFS

Computer Name: REBECCAMARHE-PC | User Name: Rebecca Marheine | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/21 17:47:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/18 14:32:28 | 000,161,168 | ---- | M] () [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/10/18 14:23:24 | 000,208,536 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/10/18 14:23:06 | 000,199,272 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/28 12:28:54 | 000,225,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\McAfee\MSC\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/12/22 05:35:16 | 000,032,768 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/12/14 23:13:46 | 000,281,600 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/14 23:13:30 | 000,088,576 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2011/10/28 18:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/15 23:36:08 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/05/15 23:36:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/02/10 18:11:00 | 000,020,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe -- (OnlineBackupSchedulerService)
SRV - [2010/02/02 19:02:52 | 000,024,576 | ---- | M] (DigiData Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe -- (FilesystemWatcher)
SRV - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Stopped] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/15 13:16:16 | 000,647,080 | ---- | M] () [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,481,768 | ---- | M] () [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/10/15 13:16:16 | 000,284,648 | ---- | M] () [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,229,528 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,160,280 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,100,912 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/10/15 13:16:16 | 000,075,808 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,065,264 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/11/06 11:00:36 | 000,135,280 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2009/11/06 11:00:34 | 000,037,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/22 05:34:48 | 000,022,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/12/17 04:22:04 | 001,526,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/12/14 23:13:56 | 000,472,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/09 00:12:36 | 008,036,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/12/08 00:32:48 | 000,068,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/09/04 00:29:22 | 000,199,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/03 03:44:22 | 000,307,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2008/09/03 03:44:22 | 000,168,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008/09/01 05:19:24 | 000,392,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/09/01 05:15:58 | 000,395,288 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/07/07 11:23:56 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:64bit: - [2008/06/02 15:28:52 | 000,247,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2008/01/20 21:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/11/15 19:30:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011/11/14 19:09:03 | 000,000,000 | ---D | M]

[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions
[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

O1 HOSTS File: ([2011/11/20 21:12:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111114190746.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111114190747.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O3:64bit: - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Online Backup Auto Update] C:\Program Files (x86)\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Vault Explorer Cache Watcher] C:\Program Files (x86)\Verizon\Online Backup & Sharing\vewatch.exe (DigiData Corp.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Rebecca Marheine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2009/06/03 14:04:46 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{943C0FDB-5E56-406E-B497-1A9DEB0BA382}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0C3480D-E1C2-40B5-AFE2-1E3B6B153D7D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/11/21 17:41:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/20 22:08:42 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/20 22:04:37 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:13:03 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\temp
[2011/11/20 20:20:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/20 20:20:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/20 20:20:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/20 20:19:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/20 20:19:34 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/11/20 20:18:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/20 16:56:08 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 14:29:35 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Malwarebytes
[2011/11/20 14:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/20 14:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/20 14:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/20 12:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/14 18:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2011/11/14 18:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2011/11/14 18:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/11/14 18:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/11/14 18:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/11/14 18:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2011/11/13 18:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/11/13 18:03:00 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2011/11/13 15:51:04 | 000,000,000 | ---D | C] -- C:\mfe
[2011/11/13 15:35:00 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011/11/13 14:59:56 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\Documents\VRTOOLS
[2011/11/13 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/11/13 14:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2011/11/13 13:12:38 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Citrix
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Deployment
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Apps
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/13 12:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2011/11/11 13:48:23 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder (1)
[2011/11/11 13:47:54 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder
[2011/11/06 08:04:33 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2011/11/06 08:04:26 | 005,359,888 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/11/06 08:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2011/11/06 07:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AML Products
[2011/11/05 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Xenocode
[2011/10/30 12:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2011/10/28 12:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2011/10/28 12:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\verizontb
[2011/10/28 12:11:45 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/10/28 12:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Online Backup and Sharing
[2011/10/28 12:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DigiData
[2011/10/28 12:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon Online Backup
[2011/10/28 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\SupportSoft
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VERIZONDM
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2011/10/28 12:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SupportSoft
[2011/10/28 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon
[2011/10/28 11:47:44 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/10/27 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\PIMVLibraries
[2011/10/22 22:47:22 | 000,000,000 | ---D | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2011/11/21 18:12:24 | 000,006,756 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2011/11/21 18:10:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/21 17:47:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/21 17:35:48 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/21 17:35:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 17:35:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 17:35:17 | 431,117,067 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/21 17:11:24 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/21 00:22:28 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/20 22:12:31 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 22:08:41 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 22:05:04 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/20 19:58:14 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 16:57:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 16:10:48 | 000,302,592 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | M] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 12:48:32 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/19 12:10:29 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/16 21:04:20 | 000,002,737 | ---- | M] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/14 18:30:00 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/11/14 18:30:00 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/11/08 07:38:53 | 000,648,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/08 07:38:53 | 000,119,758 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/08 07:38:53 | 000,004,880 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/06 08:03:59 | 005,359,888 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/10/28 12:16:58 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 11:50:08 | 000,001,931 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk

