TechSpot

Internet connection disabled after removing Smart Engine

Inactive
By mspurlin
Oct 18, 2010
Topic Status:
Not open for further replies.
  1. The false anti-virus application, SmartEngine, was installed on our home PC about a week ago. I followed instructions that I found to disable, then remove the application at the following URL (http://www.softsailor.com/how-to/46882-how-to-remove-uninstall-smart-engine-virus-removal-guide.html). After removing the application, replacing the HOST file for Windows Vista, and verifying that all of the files associated with the application had been removed, my internet connection remains disabled. In addition, it appears that no restore points had been created, so using System Restore is not an option. I am unsure of the next step to regain an internet connection and would greatly appreciate any assistance.
  2. crunchie

    crunchie Malware Helper Posts: 761

    Hi and welcome to TechSpot forums :).

    ====

    Please read the directions given here and when done, post the requested logs.
  3. mspurlin

    mspurlin TS Rookie Topic Starter

    The false anti-virus application, SmartEngine, was installed on our home PC about a week ago. I followed instructions that I found to disable, then remove the application at the following URL (http://www.softsailor.com/how-to/468...val-guide.html). After removing the application, replacing the HOST file for Windows Vista, and verifying that all of the files associated with the application had been removed, my internet connection remains disabled. In addition, it appears that no restore points had been created, so using System Restore is not an option. I am unsure of the next step to regain an internet connection and would greatly appreciate any assistance.

    After originally posting this same question, I was directed to follow the instructions from the link below, then to post the logs. Unfortunately, the GMER application would only run in SafeMode, even after attempting to run it with "Devices" unselected. The results indicated that nothing was detected and when i went to save a log, the file was empty. I recall reading that the GMER scan is limited or inaffective when running in SafeMode.

    http://www.techspot.com/vb/topic58138.html

    At this point, any tips and direction are very welcomed.

    Attached Files:

  4. crunchie

    crunchie Malware Helper Posts: 761

    Sorry, but as the sticky thread at the head of the forum says, "Logs need to be pasted, not attached."
    Please follow those instructions and I will take a look at the logs. Please post only the logs requested in the sticky.

    Thank you.

    http://www.techspot.com/vb/topic154928.html
  5. mspurlin

    mspurlin TS Rookie Topic Starter

    Avira AntiVir Personal
    Report file date: Thursday, November 04, 2010 20:19

    Scanning for 2690356 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows Vista
    Windows version : (Service Pack 2) [6.0.6002]
    Boot mode : Normally booted
    Username : Matt
    Computer name : JEN-PC

    Version information:
    BUILD.DAT : 10.0.0.592 31823 Bytes 8/9/2010 11:00:00
    AVSCAN.EXE : 10.0.3.1 434344 Bytes 8/2/2010 22:09:56
    AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 19:57:04
    LUKE.DLL : 10.0.2.3 104296 Bytes 8/2/2010 22:10:00
    LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 06:40:49
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 16:05:36
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 02:27:49
    VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 00:37:42
    VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 23:37:42
    VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 18:29:03
    VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 22:10:03
    VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 22:10:04
    VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 22:10:06
    VBASE008.VDF : 7.10.9.166 2048 Bytes 7/23/2010 22:10:06
    VBASE009.VDF : 7.10.9.167 2048 Bytes 7/23/2010 22:10:06
    VBASE010.VDF : 7.10.9.168 2048 Bytes 7/23/2010 22:10:06
    VBASE011.VDF : 7.10.9.169 2048 Bytes 7/23/2010 22:10:06
    VBASE012.VDF : 7.10.9.170 2048 Bytes 7/23/2010 22:10:06
    VBASE013.VDF : 7.10.9.198 157696 Bytes 7/26/2010 22:10:06
    VBASE014.VDF : 7.10.9.255 997888 Bytes 7/29/2010 22:10:07
    VBASE015.VDF : 7.10.10.28 139264 Bytes 8/2/2010 22:10:07
    VBASE016.VDF : 7.10.10.52 127488 Bytes 8/3/2010 22:38:44
    VBASE017.VDF : 7.10.10.84 137728 Bytes 8/6/2010 15:35:55
    VBASE018.VDF : 7.10.10.85 1536 Bytes 8/6/2010 15:35:55
    VBASE019.VDF : 7.10.10.86 1536 Bytes 8/6/2010 15:35:55
    VBASE020.VDF : 7.10.10.87 1536 Bytes 8/6/2010 15:35:55
    VBASE021.VDF : 7.10.10.88 1536 Bytes 8/6/2010 15:35:55
    VBASE022.VDF : 7.10.10.89 1536 Bytes 8/6/2010 15:35:55
    VBASE023.VDF : 7.10.10.90 1536 Bytes 8/6/2010 15:35:55
    VBASE024.VDF : 7.10.10.91 1536 Bytes 8/6/2010 15:35:55
    VBASE025.VDF : 7.10.10.92 1536 Bytes 8/6/2010 15:35:56
    VBASE026.VDF : 7.10.10.93 1536 Bytes 8/6/2010 15:35:56
    VBASE027.VDF : 7.10.10.94 1536 Bytes 8/6/2010 15:35:56
    VBASE028.VDF : 7.10.10.95 1536 Bytes 8/6/2010 15:35:56
    VBASE029.VDF : 7.10.10.96 1536 Bytes 8/6/2010 15:35:56
    VBASE030.VDF : 7.10.10.97 1536 Bytes 8/6/2010 15:35:56
    VBASE031.VDF : 7.10.10.105 119296 Bytes 8/8/2010 05:09:34
    Engineversion : 8.2.4.34
    AEVDF.DLL : 8.1.2.1 106868 Bytes 8/2/2010 22:09:54
    AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 8/2/2010 22:09:54
    AESCN.DLL : 8.1.6.1 127347 Bytes 8/2/2010 22:09:53
    AESBX.DLL : 8.1.3.1 254324 Bytes 8/2/2010 22:09:53
    AERDL.DLL : 8.1.8.2 614772 Bytes 8/2/2010 22:09:53
    AEPACK.DLL : 8.2.3.5 471412 Bytes 8/7/2010 00:52:09
    AEOFFICE.DLL : 8.1.1.8 201081 Bytes 8/2/2010 22:09:52
    AEHEUR.DLL : 8.1.2.11 2834805 Bytes 8/7/2010 00:52:09
    AEHELP.DLL : 8.1.13.2 242039 Bytes 8/2/2010 22:09:49
    AEGEN.DLL : 8.1.3.19 393587 Bytes 8/7/2010 00:52:08
    AEEMU.DLL : 8.1.2.0 393588 Bytes 8/2/2010 22:09:49
    AECORE.DLL : 8.1.16.2 192887 Bytes 8/2/2010 22:09:49
    AEBB.DLL : 8.1.1.0 53618 Bytes 8/2/2010 22:09:48
    AVWINLL.DLL : 10.0.0.0 19304 Bytes 8/2/2010 22:09:56
    AVPREF.DLL : 10.0.0.0 44904 Bytes 8/2/2010 22:09:55
    AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 21:27:13
    AVREG.DLL : 10.0.3.2 53096 Bytes 8/2/2010 22:09:55
    AVSCPLR.DLL : 10.0.3.1 83816 Bytes 8/2/2010 22:09:56
    AVARKT.DLL : 10.0.0.14 227176 Bytes 8/2/2010 22:09:54
    AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 8/2/2010 22:09:55
    SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 21:27:22
    AVSMTP.DLL : 10.0.0.17 63848 Bytes 8/2/2010 22:09:56
    NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 21:27:21
    RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 20:10:20
    RCTEXT.DLL : 10.0.58.0 97128 Bytes 8/2/2010 22:10:08

