TechSpot

Network location cannot be reached

By dolsen
May 15, 2012
  1. I'm not sure if this is the correct forum to post this, but here goes. After going through several steps to remove a virus from my pc, I can no longer connect to anyother network pc or share folder.

    No matter what I do I get the "network location can not be reached" message. Thanks for any help you can provide.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll be glad to help you.

    It is not uncommon for the current rootkits to cause a problem with the internet connection. But the shared network is something else. Have you gone through the settings for the network? Did you check the firewall to make sure it will allow the sharing? Did you right click on and file to make sure it is set to share? You do this first on the computer that has the router connected to it, then check share status on the other computers on the network.

    Check and make sure the other PC on the network is turned on.
    ----------------------------------------------

    Beyone the above, we can check to see if malware is still present and go from there:

    If you would like us to check the system for malware, please follow these steps: Preliminary Virus and Malware Removal.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ------------------------------------------------
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    Threads are closed after 5 days if there is no reply.
     
  3. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102


    Thanks for the reply.
    None of my settings have changed, so it is entirely possible that there is still malware effecting my machine.
    My logs are pasted below.

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org
    Database version: v2012.05.08.03
    Windows XP Service Pack 2 x86 NTFS
    Internet Explorer 8.0.6001.18702
    dolsen :: TEST1 [administrator]
    5/15/2012 7:46:23 PM
    mbam-log-2012-05-15 (19-46-23).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 266488
    Time elapsed: 8 minute(s), 46 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-05-15 20:35:15
    Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HM080HI rev.AB100-12
    Running: xyd9mwlo.exe; Driver: C:\DOCUME~1\dolsen\LOCALS~1\Temp\pxtdipow.sys

    ---- Devices - GMER 1.0.15 ----
    AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Ip sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software, Inc.)
    AttachedDevice \Driver\Tcpip \Device\RawIp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
    AttachedDevice \Driver\Tcpip \Device\RawIp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software, Inc.)
    ---- EOF - GMER 1.0.15 ----