heres the rest of it

========== Files Created - No Company Name ==========

[2011/11/20 22:08:41 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 21:59:32 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 20:20:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/20 20:20:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/20 20:20:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/20 20:20:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/20 20:20:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/20 19:58:14 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 16:04:48 | 000,302,592 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:17 | 000,025,416 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/20 12:51:52 | 431,117,067 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:48:32 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/20 00:43:32 | 000,000,414 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/14 18:34:55 | 000,010,248 | ---- | C] () -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2011/11/14 18:34:52 | 000,161,168 | ---- | C] () -- C:\Windows\SysNative\mfevtps.exe
[2011/11/14 18:34:48 | 000,647,080 | ---- | C] () -- C:\Windows\SysNative\drivers\mfehidk.sys
[2011/11/14 18:34:48 | 000,481,768 | ---- | C] () -- C:\Windows\SysNative\drivers\mfefirek.sys
[2011/11/14 18:34:48 | 000,284,648 | ---- | C] () -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2011/11/14 18:34:48 | 000,229,528 | ---- | C] () -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2011/11/14 18:34:48 | 000,160,280 | ---- | C] () -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2011/11/14 18:34:48 | 000,100,912 | ---- | C] () -- C:\Windows\SysNative\drivers\mferkdet.sys
[2011/11/14 18:34:48 | 000,075,808 | ---- | C] () -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2011/11/14 18:34:48 | 000,065,264 | ---- | C] () -- C:\Windows\SysNative\drivers\cfwids.sys
[2011/11/13 15:00:12 | 000,000,958 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/11/13 15:00:12 | 000,000,935 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/13 15:00:12 | 000,000,930 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/13 15:00:12 | 000,000,258 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/13 15:00:12 | 000,000,240 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/13 15:00:10 | 000,002,737 | ---- | C] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/13 15:00:10 | 000,002,585 | ---- | C] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/13 15:00:10 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/13 15:00:10 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/11/13 15:00:10 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2011/11/13 15:00:10 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/11/13 14:57:30 | 003,908,082 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\VRTOOLS.zip
[2011/11/13 14:45:15 | 000,293,776 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\autoruns.zip
[2011/10/28 12:16:58 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 12:12:50 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/10/28 12:12:50 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/10/28 12:11:51 | 023,896,576 | ---- | C] () -- C:\Windows\VzInHomeAgentInstaller.msi
[2011/10/28 12:05:31 | 009,782,784 | ---- | C] () -- C:\Windows\VerizonDM.msi
[2011/10/28 11:50:08 | 000,001,931 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk
[2009/12/09 18:57:23 | 000,003,584 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 12:10:39 | 000,006,756 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2009/06/08 14:38:33 | 001,058,871 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\UserTile.png
[2009/06/03 16:37:52 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/05/08 08:24:24 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/05/08 08:24:24 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/05/08 08:24:24 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/05/08 08:16:38 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/05/08 08:16:38 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/05/08 06:02:21 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/10/28 12:11:45 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/06 08:04:33 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2009/10/26 16:30:54 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Smith Micro
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/10/28 12:01:31 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/11/20 22:08:42 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/20 23:10:01 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/21 17:11:24 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2008/01/20 21:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/06/24 05:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2009/05/08 08:24:37 | 000,003,456 | R--- | M] () -- C:\dell.sdr
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/11/21 18:10:09 | 274,145,279 | -HS- | M] () -- C:\pagefile.sys
[2011/11/13 14:03:51 | 000,000,000 | ---- | M] () -- C:\ProgramData.LOG1
[2011/11/13 14:03:51 | 000,000,000 | ---- | M] () -- C:\ProgramData.LOG2
[2009/06/03 14:37:47 | 000,000,000 | ---- | M] () -- C:\Updates.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 10:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 10:06:41 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2008/12/04 22:55:20 | 000,307,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/11/13 15:51:03 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/14 13:26:13 | 000,000,286 | -HS- | M] () -- C:\Users\Rebecca Marheine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/11/21 17:47:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/20 16:10:48 | 000,302,592 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/11/20 22:05:04 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/06/03 13:49:48 | 000,000,402 | -HS- | M] () -- C:\Users\Rebecca Marheine\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