    Configuration settings for the scan:
    Jobname.............................: Short system scan after installation
    Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Process scan........................: on
    Scan registry.......................: on
    Search for rootkits.................: off
    Integrity checking of system files..: off
    Scan all files......................: Intelligent file selection
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: Thursday, November 04, 2010 20:19

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avconfig.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avshadow.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'setup.exe' - '1' Module(s) have been scanned
    Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
    Scan process 'msiexec.exe' - '1' Module(s) have been scanned
    Scan process 'presetup.exe' - '1' Module(s) have been scanned
    Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
    Scan process 'Pmxmiced.exe' - '1' Module(s) have been scanned
    Scan process 'tmproxy.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'SoftwareUpdate.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'ArcCon.ac' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned
    Scan process 'DLG.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'PTAgnt.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'ACDaemon.exe' - '1' Module(s) have been scanned
    Scan process 'wmdcBase.exe' - '1' Module(s) have been scanned
    Scan process 'vVX3000.exe' - '1' Module(s) have been scanned
    Scan process 'dlupdr.exe' - '1' Module(s) have been scanned
    Scan process 'dlpsp.exe' - '1' Module(s) have been scanned
    Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
    Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
    Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'pccguide.exe' - '1' Module(s) have been scanned
    Scan process 'ico.exe' - '1' Module(s) have been scanned
    Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
    Scan process 'Dwm.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ArcCon.ac' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
    Scan process 'PccGuide.exe' - '1' Module(s) have been scanned
    Scan process 'DLPWDNT.EXE' - '1' Module(s) have been scanned
    Scan process 'xaudio.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'TmPfw.exe' - '1' Module(s) have been scanned
    Scan process 'Tmntsrv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SPUVolumeWatcher.exe' - '1' Module(s) have been scanned
    Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
    Scan process 'DLG.exe' - '1' Module(s) have been scanned
    Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'PTAgnt.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'ACDaemon.exe' - '1' Module(s) have been scanned
    Scan process 'wmdcBase.exe' - '1' Module(s) have been scanned
    Scan process 'vVX3000.exe' - '1' Module(s) have been scanned
    Scan process 'dlupdr.exe' - '1' Module(s) have been scanned
    Scan process 'dlpsp.exe' - '1' Module(s) have been scanned
    Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
    Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
    Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'ico.exe' - '1' Module(s) have been scanned
    Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
    Scan process 'Dwm.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'PcCtlCom.exe' - '1' Module(s) have been scanned
    Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
    Scan process 'DLSDBNT.EXE' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'ACService.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:

    Starting to scan executable files (registry).
    The registry was scanned ( '1826' files ).



    End of the scan: Thursday, November 04, 2010 20:20
    Used time: 01:16 Minute(s)

    The scan has been done completely.