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 5/4/2007 4:12:11 PM
    System Uptime: 5/15/2012 6:51:29 PM (2 hours ago)
    .
    Motherboard: Dell Inc. | | 0FT292
    Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | Microprocessor | 981/166mhz
    Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | Microprocessor | 981/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 74 GiB total, 49.082 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP128: 2/16/2012 12:39:01 AM - System Checkpoint
    RP129: 2/19/2012 7:14:14 PM - System Checkpoint
    RP130: 2/21/2012 12:58:02 AM - System Checkpoint
    RP131: 2/22/2012 11:21:44 AM - System Checkpoint
    RP132: 2/23/2012 2:10:33 PM - System Checkpoint
    RP133: 2/26/2012 9:58:21 AM - System Checkpoint
    RP134: 2/27/2012 1:58:37 PM - System Checkpoint
    RP135: 2/29/2012 7:09:18 AM - System Checkpoint
    RP136: 3/1/2012 8:34:02 AM - System Checkpoint
    RP137: 3/2/2012 4:15:45 PM - System Checkpoint
    RP138: 3/3/2012 12:47:23 PM - Installed H&R Block Deluxe + Efile + State 2011.
    RP139: 3/3/2012 1:23:49 PM - Restore Operation
    RP140: 3/3/2012 1:33:07 PM - Installed H&R Block Deluxe + Efile + State 2011.
    RP141: 3/3/2012 1:55:40 PM - Installed Windows XP WIC.
    RP142: 3/3/2012 1:59:18 PM - Installed Windows KB954550-v5.
    RP143: 3/3/2012 1:59:26 PM - Printer Driver Microsoft XPS Document Writer Installed
    RP144: 3/3/2012 1:59:41 PM - Printer Driver Microsoft XPS Document Writer Installed
    RP145: 3/3/2012 2:03:38 PM - Installed TurboTax 2010 wrapper
    RP146: 3/3/2012 4:14:55 PM - Installed H&R Block Massachusetts 2011.
    RP147: 3/4/2012 8:16:00 PM - System Checkpoint
    RP148: 3/6/2012 7:10:20 AM - System Checkpoint
    RP149: 3/7/2012 7:30:59 AM - System Checkpoint
    RP150: 3/8/2012 7:02:41 PM - System Checkpoint
    RP151: 3/10/2012 5:43:23 PM - System Checkpoint
    RP152: 3/11/2012 7:30:47 PM - System Checkpoint
    RP153: 3/13/2012 7:27:17 AM - System Checkpoint
    RP154: 3/15/2012 7:42:16 AM - System Checkpoint
    RP155: 3/16/2012 4:35:47 PM - System Checkpoint
    RP156: 3/19/2012 7:34:15 AM - System Checkpoint
    RP157: 3/20/2012 10:02:33 AM - System Checkpoint
    RP158: 3/21/2012 10:11:23 AM - System Checkpoint
    RP159: 3/22/2012 7:49:30 PM - System Checkpoint
    RP160: 3/24/2012 4:29:08 AM - System Checkpoint
    RP161: 3/26/2012 8:09:23 AM - System Checkpoint
    RP162: 3/27/2012 8:55:51 AM - System Checkpoint
    RP163: 3/28/2012 8:27:06 PM - System Checkpoint
    RP164: 3/30/2012 7:05:32 AM - System Checkpoint
    RP165: 3/31/2012 12:49:03 PM - System Checkpoint
    RP166: 4/2/2012 7:09:23 AM - System Checkpoint
    RP167: 4/3/2012 4:45:30 PM - System Checkpoint
    RP168: 4/4/2012 4:46:37 PM - System Checkpoint
    RP169: 4/4/2012 11:20:08 PM - Restore Operation
    RP170: 4/4/2012 11:32:52 PM - Restore Operation
    RP171: 4/5/2012 11:48:01 PM - System Checkpoint
    RP172: 4/7/2012 5:26:30 AM - System Checkpoint
    RP173: 4/8/2012 12:28:14 PM - System Checkpoint
    RP174: 4/9/2012 12:51:19 PM - System Checkpoint
    RP175: 4/11/2012 8:35:49 AM - System Checkpoint
    RP176: 4/11/2012 8:12:34 PM - System Checkpoint
    RP177: 4/13/2012 1:15:41 AM - System Checkpoint
    RP178: 4/14/2012 8:20:50 PM - Restore Operation
    RP179: 4/14/2012 8:34:09 PM - Restore Operation
    RP180: 4/14/2012 8:39:10 PM - Restore Operation
    RP181: 4/16/2012 12:28:06 PM - System Checkpoint
    RP182: 4/17/2012 4:17:34 PM - System Checkpoint
    RP183: 4/18/2012 5:37:10 PM - System Checkpoint
    RP184: 4/19/2012 6:16:54 PM - System Checkpoint
    RP185: 4/21/2012 1:49:34 AM - System Checkpoint
    RP186: 4/22/2012 8:13:17 AM - System Checkpoint
    RP187: 4/23/2012 8:09:33 PM - System Checkpoint
    RP188: 4/23/2012 10:41:11 PM - Restore Operation
    RP189: 4/25/2012 7:15:58 AM - System Checkpoint
    RP190: 4/26/2012 4:47:18 PM - System Checkpoint
    RP191: 4/27/2012 5:54:51 PM - System Checkpoint
    RP192: 4/28/2012 6:49:52 PM - System Checkpoint
    RP193: 4/29/2012 7:24:03 AM - Removed Java(TM) 6 Update 18
    RP194: 4/29/2012 7:26:15 AM - Removed Java(TM) 6 Update 18
    RP195: 4/29/2012 7:29:00 AM - Removed Java(TM) 6 Update 18
    RP196: 4/30/2012 7:59:56 AM - System Checkpoint
    RP197: 5/1/2012 4:38:54 PM - System Checkpoint
    RP198: 5/2/2012 4:44:00 PM - System Checkpoint
    RP199: 5/3/2012 5:43:43 PM - System Checkpoint
    RP200: 5/3/2012 10:19:20 PM - Restore Operation
    RP201: 5/5/2012 9:09:18 AM - System Checkpoint
    RP202: 5/6/2012 4:56:03 PM - System Checkpoint
    RP203: 5/6/2012 8:24:03 PM - Removed Ad-Aware Antivirus.
    RP204: 5/6/2012 11:12:27 PM - Restore Operation
    RP205: 5/7/2012 3:55:11 PM - Restore Operation
    RP206: 5/14/2012 8:20:12 AM - System Checkpoint
    RP207: 5/15/2012 12:43:38 PM - Installed Broadcom Gigabit Integrated Controller
    .
    ==== Installed Programs ======================
    .
    .
    Add/Remove Pro (Freeware)
    Adobe Acrobat 9 Standard
    Adobe Acrobat 9.3.4 - CPSID_83708
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.1
    AESPcLink
    ALPS Touch Pad Driver
    American Greetings CreataCard Select 6
    AnswerWorks Runtime
    AOL Uninstaller (Choose which Products to Remove)
    Apple Application Support
    Apple Software Update
    Armagetron Advanced 0.2.8.3.2
    AutoCAD LT 2002
    BitTorrent
    BitTorrentBar Toolbar
    Bonjour
    Broadcom Gigabit Integrated Controller