new otl.txt

OTL logfile created on: 11/21/2011 7:35:49 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rebecca Marheine\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18762)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 54.06% Memory free
8.10 Gb Paging File | 5.91 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 247.91 Gb Free Space | 87.47% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 6.08 Gb Free Space | 41.53% Space Free | Partition Type: NTFS

Computer Name: REBECCAMARHE-PC | User Name: Rebecca Marheine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/21 19:33:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/15 23:36:08 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/05/15 23:36:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/05/15 23:35:50 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 10:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/12/08 20:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2010/08/09 23:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009/06/04 11:11:27 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\38b9d09539b67b08ee996db6c71f8a9b\System.Xml.ni.dll
MOD - [2009/06/04 11:10:57 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll
MOD - [2009/06/04 11:10:48 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/12/22 05:35:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/12/14 23:13:46 | 000,281,600 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/14 23:13:30 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2011/10/28 18:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/15 23:36:08 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/05/15 23:36:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/02/10 18:11:00 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe -- (OnlineBackupSchedulerService)
SRV - [2010/02/02 19:02:52 | 000,024,576 | ---- | M] (DigiData Corp.) [Auto | Running] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe -- (FilesystemWatcher)
SRV - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Stopped] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/11/06 11:00:36 | 000,135,280 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2009/11/06 11:00:34 | 000,037,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/22 05:34:48 | 000,022,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/12/17 04:22:04 | 001,526,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/12/14 23:13:56 | 000,472,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/09 00:12:36 | 008,036,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/12/08 00:32:48 | 000,068,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/09/04 00:29:22 | 000,199,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/03 03:44:22 | 000,307,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2008/09/03 03:44:22 | 000,168,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008/09/01 05:19:24 | 000,392,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/09/01 05:15:58 | 000,395,288 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/07/07 11:23:56 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:64bit: - [2008/06/02 15:28:52 | 000,247,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2008/01/20 21:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore

[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions
[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