    0 Scanned directories
    2368 Files were scanned
    0 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    0 Files were moved to quarantine
    0 Files were renamed
    0 Files cannot be scanned
    2368 Files not concerned
    5 Archives were scanned
    0 Warnings
    0 Notes

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 5049

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18975

    11/4/2010 9:32:06 PM
    mbam-log-2010-11-04 (21-32-06).txt

    Scan type: Quick scan
    Objects scanned: 154698
    Time elapsed: 20 minute(s), 44 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    DDS (Ver_10-11-03.01) - NTFSx86
    Run by Matt at 17:49:57.43 on Fri 11/05/2010
    Internet Explorer: 8.0.6001.18975
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1012.303 [GMT -6:00]

    AV: PC-cillin Internet Security - Virus Protection *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
    SP: PC-cillin Internet Security - Spyware Protection *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    FW: PC-cillin Internet Security - Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Windows\System32\ico.exe
    C:\Windows\System32\Pmxmiced.exe
    C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
    C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
    C:\Windows\vVX3000.exe
    C:\Windows\WindowsMobile\wmdcBase.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Users\Matt\Desktop\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/ig
    uWindow Title = Internet Explorer provided by Dell
    uInternet Settings,ProxyOverride = *.local
    uInternet Settings,ProxyServer = http=127.0.0.1:25569
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    uRun: [DellAutomatedPCTuneUp] "c:\program files\dellautomatedpctuneup\PTAgnt.exe" /startup
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Spark] c:\program files\spark\Spark.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [PMX Daemon] ICO.EXE
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [pccguide.exe] "c:\program files\trend micro\internet security 14\pccguide.exe"
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [DLPSP] "c:\program files\dell printers\additional color laser software\status monitor\DLPSP.EXE"
    mRun: [DLUPDR] "c:\program files\dell printers\additional color laser software\updater\DLUPDR.EXE"
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
    mRun: [VX3000] c:\windows\vVX3000.exe
    mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
    mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    StartupFolder: c:\users\matt\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\stupas~1.lnk - c:\program files\common files\nikon\utilities\StupAssist.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
    DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/54.14/uploader2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

    ============= SERVICES / DRIVERS ===============

    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-4 60936]
    R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-3-7 36368]
    R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-3-7 18432]
    R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-3-7 19008]
    R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-3-7 280392]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]

    =============== Created Last 30 ================

    2010-11-05 03:56:44 93824 ----a-w- C:\pwldypow.sys
    2010-11-05 03:14:09 -------- d-----w- c:\users\matt\appdata\roaming\Avira
    2010-11-05 02:21:49 172032 ----a-w- c:\windows\system32\igfxres.dll
    2010-11-05 02:16:20 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-11-05 02:16:16 -------- d-----w- c:\program files\Avira
    2010-11-05 02:16:16 -------- d-----w- c:\progra~2\Avira
    2010-11-04 07:58:54 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{5494ca5d-f97f-4ea1-a3f9-a9d1234e0e4c}\mpengine.dll
    2010-10-27 06:29:35 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-10-27 06:29:31 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-10-27 06:29:31 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-10-16 05:02:53 -------- d-----w- c:\program files\Secunia
    2010-10-13 15:41:14 -------- d-sh--w- c:\users\matt\appdata\roaming\Smart Engine
    2010-10-13 15:41:13 -------- d-sh--w- c:\progra~2\SMASUZOWNE
    2010-10-13 15:40:13 -------- d-sh--w- c:\progra~2\6f6dd8
    2010-10-12 23:11:33 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
    2010-10-12 23:11:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-10-12 23:10:46 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-10-12 23:10:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-10-12 23:10:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-10-12 23:10:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-10-12 23:10:44 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-10-12 23:10:06 274944 ----a-w- c:\windows\system32\schannel.dll
    2010-10-12 23:08:57 867328 ----a-w- c:\windows\system32\wmpmde.dll

    ==================== Find3M ====================

    2010-10-19 17:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
    2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-08-31 15:46:37 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-08-31 15:46:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-08-31 15:44:31 531968 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-31 13:27:38 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-08-26 16:37:45 157184 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-26 16:33:06 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2010-08-26 16:33:04 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2010-08-26 16:33:04 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2010-08-26 16:33:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-10 11:15:58 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-08-10 11:15:58 69632 ----a-w- c:\windows\system32\QuickTime.qts

    ============= FINISH: 17:52:25.50 ===============
  6. mspurlin

    mspurlin TS Rookie Topic Starter

    I posted the logs as requested, but have seen no response. As far as I can tell, this thread is still active.
  7. crunchie

    crunchie Malware Helper Posts: 761

    My apologies. I missed your reply somehow.

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

    ==

    Should be able to sort it once done :).
  8. mspurlin

    mspurlin TS Rookie Topic Starter

    OTL logfile created on: 11/8/2010 10:07:24 PM - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Matt\Desktop\Performance Applications
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1,012.00 Mb Total Physical Memory | 177.00 Mb Available Physical Memory | 18.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 36.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288.04 Gb Total Space | 152.85 Gb Free Space | 53.06% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.43 Gb Free Space | 54.27% Space Free | Partition Type: NTFS