    Broadcom TPM Driver Installer
    Canon CanoScan Toolbox 4.1
    Compatibility Pack for the 2007 Office system
    Conexant HDA D110 MDC V.92 Modem
    Creative Live! Cam Center
    Creative Live! Cam Video Chat or Video IM Driver (1.02.01.00)
    Creative Software AutoUpdate
    Creative System Information
    Dell Support 3.2.1
    Dell Wireless WLAN Card
    Digital Line Detect
    EMBASSY Trust Suite by Wave Systems
    ESET Online Scanner v3
    ETS Launch Pad
    Final Media Player 2010
    Google Chrome
    Google Talk (remove only)
    Google Toolbar for Internet Explorer
    Google Update Helper
    H&R Block Deluxe + Efile + State 2011
    H&R Block Massachusetts 2011
    High Definition Audio Driver Package - KB835221
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Windows XP (KB896256)
    Hotfix for Windows XP (KB908673)
    Hotfix for Windows XP (KB909095)
    Hotfix for Windows XP (KB954550-v5)
    Intel(R) Graphics Media Accelerator Driver
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 30
    LibUSB-Win32-0.1.10.1
    LiveUpdate 2.0 (Symantec Corporation)
    Logitech High Quality Video
    Logitech Webcam Software
    Logitech Webcam Software Driver Package
    LWS Launcher
    LWS Motion Detection
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    Malwarebytes Anti-Malware version 1.61.0.1400
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0 ??? Language Pack
    Microsoft .NET Framework 2.0 Language Pack - DEU
    Microsoft .NET Framework 2.0 Language Pack - FRA
    Microsoft .NET Framework 2.0 Language Pack - JPN
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office Project MUI (English) 2007
    Microsoft Office Project Standard 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Edition 2003
    Microsoft Office Visio Viewer 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Web Publishing Wizard 1.52
    Modem Helper
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    MPLAB Tools v8.46
    MSXML 6.0 Parser (KB933579)
    NetWaiting
    NTRU Hybrid TSS v2.0.25
    PowerDVD 5.7
    QuickSet
    QuickTime
    Roxio DLA
    Roxio Express Labeler
    Roxio RecordNow Audio
    Roxio RecordNow Copy
    Roxio RecordNow Data
    SearchAssist
    Secure Update
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929969)
    SolidWorks eDrawings 2010
    SolidWorks eDrawings 2011
    Sonic Update Manager
    Symantec AntiVirus
    TurboTax 2010
    TurboTax 2010 WinPerFedFormset
    TurboTax 2010 WinPerReleaseEngine
    TurboTax 2010 WinPerTaxSupport
    TurboTax 2010 wrapper
    Tweak UI
    Uninstall AOL Emergency Connect Utility 1.0
    Update for Windows XP (KB912945)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    URL Assistant
    Viewpoint Media Player
    Volo View Express
    WebFldrs XP
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 8
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885855
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB889673
    Windows XP Hotfix - KB891781
    WinRAR archiver
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/15/2012 9:53:30 AM, error: Dhcp [1002] - The IP address lease 192.168.1.9 for the Network Card with network address 00197D995577 has been denied by the DHCP server 192.168.2.11 (The DHCP Server sent a DHCPNACK message).
    5/15/2012 5:44:42 PM, error: NETLOGON [5719] - No Domain Controller is available for domain ASPENTHERMAL due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    5/15/2012 4:50:19 PM, error: Service Control Manager [7001] - The SSDP Discovery Service service depends on the HTTP service which failed to start because of the following error: Not enough storage is available to process this command.
    5/15/2012 4:50:19 PM, error: Service Control Manager [7000] - The HTTP service failed to start due to the following error: Not enough storage is available to process this command.
    5/15/2012 4:41:18 PM, error: Dhcp [1002] - The IP address lease 192.168.2.126 for the Network Card with network address 00197D995577 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    5/15/2012 4:40:56 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
    5/15/2012 12:42:42 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the libusbd service.
    5/15/2012 10:25:11 AM, error: SAVRT [20] - Unable to initialize the virus scanning engine database files.
    5/15/2012 10:24:50 AM, error: Service Control Manager [7023] - The Symantec AntiVirus service terminated with the following error: The environment is incorrect.
    5/15/2012 10:24:49 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SAVRT SBRE
    5/15/2012 10:24:49 AM, error: Service Control Manager [7000] - The Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    5/15/2012 10:24:49 AM, error: Service Control Manager [7000] - The Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    5/15/2012 10:24:49 AM, error: Service Control Manager [7000] - The DataSvr2 service failed to start due to the following error: The system cannot find the file specified.
    5/14/2012 6:55:19 PM, error: NETLOGON [5719] - No Domain Controller is available for domain ASPENTHERMAL due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    5/13/2012 8:44:52 AM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
    5/11/2012 7:21:46 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
    .
    ==== End Of File ===========================