O1 HOSTS File: ([2011/11/20 21:12:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O3:64bit: - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Online Backup Auto Update] C:\Program Files (x86)\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Vault Explorer Cache Watcher] C:\Program Files (x86)\Verizon\Online Backup & Sharing\vewatch.exe (DigiData Corp.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Rebecca Marheine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2009/06/03 14:04:46 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{943C0FDB-5E56-406E-B497-1A9DEB0BA382}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0C3480D-E1C2-40B5-AFE2-1E3B6B153D7D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/21 19:33:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/20 22:08:42 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/20 22:04:37 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:13:03 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\temp
[2011/11/20 20:20:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/20 20:20:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/20 20:20:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/20 20:19:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/20 20:19:34 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/11/20 20:18:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/20 16:56:08 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 14:29:35 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Malwarebytes
[2011/11/20 14:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/20 14:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/20 14:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/20 12:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/13 18:03:00 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2011/11/13 15:51:04 | 000,000,000 | ---D | C] -- C:\mfe
[2011/11/13 15:35:00 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011/11/13 14:59:56 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\Documents\VRTOOLS
[2011/11/13 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/11/13 14:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2011/11/13 13:12:38 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Citrix
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Deployment
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Apps
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/13 12:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2011/11/11 13:48:23 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder (1)
[2011/11/11 13:47:54 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder
[2011/11/06 08:04:33 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2011/11/06 08:04:26 | 005,359,888 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/11/06 08:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2011/11/06 07:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AML Products
[2011/11/05 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Xenocode
[2011/10/30 12:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2011/10/28 12:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2011/10/28 12:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\verizontb
[2011/10/28 12:11:45 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/10/28 12:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Online Backup and Sharing
[2011/10/28 12:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DigiData
[2011/10/28 12:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon Online Backup
[2011/10/28 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\SupportSoft
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VERIZONDM
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2011/10/28 12:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SupportSoft
[2011/10/28 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon
[2011/10/28 11:47:44 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/10/27 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\PIMVLibraries
[2011/10/22 22:47:22 | 000,000,000 | ---D | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2011/11/21 19:33:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/21 19:29:42 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/21 19:29:25 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 19:29:25 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 19:29:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/21 19:29:07 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/21 19:22:15 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/21 19:14:17 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/21 19:06:49 | 000,006,756 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2011/11/21 17:35:17 | 431,117,067 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/20 22:12:31 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 22:08:41 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 22:05:04 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/20 19:58:14 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 16:57:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 16:10:48 | 000,302,592 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | M] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 12:48:32 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/19 12:10:29 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/16 21:04:20 | 000,002,737 | ---- | M] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/14 18:30:00 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/11/14 18:30:00 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/11/08 07:38:53 | 000,648,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/08 07:38:53 | 000,119,758 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/08 07:38:53 | 000,004,880 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/06 08:03:59 | 005,359,888 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/10/28 12:16:58 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 11:50:08 | 000,001,931 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk

========== Files Created - No Company Name ==========

[2011/11/21 19:11:26 | 4255,502,336 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/20 22:08:41 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 21:59:32 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 20:20:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/20 20:20:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/20 20:20:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/20 20:20:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/20 20:20:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/20 19:58:14 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 16:04:48 | 000,302,592 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:17 | 000,025,416 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/20 12:51:52 | 431,117,067 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:48:32 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/20 00:43:32 | 000,000,414 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/13 15:00:12 | 000,000,958 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/11/13 15:00:12 | 000,000,935 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/13 15:00:12 | 000,000,930 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/13 15:00:12 | 000,000,258 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/13 15:00:12 | 000,000,240 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/13 15:00:10 | 000,002,737 | ---- | C] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/13 15:00:10 | 000,002,585 | ---- | C] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/13 15:00:10 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/13 15:00:10 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/11/13 15:00:10 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2011/11/13 15:00:10 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/11/13 14:57:30 | 003,908,082 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\VRTOOLS.zip
[2011/11/13 14:45:15 | 000,293,776 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\autoruns.zip
[2011/10/28 12:16:58 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 12:12:50 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/10/28 12:12:50 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/10/28 12:11:51 | 023,896,576 | ---- | C] () -- C:\Windows\VzInHomeAgentInstaller.msi
[2011/10/28 12:05:31 | 009,782,784 | ---- | C] () -- C:\Windows\VerizonDM.msi
[2011/10/28 11:50:08 | 000,001,931 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk
[2009/12/09 18:57:23 | 000,003,584 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 12:10:39 | 000,006,756 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2009/06/08 14:38:33 | 001,058,871 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\UserTile.png
[2009/06/03 16:37:52 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/05/08 08:24:24 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/05/08 08:24:24 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/05/08 08:24:24 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/05/08 08:16:38 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/05/08 08:16:38 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/05/08 06:02:21 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/10/28 12:11:45 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/06 08:04:33 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2009/10/26 16:30:54 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Smith Micro
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/10/28 12:01:31 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/11/20 22:08:42 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/21 19:28:27 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/21 19:14:17 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job