    Computer Name: JEN-PC | User Name: Matt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/11/08 21:23:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\Performance Applications\OTL.exe
    PRC - [2010/08/31 08:59:23 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/08/02 15:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/08/02 15:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010/08/02 15:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/03/18 10:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
    PRC - [2008/03/07 12:44:52 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2007/11/09 03:19:18 | 000,345,696 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe
    PRC - [2007/10/11 08:49:50 | 000,465,136 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
    PRC - [2007/07/25 14:25:30 | 000,393,944 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
    PRC - [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
    PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\pmxmiced.exe
    PRC - [2007/05/17 13:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    PRC - [2007/05/11 06:26:44 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2007/04/10 13:46:48 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
    PRC - [2007/02/21 23:38:34 | 000,140,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
    PRC - [2006/12/07 15:52:14 | 000,140,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
    PRC - [2006/12/07 15:52:10 | 000,095,128 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
    PRC - [2006/11/21 13:02:24 | 001,807,960 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
    PRC - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe
    PRC - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
    PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe
    PRC - [2006/11/03 17:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/11/08 21:23:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\Performance Applications\OTL.exe
    MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
    MOD - [2010/03/05 07:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    MOD - [2009/04/10 23:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
    MOD - [2009/04/10 23:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
    MOD - [2009/04/10 23:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
    MOD - [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
    MOD - [2009/04/10 23:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
    MOD - [2008/01/19 00:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
    MOD - [2008/01/19 00:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
    MOD - [2008/01/19 00:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/31 08:59:23 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
    SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/08/02 15:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/08/02 15:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/10 11:20:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
    SRV - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom)
    SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/11/09 03:19:18 | 000,345,696 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv)
    SRV - [2007/10/11 08:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
    SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/05/17 13:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
    SRV - [2006/12/07 15:52:14 | 000,140,184 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
    SRV - [2006/12/07 15:52:10 | 000,095,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
    SRV - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy)
    SRV - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2010/08/02 15:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2010/08/02 15:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/07/07 07:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
    DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/04/10 21:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2008/11/26 17:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
    DRV - [2008/11/26 17:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
    DRV - [2008/11/26 17:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
    DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2008/03/07 20:08:52 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/03/07 20:08:52 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/03/07 20:08:52 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2008/01/02 15:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2007/08/23 17:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\datunidr.sys -- (datunidr)
    DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
    DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxmouse.sys -- (pmxmouse)
    DRV - [2007/05/24 15:44:00 | 000,019,008 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxusblf.sys -- (pmxusblf)
    DRV - [2007/05/11 06:26:46 | 001,773,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/04/29 01:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
    DRV - [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
    DRV - [2007/04/10 13:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
    DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
    DRV - [2006/11/09 15:04:20 | 000,280,392 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TM_CFW.sys -- (tmcfw)
    DRV - [2006/11/09 15:04:20 | 000,073,288 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
    DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
    DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2006/10/18 11:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
    DRV - [2006/10/18 11:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
    DRV - [2006/10/18 11:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
    DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)
    DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25569



    O1 HOSTS File: ([2010/10/15 06:04:32 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
    O4 - HKLM..\Run: [DLUPDR] C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE (Dell Inc.)
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
    O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
    O4 - HKLM..\Run: [PMX Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.)
    O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [DellAutomatedPCTuneUp] C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe (Gteko Ltd.)
    O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKCU..\Run: [Spark] C:\Program Files\Spark\Spark.exe (Jive Software)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/54.14/uploader2.cab (UploadListView Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{5616f4fe-f1c9-11dc-ad1a-001d098cba27}\Shell - "" = AutoRun
    O33 - MountPoints2\{5616f4fe-f1c9-11dc-ad1a-001d098cba27}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    O33 - MountPoints2\{ba86e329-0119-11df-b639-001d098cba27}\Shell\AutoRun\command - "" = H:\MI.exe -- File not found
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/11/05 18:17:57 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Performance Applications
    [2010/11/04 20:56:44 | 000,093,824 | ---- | C] (GMER) -- C:\pwldypow.sys
    [2010/11/04 20:14:09 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Avira
    [2010/11/04 19:16:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
    [2010/11/04 19:16:20 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
    [2010/11/04 19:16:20 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
    [2010/11/04 19:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010/11/04 19:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
    [2010/10/26 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Headshots
    [2010/10/15 22:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
    [2010/10/13 08:41:14 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Roaming\Smart Engine
    [2010/10/13 08:41:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\SMASUZOWNE
    [2010/10/13 08:40:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\6f6dd8

    ========== Files - Modified Within 30 Days ==========

    [2010/11/08 21:18:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/11/08 21:03:33 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/11/08 21:03:33 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/11/08 13:11:10 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/11/08 06:18:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/11/05 17:03:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/11/05 17:03:18 | 1060,327,424 | -HS- | M] () -- C:\hiberfil.sys
    [2010/11/05 07:23:32 | 244,791,726 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010/11/05 06:51:17 | 000,001,356 | ---- | M] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
    [2010/11/04 20:56:44 | 000,093,824 | ---- | M] (GMER) -- C:\pwldypow.sys
    [2010/11/04 20:37:32 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/11/04 20:37:32 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/10/15 06:04:32 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2010/10/13 21:55:41 | 000,002,075 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
    [2010/10/13 02:32:42 | 002,199,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

    ========== Files Created - No Company Name ==========

    [2010/11/05 07:12:53 | 1060,327,424 | -HS- | C] () -- C:\hiberfil.sys
    [2010/10/15 05:13:45 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/15 05:13:41 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/13 21:55:41 | 000,002,075 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
    [2010/04/17 07:54:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/10/20 13:02:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/04/19 11:19:50 | 000,000,012 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\examview.tlx
    [2008/10/26 13:53:04 | 000,003,466 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\evpro32.prf
    [2008/05/24 12:20:50 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
    [2008/03/17 20:55:54 | 000,001,356 | ---- | C] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
    [2008/03/14 11:49:28 | 000,033,792 | -H-- | C] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/03/07 20:09:19 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
    [2008/03/07 20:09:19 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
    [2008/03/07 20:09:19 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2008/03/07 12:26:52 | 000,131,062 | ---- | C] () -- C:\Windows\System32\DellPM.ini
    [2008/01/02 15:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2008/01/02 15:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2008/01/02 15:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2007/04/10 13:46:48 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
    [2006/11/07 12:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
    [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 03:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
    [2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll

    ========== LOP Check ==========

    [2008/05/11 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Nikon
    [2009/09/11 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Research In Motion
    [2010/10/13 08:41:52 | 000,000,000 | -HSD | M] -- C:\Users\Matt\AppData\Roaming\Smart Engine
    [2010/11/05 05:38:39 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: AGP440.SYS >
    [2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
    [2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
    [2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
    [2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
    [2008/03/07 19:56:03 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
    [2008/03/07 19:56:03 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
    [2008/03/07 19:56:03 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
    [2008/03/07 19:56:03 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
    [2006/11/02 02:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/04/10 23:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
    [2009/04/10 23:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
    [2009/04/10 23:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
    [2008/01/19 00:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
    [2008/01/19 00:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
    [2006/11/02 02:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
    [2008/03/07 19:56:29 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
    [2008/03/07 20:08:52 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys
    [2008/03/07 20:08:52 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys
    [2008/03/07 20:08:52 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys
    [2008/03/07 20:08:52 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys
    [2008/03/07 19:56:00 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
    [2008/03/07 19:56:00 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
    [2008/03/07 19:56:29 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
    [2008/03/07 19:56:29 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
    [2008/03/13 00:06:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
    [2008/03/13 00:06:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
    [2008/03/13 00:06:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
    [2008/03/13 00:06:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

    < MD5 for: CNGAUDIT.DLL >
    [2006/11/02 02:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
    [2006/11/02 02:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

    < MD5 for: IASTOR.SYS >
    [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Drivers\storage\R154092\iastor.sys
    [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
    [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys
    [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_5f6e7be5\iaStor.sys

    < MD5 for: IASTORV.SYS >
    [2008/01/19 00:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
    [2008/01/19 00:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
    [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
    [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

    < MD5 for: NETLOGON.DLL >
    [2006/11/02 02:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
    [2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
    [2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
    [2008/01/19 00:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

    < MD5 for: NVSTOR.SYS >
    [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
    [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
    [2008/01/19 00:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
    [2008/01/19 00:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

    < MD5 for: SCECLI.DLL >
    [2008/01/19 00:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
    [2006/11/02 02:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
    [2009/04/10 23:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
    [2009/04/10 23:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/04/10 23:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
    [2009/04/10 23:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

    < %systemroot%\System32\config\*.sav >
    [2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
    [2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
    [2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
    [2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
    [2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

    < End of report >
  9. mspurlin

    mspurlin TS Rookie Topic Starter

    OTL Extras logfile created on: 11/8/2010 10:07:24 PM - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Matt\Desktop\Performance Applications
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1,012.00 Mb Total Physical Memory | 177.00 Mb Available Physical Memory | 18.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 36.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288.04 Gb Total Space | 152.85 Gb Free Space | 53.06% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.43 Gb Free Space | 54.27% Space Free | Partition Type: NTFS