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by dolsen at 20:48:10 on 2012-05-15
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.248 [GMT -4:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\libusbd-nt.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\Program Files\Symantec AntiVirus\SavRoam.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\aol\1285799699\ee\aolsoftware.exe
    C:\Program Files\AOL Desktop 9.6\waol.exe
    C:\Program Files\AOL Desktop 9.6\shellmon.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.weather.com/weather/right-now/USMA0273
    mSearch Bar = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [AOL Fast Start] "c:\program files\aol desktop 9.6\AOL.EXE" -b
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    dRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    Trusted Zone: intuit.com\ttlc
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178310621687
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%20LT%202002/InstBanr.ocx
    DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///C:/Program%20Files/AutoCAD%20LT%202002/InstFred.ocx
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%20LT%202002/AcPreview.ocx
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{42B39CB8-08E9-402D-AABB-D369E8FDC8C8} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{528D6902-83EA-4BF9-BE9E-6330E3C55526} : DhcpNameServer = 192.168.2.12 192.168.2.11
    TCP: Interfaces\{C8FB8631-14EB-4BD0-9EBA-74664FE3AF1E} : DhcpNameServer = 192.168.2.12 192.168.2.11
    Notify: igfxcui - igfxdev.dll
    Notify: NavLogon - c:\windows\system32\NavLogon.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2004-2-9 301200]
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-5-6 332248]
    R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2012-5-6 212568]
    R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-12-23 654408]
    R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2004-3-12 169192]
    R2 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2004-2-9 37008]
    R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-7-24 33792]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-23 22344]
    R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100823.002\naveng.sys [2010-8-24 85424]
    R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100823.002\navex15.sys [2010-8-24 1362608]
    R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-5-6 69208]
    S0 mtjjs;mtjjs;c:\windows\system32\drivers\mvoxailg.sys --> c:\windows\system32\drivers\mvoxailg.sys [?]
    S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-4 135664]
    S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS);c:\windows\system32\drivers\icd2w2k.sys [2004-3-22 12427]
    S2 MCUSBPM3;Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS);c:\windows\system32\drivers\PM3w2k.sys [2004-3-22 12447]
    S2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2004-3-12 1221864]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-4 135664]
    S3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.SYS [2010-11-23 12160]
    S3 nicsrkw;nicsrkw;c:\windows\system32\drivers\nicsrkw.sys --> c:\windows\system32\drivers\nicsrkw.sys [?]
    S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-5-6 69208]
    S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-5-6 94040]
    S3 VF0350Afx;VF0350 Audio FX;c:\windows\system32\drivers\V0350Afx.sys [2010-3-31 142656]
    S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [2010-3-31 7424]
    S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [2010-3-31 170368]
    S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-2-29 255096]
    S4 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-2-29 87160]
    S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-2-29 242808]
    .
    =============== Created Last 30 ================
    .
    2012-05-06 23:57:48 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-05-06 23:57:46 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-05-06 23:57:08 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-05-06 23:57:07 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-05-04 02:21:07 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-05-04 02:21:07 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-05-04 02:20:18 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
    2012-05-02 22:13:41 -------- d-----w- c:\program files\PrivacySafeGuard
    2012-05-02 22:13:03 -------- d-----w- c:\documents and settings\dolsen\application data\uTorrent
    2012-04-23 23:32:34 57344 ----a-w- c:\windows\system32\Iasv32(2).dll
    2012-04-23 22:20:32 38400 ----a-w- c:\windows\system32\usbniw32.dll
    2012-04-23 22:20:32 156672 ----a-w- c:\windows\system32\usbnaw32.dll
    2012-04-23 22:10:27 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    .
    ==================== Find3M ====================
    .
    2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-06-14 16:55:40 368128 ----a-w- c:\program files\EModelViewer.exe
    2010-06-14 16:55:14 97280 ----a-w- c:\program files\EModelEx
    2010-06-14 16:55:12 27648 ----a-w- c:\program files\edrwthumbnailprovider.dll
    2010-06-14 16:54:20 1149952 ----a-w- c:\program files\eDrawingOfficeAutomator.exe
    2010-06-14 16:53:54 835584 ----a-w- c:\program files\EModelSWDisplayLists.dll
    2010-06-14 16:52:50 91136 ----a-w- c:\program files\EModelExport.dll
    2010-06-14 16:52:28 143360 ----a-w- c:\program files\EModelMDReader.dll
    2010-06-14 16:52:08 8760832 ----a-w- c:\program files\EModelXlator.dll
    2010-06-14 16:51:16 72192 ----a-w- c:\program files\EModelEventLog.dll
    2010-06-14 16:49:52 868352 ----a-w- c:\program files\EModelReviewer.dll
    2010-06-14 16:46:36 4797952 ----a-w- c:\program files\EModelView.dll
    2010-06-14 16:38:48 61440 ----a-w- c:\program files\EModelUtilsVista.dll
    2010-06-14 16:38:38 216576 ----a-w- c:\program files\EModelUtils.dll
    2010-06-14 16:38:06 3385344 ----a-w- c:\program files\EModelAddIn_libFNP.dll
    2010-06-14 16:38:04 2938383 ----a-w- c:\program files\EModelAddIn.dll
    2010-06-14 16:37:50 53248 ----a-w- c:\program files\eDrawingsGraphicsCardClient.dll
    2010-06-14 16:37:42 4483584 ----a-w- c:\program files\HoopsManager.dll
    2010-06-14 15:52:34 299288 ----a-w- c:\program files\solidworkslicenseservice.dll
    2010-06-14 15:52:34 263464 ----a-w- c:\program files\swlicservinst.exe
    2010-06-14 15:50:52 17920 ----a-w- c:\program files\IMPLODE.DLL
    .
    ============= FINISH: 20:49:41.82 ===============
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Give this a try first:

    Start> Run> type cmd> enter> at the C prompt type ipconfig /flushdns (note space before the /)

    Then exit and shut the computer down. Reboot. Does this make any difference?
    -------------------------------------------------------

    You have 3 Errors in the Event Viewer also indicating there is not enough storage for the Service to run:
    Install Date: 5/4/2007> how much RAM is installed?

    Have you checked the Page file setting? Instructions here>>
    http://www.microsoft.com/resources/...vancd_perform_change_vmpagefile.mspx?mfr=true
    -----------------------------------------------------------
    Let's see if Combofix finds anything to help:
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------

    • Download Combofix from HERE or HERE and save to the desktop
      • Double click combofix.exe [​IMG]& follow the prompts.
      • If prompted for Recovery Console, please allow.
      • Once installed, you should see a blue screen prompt that says:
      • Note: If Combofix was downloaded to a flash drive, the Recovery Console will not install- just bypass and go on.[/b]
      • Note: No query will be made if the Recovery Console is already on the system.
    • Close any open browsers.
    • Before you run the Combofix scan, please disable any security software you have running.
      (If you need help with this, please see HERE)
    • Click on Yes, to continue scanning for malware
    • If Combofix asks you to update the program, allow
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

    Re-enable your Antivirus software.
    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2:If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart the computer.
    Note 3:CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficultyand terminates prematurely, the connection can be manually restored by restarting your machine.
     