new otl.txt

OTL logfile created on: 11/21/2011 8:03:52 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rebecca Marheine\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18762)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 53.93% Memory free
8.10 Gb Paging File | 5.92 Gb Available in Paging File | 73.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 247.57 Gb Free Space | 87.36% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 6.08 Gb Free Space | 41.53% Space Free | Partition Type: NTFS

Computer Name: REBECCAMARHE-PC | User Name: Rebecca Marheine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/21 19:33:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/15 23:36:08 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/05/15 23:36:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/05/15 23:35:50 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 10:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/12/08 20:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2010/08/09 23:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009/06/04 11:11:27 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\38b9d09539b67b08ee996db6c71f8a9b\System.Xml.ni.dll
MOD - [2009/06/04 11:10:57 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll
MOD - [2009/06/04 11:10:48 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/12/22 05:35:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/12/14 23:13:46 | 000,281,600 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/14 23:13:30 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2011/10/28 18:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/15 23:36:08 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/05/15 23:36:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/02/10 18:11:00 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Scheduler\OnlineBackup.SchedulerService.exe -- (OnlineBackupSchedulerService)
SRV - [2010/02/02 19:02:52 | 000,024,576 | ---- | M] (DigiData Corp.) [Auto | Running] -- C:\Program Files (x86)\Verizon\Online Backup & Sharing\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe -- (FilesystemWatcher)
SRV - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Stopped] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/11/06 11:00:36 | 000,135,280 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2009/11/06 11:00:34 | 000,037,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/22 05:34:48 | 000,022,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/12/17 04:22:04 | 001,526,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/12/14 23:13:56 | 000,472,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/09 00:12:36 | 008,036,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/12/08 00:32:48 | 000,068,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/09/04 00:29:22 | 000,199,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/03 03:44:22 | 000,307,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2008/09/03 03:44:22 | 000,168,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008/09/01 05:19:24 | 000,392,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/09/01 05:15:58 | 000,395,288 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/07/07 11:23:56 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:64bit: - [2008/06/02 15:28:52 | 000,247,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 10:08:40 | 000,213,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2008/01/20 21:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore

[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions
[2010/10/12 19:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rebecca Marheine\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Rebecca Marheine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Rebecca Marheine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