    Computer Name: JEN-PC | User Name: Matt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{05E3CB3D-8885-41DC-BD22-088455E4B9DF}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
    "{42661B49-B8C3-48F3-A71A-8B6DFDCD7758}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
    "{44E73DC9-4BD4-464F-91CE-D9B1726CA4C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{53D5AB46-BB32-44B8-8951-677E9414A43F}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{623DBE6C-5FE5-45FE-921A-782F21012254}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
    "{6A05DFD9-DB6F-4AAC-AE87-3AFE74DDB068}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
    "{79BEB94E-712B-486C-8668-AFEC032C46FB}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{807D6EEC-8CFC-4631-B27F-31F5C1A4CF45}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{85B113D7-9F4F-49A3-9287-74FB8ECBF6AC}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
    "{88FE4A21-680B-4C0D-8099-A28ECE270E43}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{8C0608FA-E564-4B3E-9E3F-DDC85916C256}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{9109ACF8-EAD7-4DBA-8400-DAB5DB671672}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{B02C011D-342A-45A3-B538-509F5879223E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{CBF26CFA-E5AF-4BB3-AAA7-B663F5B7E34D}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
    "{E85EB6E4-E0D2-4EB3-960E-F028E6DC9790}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0C2BEAF0-7080-4EF3-A3C8-8C8ABA535BCD}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
    "{14418B31-CAF6-48E4-9730-DF63DC87AFCC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{3A3EF550-54D9-423F-BAE2-B9865F376C75}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{41194E52-A1E5-4A5A-8034-B5DF77BBF2C9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{41847020-75CA-4703-BA82-77CE912E8A85}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{4326A718-D0D4-4FC0-B471-D4B388A26586}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
    "{43495F1F-004D-4E3B-A4DD-E68589F2CAFD}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
    "{5D9E239D-60EC-459C-969B-8FF8029EE592}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{7DFEB802-5A79-41E8-A43A-FE4995B8D169}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{86ED8B0A-36D9-418C-9405-2E010ABA3BE4}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
    "{895B0B04-1DA3-482F-A23B-8B279276E870}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8BA666CE-3C57-40B0-A39F-D89B090502BB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{962CD1C9-F8C3-4117-953C-3F693E64D3C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{AD360FD8-D3EF-4541-A634-7E5C72CEFE24}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{C13230A2-202B-40F3-9EAE-9959BDCF77BB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{D7637858-C37A-40AF-9C06-24747ADED4F3}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
    "{D83EE225-0762-40DE-BEAA-2FD8F13D2981}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{DC30CB93-27C8-4236-BAB1-141180C5DF05}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
    "{E4011BD8-9055-4578-AB73-0AB1B6414FF7}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
    "{E7D2117F-E7C5-42EC-9CA3-AE8ABCE507CB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{EB393276-3C43-4BD8-B0BB-7489F33E1A19}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{F0E2AF3B-A20D-4809-AB2D-5D38B086EC3E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{F8D53C83-6927-443D-86A8-DB814408D25B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{FCCB3704-4403-414F-B093-6EFA9A352C07}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "TCP Query User{33560C9F-4683-455F-AB0E-8BC2C534A971}C:\program files\spark\spark.exe" = protocol=6 | dir=in | app=c:\program files\spark\spark.exe |
    "TCP Query User{9CD34507-2070-469E-AC46-3ABDD0F89203}C:\programdata\6f6dd8\sm6f6_302.exe" = protocol=6 | dir=in | app=c:\programdata\6f6dd8\sm6f6_302.exe |
    "UDP Query User{5F3C210C-B4DB-4648-95DA-AC4C45E214A1}C:\programdata\6f6dd8\sm6f6_302.exe" = protocol=17 | dir=in | app=c:\programdata\6f6dd8\sm6f6_302.exe |
    "UDP Query User{7CA823C5-E5B1-4058-8CBF-B8D8D6F13CD9}C:\program files\spark\spark.exe" = protocol=17 | dir=in | app=c:\program files\spark\spark.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
    "{105F3CE5-FE55-408E-BF30-E78F85BA0B12}" = Dell Printer Software
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
    "{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
    "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
    "{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
    "{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{63ECAAF0-425A-40DD-B6CD-C987F0E95005}" = Motorola Driver Installation 3.3.0
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B28759B8-5FC6-4F56-9C6C-6EDAD36455A9}" = Roxio Media Manager
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{CA72A82C-7DBC-4814-8CCB-E5BFAC59FAEF}" = ArcSoft MediaImpression for Kodak
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
    "{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
    "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
    "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
    "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
    "{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
    "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
    "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}" = Trend Micro PC-cillin Internet Security 14
    "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE34691C-4298-4667-9758-D7F534DD0B94}" = Dell Automated PC TuneUp
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
    "CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Easy Grade Pro" = Easy Grade Pro
    "Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
    "ExamView Assessment Suite Trial" = ExamView Assessment Suite Trial
    "ExamView Player" = ExamView Player
    "ExamView Pro" = ExamView Assessment Suite
    "Google Desktop" = Google Desktop
    "Google Updater" = Google Updater
    "Green Eggs and Ham" = Green Eggs and Ham
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Photodex Presenter" = Photodex Presenter
    "PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
    "Secunia PSI" = Secunia PSI
    "Spark 2.5.8" = Spark 2.5.8
    "TmPcc" = Trend Micro PC-cillin Internet Security 14
    "Wisdom-soft ScreenHunter 5.0 Free" = Wisdom-soft ScreenHunter 5.0 Free

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 9/21/2010 9:32:36 PM | Computer Name = Jen-PC | Source = Bonjour Service | ID = 100
    Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly
    closed by the remote host.)

    Error - 10/12/2010 10:37:54 PM | Computer Name = Jen-PC | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18943, time stamp
    0x4c25813d, faulting module IEShims.dll, version 8.0.6001.18943, time stamp 0x4c25980e,
    exception code 0xc0000005, fault offset 0x00021e16, process id 0x10dc, application
    start time 0x01cb6a7fa15b38a0.

    Error - 10/14/2010 1:22:11 AM | Computer Name = Jen-PC | Source = Windows Search Service | ID = 3038
    Description =

    Error - 10/14/2010 1:25:30 AM | Computer Name = Jen-PC | Source = Windows Search Service | ID = 3028
    Description =

    Error - 10/14/2010 1:25:38 AM | Computer Name = Jen-PC | Source = Windows Search Service | ID = 3058
    Description =

    Error - 10/14/2010 9:58:12 AM | Computer Name = Jen-PC | Source = EventSystem | ID = 4609
    Description =

    Error - 11/4/2010 10:11:59 PM | Computer Name = Jen-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Users\Matt\AppData\Local\Temp\RarSFX0\redist.dll".
    Dependent
    Assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 11/4/2010 10:27:53 PM | Computer Name = Jen-PC | Source = Application Error | ID = 1000
    Description = Faulting application TFC.exe, version 3.1.7.0, time stamp 0x2a425e19,
    faulting module RPCRT4.dll, version 6.0.6002.18024, time stamp 0x49f05bcc, exception
    code 0xc0000005, fault offset 0x000b0af5, process id 0x1510, application start time
    0x01cb7c906581f670.