  5. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    That seems to have done the trick.
    Thanks very much!
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Do you plan to stop here?
     
  7. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Thought that was it since it seems to be working.
    If there is more I should do, then lets keep going.
    What's next?
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Because you had malware, I would encourage you to run at least Combofix and follow with an online virus scan I'll give you to make sure all of the malware is gone. You did not tell me what it was so I have no idea of the extent of it.. But I do see some entries in these logs that are vulnerabilities:

    P2P or 'file sharing' Warning:
    Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall
    Bittorrent and Bittorrent Toolbarfor the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • File sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.
    Please read the information on P2P Warning to help you better understand these dangers.
     
  9. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Got it on the Bit torrent.
    I'm sure thats how I got the virus to begin with.
    Just finished uninstalling it.
    Here is the log from Combofix I ran the other day.
    Thanks!
    ComboFix 12-05-17.02 - dolsen 05/17/2012 7:37.3.2 - x86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.593 [GMT -4:00]
    Running from: c:\documents and settings\dolsen\Desktop\ComboFix.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\$NtUninstallKB24815$\3417484125\@
    c:\windows\$NtUninstallKB24815$\3417484125\L(2)\iahonoel
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\00000001.@
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\00000002.@
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\00000004.@
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\80000000.@
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\80000004.@
    c:\windows\$NtUninstallKB24815$\3417484125\U(2)\80000032.@
    c:\windows\$NtUninstallKB24815$\3417484125\version
    c:\windows\system32\dds_trash_log.cmd
    c:\windows\system32\usbnaw32.dll
    c:\windows\system32\usbniw32.dll
    c:\windows\$NtUninstallKB24815$\4074954809 . . . . Failed to delete
    .
    Infected copy of c:\windows\system32\drivers\netbt.sys was found and disinfected
    Restored copy from - The cat found it :)
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-17 11:31 . 2004-08-04 10:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
    2012-05-15 16:09 . 2012-05-15 16:09 -------- d-----w- c:\documents and settings\nateit
    2012-05-07 00:09 . 2012-05-07 00:09 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
    2012-05-06 23:57 . 2011-04-05 21:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-05-06 23:57 . 2011-04-05 21:35 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-05-06 23:57 . 2011-02-08 13:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-05-06 23:57 . 2011-04-05 21:35 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-05-04 02:21 . 2012-05-04 02:21 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-05-04 02:20 . 2012-05-04 02:20 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
    2012-05-02 22:13 . 2012-05-04 02:20 -------- d-----w- c:\program files\PrivacySafeGuard
    2012-05-02 22:13 . 2012-05-05 12:10 -------- d-----w- c:\documents and settings\dolsen\Application Data\uTorrent
    2012-04-23 23:32 . 2012-04-23 23:32 57344 ----a-w- c:\windows\system32\Iasv32(2).dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-04-04 19:56 . 2010-12-23 20:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-06-14 16:55 . 2010-06-14 16:55 368128 ----a-w- c:\program files\EModelViewer.exe
    2010-06-14 16:55 . 2010-06-14 16:55 97280 ----a-w- c:\program files\EModelEx
    2010-06-14 16:55 . 2010-06-14 16:55 27648 ----a-w- c:\program files\edrwthumbnailprovider.dll
    2010-06-14 16:54 . 2010-06-14 16:54 1149952 ----a-w- c:\program files\eDrawingOfficeAutomator.exe
    2010-06-14 16:53 . 2010-06-14 16:53 835584 ----a-w- c:\program files\EModelSWDisplayLists.dll
    2010-06-14 16:52 . 2010-06-14 16:52 91136 ----a-w- c:\program files\EModelExport.dll
    2010-06-14 16:52 . 2010-06-14 16:52 143360 ----a-w- c:\program files\EModelMDReader.dll
    2010-06-14 16:52 . 2010-06-14 16:52 8760832 ----a-w- c:\program files\EModelXlator.dll
    2010-06-14 16:51 . 2010-06-14 16:51 72192 ----a-w- c:\program files\EModelEventLog.dll
    2010-06-14 16:49 . 2010-06-14 16:49 868352 ----a-w- c:\program files\EModelReviewer.dll
    2010-06-14 16:46 . 2010-06-14 16:46 4797952 ----a-w- c:\program files\EModelView.dll
    2010-06-14 16:38 . 2010-06-14 16:38 61440 ----a-w- c:\program files\EModelUtilsVista.dll
    2010-06-14 16:38 . 2010-06-14 16:38 216576 ----a-w- c:\program files\EModelUtils.dll
    2010-06-14 16:38 . 2010-06-14 16:38 3385344 ----a-w- c:\program files\EModelAddIn_libFNP.dll
    2010-06-14 16:38 . 2010-06-14 16:38 2938383 ----a-w- c:\program files\EModelAddIn.dll
    2010-06-14 16:37 . 2010-06-14 16:37 53248 ----a-w- c:\program files\eDrawingsGraphicsCardClient.dll
    2010-06-14 16:37 . 2010-06-14 16:37 4483584 ----a-w- c:\program files\HoopsManager.dll
    2010-06-14 15:52 . 2010-06-14 15:52 299288 ----a-w- c:\program files\solidworkslicenseservice.dll
    2010-06-14 15:52 . 2010-06-14 15:52 263464 ----a-w- c:\program files\swlicservinst.exe
    2010-06-14 15:50 . 2010-06-14 15:50 17920 ----a-w- c:\program files\IMPLODE.DLL
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    2011-05-09 09:49 176936 ----a-w- c:\program files\BitTorrentBar\prxtbBit0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\prxtbBit0.dll" [2011-05-09 176936]
    .
    [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\prxtbBit0.dll" [2011-05-09 176936]
    .
    [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-179605362-725345543-1608\Scripts\Logon\0\0]
    "Script"=defaultLogon.vbs
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EMBASSY Trust Suite Secure Update.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk
    backup=c:\windows\pss\EMBASSY Trust Suite Secure Update.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Forget Me Not.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Forget Me Not.lnk
    backup=c:\windows\pss\Forget Me Not.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^Epson Home Theater Registration.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\Epson Home Theater Registration.lnk
    backup=c:\windows\pss\Epson Home Theater Registration.lnkStartup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2010-06-19 16:36 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
    2010-06-19 23:04 38840 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 05:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
    2011-04-25 21:52 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    2005-10-07 17:13 176128 ----a-r- c:\program files\Apoint\Apoint.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
    2006-11-22 22:35 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    2004-02-29 22:44 66680 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2004-08-04 10:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2006-08-29 02:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 10:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    2005-12-10 01:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
    2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\aol\1285799699\ee\aolsoftware.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-12-13 21:41 77824 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-12-13 21:45 118784 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-12-13 21:44 98304 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2004-07-27 21:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2004-07-27 21:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
    2011-11-11 18:08 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
    2012-04-04 19:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
    2010-06-01 14:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
    2006-03-24 21:30 282624 ----a-w- c:\windows\stsystra.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-03-03 18:20 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2012-05-05 01:56 879984 ----a-w- c:\documents and settings\dolsen\Desktop\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0350Mon.exe]
    2007-06-04 17:02 32768 ----a-r- c:\windows\V0350Mon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
    2004-03-12 21:18 124128 ----a-w- c:\progra~1\SYMANT~1\VPTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ccSetMgr"=2 (0x2)
    "ccPwdSvc"=3 (0x3)
    "ccEvtMgr"=2 (0x2)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
    "c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
    "c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
    "c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Common Files\\aol\\1285799699\\ee\\aolsoftware.exe"=
    "c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
    "c:\\Program Files\\Outlook Express\\msimn.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
    "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Documents and Settings\\dolsen\\Desktop\\uTorrent.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "6999:TCP"= 6999:TCP:rqfkjr
    .
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/6/2012 7:57 PM 332248]
    R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [5/6/2012 7:57 PM 212568]
    R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/23/2010 4:40 PM 654408]
    R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 5:18 PM 169192]
    R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [7/24/2011 9:39 PM 33792]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/23/2010 4:40 PM 22344]
    R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S0 mtjjs;mtjjs;c:\windows\system32\drivers\mvoxailg.sys --> c:\windows\system32\drivers\mvoxailg.sys [?]
    S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS);c:\windows\system32\drivers\icd2w2k.sys [3/22/2004 4:43 AM 12427]
    S2 MCUSBPM3;Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS);c:\windows\system32\drivers\PM3w2k.sys [3/22/2004 2:45 AM 12447]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.SYS [11/23/2010 5:25 PM 12160]
    S3 nicsrkw;nicsrkw;c:\windows\system32\DRIVERS\nicsrkw.sys --> c:\windows\system32\DRIVERS\nicsrkw.sys [?]
    S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [5/6/2012 7:57 PM 94040]
    S3 VF0350Afx;VF0350 Audio FX;c:\windows\system32\drivers\V0350Afx.sys [3/31/2010 8:08 AM 142656]
    S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [3/31/2010 8:08 AM 7424]
    S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [3/31/2010 8:08 AM 170368]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608Core.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608UA.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    .
    ------- Supplementary Scan -------
    .
    mSearch Bar = hxxp://www.google.com/ie
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    MSConfigStartUp-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-17 08:24
    Windows 5.1.2600 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'explorer.exe'(3920)
    c:\windows\system32\ieframe.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\System32\WLTRYSVC.EXE
    c:\windows\System32\bcmwltry.exe
    c:\windows\System32\SCardSvr.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Symantec AntiVirus\DefWatch.exe
    c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\libusbd-nt.exe
    c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
    c:\program files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
    c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-17 08:33:44 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-17 12:33
    .
    Pre-Run: 52,632,023,040 bytes free
    Post-Run: 52,660,297,728 bytes free
    .
    - - End Of File - - ED46EAD7B56C2F2163641D22BE5BA43D
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I edited the line with the link about the P2P File Sharing Warning. Sometimes when I run a Google spell check, it parses the text- I missed it but it's okay now.