O1 HOSTS File: ([2011/11/20 21:12:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files (x86)\verizontb\verizonDx.dll ()
O3:64bit: - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Online Backup Auto Update] C:\Program Files (x86)\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Vault Explorer Cache Watcher] C:\Program Files (x86)\Verizon\Online Backup & Sharing\vewatch.exe (DigiData Corp.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Rebecca Marheine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2009/06/03 14:04:46 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-2764788368-3418496698-3722962008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{943C0FDB-5E56-406E-B497-1A9DEB0BA382}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0C3480D-E1C2-40B5-AFE2-1E3B6B153D7D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/21 19:33:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/20 22:08:42 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/20 22:04:37 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:13:03 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/20 21:07:58 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\temp
[2011/11/20 20:20:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/20 20:20:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/20 20:20:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/20 20:19:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/20 20:19:34 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/11/20 20:18:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/20 16:56:08 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 14:29:35 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\Malwarebytes
[2011/11/20 14:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/20 14:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/20 14:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/20 12:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/13 18:03:00 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2011/11/13 15:51:04 | 000,000,000 | ---D | C] -- C:\mfe
[2011/11/13 15:35:00 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011/11/13 14:59:56 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\Documents\VRTOOLS
[2011/11/13 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/11/13 14:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2011/11/13 13:12:38 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Citrix
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Deployment
[2011/11/13 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Apps
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/11/13 12:22:07 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/13 12:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2011/11/11 13:48:23 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder (1)
[2011/11/11 13:47:54 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\New Folder
[2011/11/06 08:04:33 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2011/11/06 08:04:26 | 005,359,888 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/11/06 08:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2011/11/06 07:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AML Products
[2011/11/05 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\Xenocode
[2011/10/30 12:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2011/10/28 12:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2011/10/28 12:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\verizontb
[2011/10/28 12:11:45 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/10/28 12:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Online Backup and Sharing
[2011/10/28 12:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DigiData
[2011/10/28 12:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon Online Backup
[2011/10/28 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Local\SupportSoft
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VERIZONDM
[2011/10/28 12:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2011/10/28 12:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SupportSoft
[2011/10/28 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon
[2011/10/28 11:47:44 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/10/27 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Rebecca Marheine\PIMVLibraries
[2011/10/22 22:47:22 | 000,000,000 | ---D | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2011/11/21 19:57:19 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/21 19:57:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 19:57:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 19:57:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/21 19:57:03 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/21 19:33:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/21 19:22:15 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/21 19:14:17 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/21 19:06:49 | 000,006,756 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2011/11/21 17:35:17 | 431,117,067 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/20 22:12:31 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 22:08:41 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 22:05:04 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe
[2011/11/20 21:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/20 19:58:14 | 000,000,512 | ---- | M] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 16:57:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rebecca Marheine\Desktop\dds.scr
[2011/11/20 16:10:48 | 000,302,592 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | M] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 12:48:32 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/19 12:10:29 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/16 21:04:20 | 000,002,737 | ---- | M] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/14 18:30:00 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/11/14 18:30:00 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/11/08 07:38:53 | 000,648,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/08 07:38:53 | 000,119,758 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/08 07:38:53 | 000,004,880 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/06 08:03:59 | 005,359,888 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/10/28 12:16:58 | 000,000,000 | ---- | M] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 11:50:08 | 000,001,931 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk

the rest of it

========== Files Created - No Company Name ==========

[2011/11/21 19:11:26 | 4255,502,336 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/20 22:08:41 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\wklnhst.dat
[2011/11/20 21:59:32 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\MBR.dat
[2011/11/20 20:20:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/20 20:20:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/20 20:20:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/20 20:20:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/20 20:20:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/20 19:58:14 | 000,000,512 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\MBR.dat
[2011/11/20 16:04:48 | 000,302,592 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe
[2011/11/20 14:29:23 | 000,000,974 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:23 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 14:29:17 | 000,025,416 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/20 12:51:52 | 431,117,067 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/20 12:48:32 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{34284B71-9489-46E6-83DE-EFBDFDC7B0DE}
[2011/11/20 12:36:53 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{985C741A-D6C3-46D9-9E8D-8868269C08DB}
[2011/11/20 00:43:32 | 000,000,414 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job
[2011/11/13 15:00:12 | 000,000,958 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/11/13 15:00:12 | 000,000,935 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/13 15:00:12 | 000,000,930 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/13 15:00:12 | 000,000,258 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/13 15:00:12 | 000,000,240 | ---- | C] () -- C:\Users\Rebecca Marheine\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/13 15:00:10 | 000,002,737 | ---- | C] () -- C:\Users\Public\Desktop\Verizon Online Backup.lnk
[2011/11/13 15:00:10 | 000,002,585 | ---- | C] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2011/11/13 15:00:10 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/13 15:00:10 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/11/13 15:00:10 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2011/11/13 15:00:10 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/11/13 14:57:30 | 003,908,082 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\VRTOOLS.zip
[2011/11/13 14:45:15 | 000,293,776 | ---- | C] () -- C:\Users\Rebecca Marheine\Documents\autoruns.zip
[2011/10/28 12:16:58 | 000,000,000 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\{F3F08FBF-79F0-47EA-A339-41A0904CDE06}
[2011/10/28 12:14:41 | 000,001,737 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Click for Verizon Wi-Fi Setup.lnk
[2011/10/28 12:14:39 | 000,002,069 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Verizon Message Center.lnk
[2011/10/28 12:14:39 | 000,001,949 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\My Verizon.lnk
[2011/10/28 12:12:50 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2011/10/28 12:12:50 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2011/10/28 12:11:51 | 023,896,576 | ---- | C] () -- C:\Windows\VzInHomeAgentInstaller.msi
[2011/10/28 12:05:31 | 009,782,784 | ---- | C] () -- C:\Windows\VerizonDM.msi
[2011/10/28 11:50:08 | 000,001,931 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\FiOS Information.lnk
[2011/10/28 11:50:07 | 000,001,960 | ---- | C] () -- C:\Users\Rebecca Marheine\Desktop\Install Verizon Media Manager.lnk
[2009/12/09 18:57:23 | 000,003,584 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/15 12:10:39 | 000,006,756 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Local\d3d9caps.dat
[2009/06/08 14:38:33 | 001,058,871 | ---- | C] () -- C:\Users\Rebecca Marheine\AppData\Roaming\UserTile.png
[2009/06/03 16:37:52 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/05/08 08:24:24 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/05/08 08:24:24 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/05/08 08:24:24 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/05/08 08:16:38 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/05/08 08:16:38 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/05/08 06:02:21 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/10/28 12:11:45 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DigiData
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\DriverCure
[2011/11/06 08:04:33 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\PC Cleaners
[2009/10/26 16:30:54 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Smith Micro
[2011/11/13 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\SpeedyPC Software
[2011/10/28 12:01:31 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\TechWizard
[2011/11/20 22:08:42 | 000,000,000 | ---D | M] -- C:\Users\Rebecca Marheine\AppData\Roaming\Template
[2011/11/21 19:28:27 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/21 19:14:17 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2DC3A224-5A67-4900-B0EC-793D91740733}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/01/20 21:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/06/24 05:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2009/05/08 08:24:37 | 000,003,456 | R--- | M] () -- C:\dell.sdr
[2011/11/21 19:57:03 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/11/21 19:57:02 | 274,145,279 | -HS- | M] () -- C:\pagefile.sys
[2011/11/13 14:03:51 | 000,000,000 | ---- | M] () -- C:\ProgramData.LOG1
[2011/11/13 14:03:51 | 000,000,000 | ---- | M] () -- C:\ProgramData.LOG2
[2009/06/03 14:37:47 | 000,000,000 | ---- | M] () -- C:\Updates.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 10:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 10:06:41 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2008/12/04 22:55:20 | 000,307,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/11/13 15:51:03 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/14 13:26:13 | 000,000,286 | -HS- | M] () -- C:\Users\Rebecca Marheine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/11/21 19:33:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rebecca Marheine\Desktop\OTL.exe
[2011/11/20 16:10:48 | 000,302,592 | ---- | M] () -- C:\Users\Rebecca Marheine\Desktop\zvc7670y.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/11/20 22:05:04 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Rebecca Marheine\aswMBR.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/06/03 13:49:48 | 000,000,402 | -HS- | M] () -- C:\Users\Rebecca Marheine\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

log otl

All processes killed
Error: Unable to interpret <O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.> in the current context!
Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rebecca Marheine
->Temp folder emptied: 80044842 bytes
->Temporary Internet Files folder emptied: 478922506 bytes
->Java cache emptied: 1346119 bytes
->Google Chrome cache emptied: 6432135 bytes
->Flash cache emptied: 7539 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2835345 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 3001440 bytes

Total Files Cleaned = 546.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Rebecca Marheine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11212011_211011