    Error - 11/4/2010 10:46:33 PM | Computer Name = Jen-PC | Source = Application Hang | ID = 1002
    Description = The program TFC.exe version 3.1.7.0 stopped interacting with Windows
    and was closed. To see if more information about the problem is available, check
    the problem history in the Problem Reports and Solutions control panel. Process
    ID: 6f4 Start Time: 01cb7c930396c3c0 Termination Time: 16

    Error - 11/5/2010 12:00:10 AM | Computer Name = Jen-PC | Source = Application Hang | ID = 1002
    Description = The program nlynbxvg.exe version 1.0.15.15507 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Problem Reports and Solutions control panel. Process
    ID: a48 Start Time: 01cb7c9d710e17a3 Termination Time: 0

    [ Media Center Events ]
    Error - 5/23/2008 1:55:40 PM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 5/27/2008 1:07:25 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/1/2008 2:16:20 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/1/2008 6:35:13 PM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/2/2008 12:01:53 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/5/2008 3:40:29 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/6/2008 9:21:23 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

    Error - 6/20/2009 3:26:51 PM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

    Error - 10/7/2009 6:49:54 PM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

    [ System Events ]
    Error - 11/5/2010 8:42:02 AM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7001
    Description =

    Error - 11/5/2010 8:42:04 AM | Computer Name = Jen-PC | Source = DCOM | ID = 10005
    Description =

    Error - 11/5/2010 8:42:08 AM | Computer Name = Jen-PC | Source = DCOM | ID = 10005
    Description =

    Error - 11/5/2010 8:42:10 AM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7001
    Description =

    Error - 11/5/2010 10:14:41 AM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7009
    Description =

    Error - 11/5/2010 10:21:25 AM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7022
    Description =

    Error - 11/5/2010 10:23:39 AM | Computer Name = Jen-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 8:21:51 AM on 11/5/2010 was unexpected.

    Error - 11/5/2010 10:25:20 AM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7009
    Description =

    Error - 11/5/2010 8:03:21 PM | Computer Name = Jen-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 6:00:18 PM on 11/5/2010 was unexpected.

    Error - 11/5/2010 8:05:08 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7009
    Description =


    < End of report >
  10. crunchie

    crunchie Malware Helper Posts: 761

    Looks like you are running more than one anti-virus program.

    You need to uninstall one, or disable one from from startup because they will interfere with one another and cause problems with the normal running operations of your PC.

    ==============

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      
      :OTL
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25569
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
      [2010/11/04 20:56:44 | 000,093,824 | ---- | C] (GMER) -- C:\pwldypow.sys
      [2010/11/04 20:56:44 | 000,093,824 | ---- | M] (GMER) -- C:\pwldypow.sys
      :Commands
      [emptyflash]
      [emptytemp]
      [resethosts]
      [Reboot]
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, reboot the PC when it is done.
    • Post log from this run.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

    =============

    Let me know if you have internet access now.
  11. mspurlin

    mspurlin TS Rookie Topic Starter

    Of the multiple anit-virus programs that I am running, which do you recommend that I keep installed, based on your experience?
     
  12. mspurlin

    mspurlin TS Rookie Topic Starter

    Your suggestions re-established my internet connection. Thank you a ton! Are there any additional steps? Also, my system is running incredibly slow. Could the reduced performance be due to the multiple anti-virus applications that you suggested I remove?

    Here is the log from the initial Run Fix scan that you suggested:

    All processes killed
    ========== OTL ==========
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
    C:\pwldypow.sys moved successfully.
    File C:\pwldypow.sys not found.
    ========== COMMANDS ==========

    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Jen
    ->Flash cache emptied: 0 bytes

    User: Matt
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Jen
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Matt
    ->Temp folder emptied: 2740105 bytes
    ->Temporary Internet Files folder emptied: 66407 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 298142 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 48679796 bytes

    Total Files Cleaned = 49.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer - Version 3.2.17.3 log created on 11102010_201817

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...

    __________________________________

    Here is the log from the subsequent Quick Scan run:

    OTL logfile created on: 11/10/2010 8:30:28 PM - Run 2
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Matt\Desktop\Performance Applications
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1,012.00 Mb Total Physical Memory | 214.00 Mb Available Physical Memory | 21.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 45.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288.04 Gb Total Space | 152.39 Gb Free Space | 52.91% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.43 Gb Free Space | 54.27% Space Free | Partition Type: NTFS
    Drive G: | 4.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive H: | 3.71 Gb Total Space | 3.61 Gb Free Space | 97.39% Space Free | Partition Type: FAT32

    Computer Name: JEN-PC | User Name: Matt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/11/08 21:23:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\Performance Applications\OTL.exe
    PRC - [2010/08/31 08:59:23 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/08/02 15:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/08/02 15:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010/08/02 15:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/03/18 10:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2009/04/10 23:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
    PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/10/15 00:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2008/07/02 15:38:08 | 000,353,544 | ---- | M] (CompanyName) -- C:\Program Files\Trend Micro\Internet Security 14\TSC.EXE
    PRC - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
    PRC - [2008/03/07 12:44:52 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2007/11/09 03:19:18 | 000,345,696 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe
    PRC - [2007/10/11 08:49:50 | 000,465,136 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
    PRC - [2007/07/25 14:25:30 | 000,393,944 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
    PRC - [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
    PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\pmxmiced.exe
    PRC - [2007/05/17 13:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    PRC - [2007/05/11 06:26:44 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2007/04/10 13:46:48 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
    PRC - [2007/02/21 23:38:34 | 000,140,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
    PRC - [2006/12/07 15:52:14 | 000,140,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
    PRC - [2006/12/07 15:52:10 | 000,095,128 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
    PRC - [2006/11/21 13:02:24 | 001,807,960 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
    PRC - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe
    PRC - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
    PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe
    PRC - [2006/11/03 17:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/11/08 21:23:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\Performance Applications\OTL.exe
    MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/31 08:59:23 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
    SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/08/02 15:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/08/02 15:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/10 11:20:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
    SRV - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom)
    SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/11/09 03:19:18 | 000,345,696 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv)
    SRV - [2007/10/11 08:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
    SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/05/17 13:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
    SRV - [2006/12/07 15:52:14 | 000,140,184 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
    SRV - [2006/12/07 15:52:10 | 000,095,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
    SRV - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy)
    SRV - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2010/08/02 15:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2010/08/02 15:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/07/07 07:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
    DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/04/10 21:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2008/11/26 17:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
    DRV - [2008/11/26 17:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
    DRV - [2008/11/26 17:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
    DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2008/03/07 20:08:52 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/03/07 20:08:52 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/03/07 20:08:52 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2008/01/02 15:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2007/08/23 17:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\datunidr.sys -- (datunidr)
    DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
    DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxmouse.sys -- (pmxmouse)
    DRV - [2007/05/24 15:44:00 | 000,019,008 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxusblf.sys -- (pmxusblf)
    DRV - [2007/05/11 06:26:46 | 001,773,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/04/29 01:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
    DRV - [2007/04/26 03:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
    DRV - [2007/04/10 13:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
    DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
    DRV - [2006/11/09 15:04:20 | 000,280,392 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TM_CFW.sys -- (tmcfw)
    DRV - [2006/11/09 15:04:20 | 000,073,288 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
    DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
    DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2006/10/18 11:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
    DRV - [2006/10/18 11:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
    DRV - [2006/10/18 11:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
    DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)
    DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