Files\Folders moved on Reboot...
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\fla2ACD.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\flaE056.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF346.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF356.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3A3.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3AD.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3D5.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3DF.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\11233672180@x23[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\1673467881@x23[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\1803531730@x23[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\ads[10].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\beacon[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\do-people-read-zine-s-or-newspapers[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\iframe[5].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\iframe[6].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\if[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\redirect_v94_cim_11_16_0[1].html moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\thisweekincombatsports_mevio_com[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1EK6LVH\xd_receiver[3].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\11468584289@x23[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\11590766574@x23[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\1402453637@x23[1].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\ddc[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\emily[1].html moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\iframe[2].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\in[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\login_status[3].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\skype-just-made-it-a-whole-lot[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3781SIB\xd_receiver[6].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ONJQD9W\ff2[2].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ONJQD9W\sandbox[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ONJQD9W\sandbox[2].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\11414055109@x23[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\11660912957@x23[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\1635397194@x23[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\DellAV_GENY_IFCB_VID[4].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\fw-nonplayer-banner[2].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\login_status[4].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\login_status[5].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\the-sounds-no-one-sleeps-mevio-music[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IGAZQPD\xd_receiver[1].htm moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQL7QA4A\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQLR1SD3\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPGCM23P\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VVA6O0D\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OIQO2YT\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

checkup.txt

Results of screen317's Security Check version 0.99.24
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player ( 10.0.45.2) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Windows Defender MSASCui.exe
Verizon Online Backup & Sharing Filesystem Watcher DigiData.FilesystemWatcher.Service.Watcher.exe
Verizon Online Backup & Sharing Scheduler OnlineBackup.SchedulerService.exe
Verizon Online Backup & Sharing Auto Update OnlineBackup.UpdateSystemTray.exe
Verizon Online Backup & Sharing vewatch.exe
``````````End of Log````````````

sorry about that

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\MRI_DISABLED\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rebecca Marheine
->Temp folder emptied: 2167788 bytes
->Temporary Internet Files folder emptied: 52730566 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 971 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 52.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Rebecca Marheine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11212011_213107

Files\Folders moved on Reboot...
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3E94.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3E9E.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3EE9.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3EF3.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3F1A.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DF3F24.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFBE80.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFBE8A.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFBF1C.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFBF26.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF1A0.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF1F3.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF7C3.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF7DC.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF7EC.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Temp\~DFF80A.tmp not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\ads[5].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\ff2[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\ff2[2].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\iframe3[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\roi_300x250[1].html moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\this-holiday-season-millions-of-shoppers-are[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLKEYAGH\xd_receiver[3].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\B5804840[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\companion[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\login_status[2].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\login_status[3].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\sandbox[1].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\sandbox[2].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\xd_receiver[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAEHAOJN\xd_receiver[3].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\B5804840[1].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\channels[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\channels[2].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\in[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\redirect_v94_cim_11_16_0[1].html moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\sandbox[1].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZX7AR6J\showthread[1].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\ads[4].htm moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\emily[1].html moved successfully.
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\fw-nonplayer-banner[3].htm moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\fw-nonplayer-banner[4].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\in[1].htm not found!
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\in[2].htm not found!
C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\roi_728x90[1].html moved successfully.
File\Folder C:\Users\Rebecca Marheine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41SRLZR9\xd_receiver[3].htm not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQL7QA4A\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQLR1SD3\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPGCM23P\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VVA6O0D\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OIQO2YT\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Results of screen317's Security Check version 0.99.24
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player ( 10.0.45.2) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Windows Defender MSASCui.exe
Verizon Online Backup & Sharing Filesystem Watcher DigiData.FilesystemWatcher.Service.Watcher.exe
Verizon Online Backup & Sharing Scheduler OnlineBackup.SchedulerService.exe
Verizon Online Backup & Sharing Auto Update OnlineBackup.UpdateSystemTray.exe
Verizon Online Backup & Sharing vewatch.exe
``````````End of Log````````````

haven't made it there yet still on eset

done with java and flahplayer still had some music coming through i turned it off through task manager malwarebytes blocks an attack from an out going port every 20-30 minutes

can i turn mcafee back on?