    O1 HOSTS File: ([2010/11/10 20:18:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
    O4 - HKLM..\Run: [DLUPDR] C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE (Dell Inc.)
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
    O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
    O4 - HKLM..\Run: [PMX Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.)
    O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [DellAutomatedPCTuneUp] C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe (Gteko Ltd.)
    O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKCU..\Run: [Spark] C:\Program Files\Spark\Spark.exe (Jive Software)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/54.14/uploader2.cab (UploadListView Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2006/08/23 22:43:12 | 000,000,224 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{5616f4fe-f1c9-11dc-ad1a-001d098cba27}\Shell - "" = AutoRun
    O33 - MountPoints2\{5616f4fe-f1c9-11dc-ad1a-001d098cba27}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2006/05/24 03:36:40 | 000,950,272 | R--- | M] ()
    O33 - MountPoints2\{ba86e329-0119-11df-b639-001d098cba27}\Shell\AutoRun\command - "" = H:\MI.exe -- File not found
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2006/05/24 03:36:40 | 000,950,272 | R--- | M] ()
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/11/10 20:18:17 | 000,000,000 | ---D | C] -- C:\_OTL
    [2010/11/05 18:17:57 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Performance Applications
    [2010/11/04 20:14:09 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Avira
    [2010/11/04 19:16:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
    [2010/11/04 19:16:20 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
    [2010/11/04 19:16:20 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
    [2010/11/04 19:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010/11/04 19:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
    [2010/10/26 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Headshots
    [2010/10/15 22:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
    [2010/10/13 08:41:14 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Roaming\Smart Engine
    [2010/10/13 08:41:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\SMASUZOWNE
    [2010/10/13 08:40:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\6f6dd8

    ========== Files - Modified Within 30 Days ==========

    [2010/11/10 20:30:08 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/11/10 20:29:52 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/11/10 20:29:52 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/11/10 20:22:39 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/11/10 20:21:06 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/11/10 20:21:06 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/11/10 20:21:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/11/10 20:20:40 | 1062,391,808 | -HS- | M] () -- C:\hiberfil.sys
    [2010/11/10 20:18:33 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
    [2010/11/10 20:18:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/11/05 07:23:32 | 244,791,726 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010/11/05 06:51:17 | 000,001,356 | ---- | M] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
    [2010/10/13 21:55:41 | 000,002,075 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
    [2010/10/13 02:32:42 | 002,199,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

    ========== Files Created - No Company Name ==========

    [2010/11/05 07:12:53 | 1062,391,808 | -HS- | C] () -- C:\hiberfil.sys
    [2010/10/15 05:13:45 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/15 05:13:41 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/13 21:55:41 | 000,002,075 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
    [2010/04/17 07:54:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/10/20 13:02:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/04/19 11:19:50 | 000,000,012 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\examview.tlx
    [2008/10/26 13:53:04 | 000,003,466 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\evpro32.prf
    [2008/05/24 12:20:50 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
    [2008/03/17 20:55:54 | 000,001,356 | ---- | C] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
    [2008/03/14 11:49:28 | 000,033,792 | -H-- | C] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/03/07 20:09:19 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
    [2008/03/07 20:09:19 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
    [2008/03/07 20:09:19 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2008/03/07 12:26:52 | 000,131,062 | ---- | C] () -- C:\Windows\System32\DellPM.ini
    [2008/01/02 15:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2008/01/02 15:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2008/01/02 15:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2007/04/10 13:46:48 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
    [2006/11/07 12:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
    [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 03:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
    [2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll

    ========== LOP Check ==========

    [2008/05/11 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Nikon
    [2009/09/11 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Research In Motion
    [2010/10/13 08:41:52 | 000,000,000 | -HSD | M] -- C:\Users\Matt\AppData\Roaming\Smart Engine
    [2010/11/10 20:19:18 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >
  13. crunchie

    crunchie Malware Helper Posts: 761

    Seeing how you have Avira on there, I suggest you keep that and uninstall the rest. If there is a removal tool from the relevant AV's you uninstall, I suggest you run that too after uninstalling.
    Have you defragmented the drive lately? If not, please do so (unless it is a SSD).
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.