    Your system was/is not clean.
    There is an entire section, almost all of the files in the Combofix Find 3M section showing date 2010-06-14 for entries related to Dassault Systèmes SolidWorks Corp. There are both .exe files and .dll files. All of the files in this section are very large.

    This process 2010-06-14 15:52 263464 ----a-w- c:\program files\swlicservinst.exe >> is for the SolidWorks Activation Wizard
    This process 2010-06-14 15:50 17920 ----a-w- c:\program files\IMPLODE.DLL is a remote management process used by Symantec PCAnywhere

    2 of the processes deleted by Combofix belong to a Trojan.Backdoor.

    I am also having a problem clearly identifying the following:

    I am also uncertain about what security you're running:
    You have Sunbelt Personal Firewall Host Intrusion Prevention Driver, Symantec AntiVirus, Symantec AntiVirus, so let's go on.
    =============================================

    Download Security Check by screen317 and save to the desktop
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt
    • Post the contents of that document.
    ============================================
    Please run this Custom CFScript:

    • [1]. Close any open browsers.
      [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:
    Code:
    File::
    Folder::
    c:\documents and settings\dolsen\Application Data\uTorrent
    c:\documents and settings\nateit
    DDS::
    uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBit0.dll
    Registry::
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- 
    [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"=- 
    [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\BitTorrent\\BitTorrent.exe"=-
    "c:\\Documents and Settings\\dolsen\\Desktop\\uTorrent.exe"=-
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "6999:TCP"=- 
    Clearjavacache::
    
    
    Save this as CFScript.txt, in the same location as ComboFix.exe
    [​IMG]

    Referring to the picture above, drag CFScript into ComboFix.exe

    When finished, it will produce a log for you at C:\ComboFix.txt . Please paste into to your next reply.
    ===================
    • Download OTL from one of the links below and save it to your desktop.
      OTL.exe
      OTL.com
      OTL.scr
      You just need one. Sometimes the file extension gets blocked.

      Note: When using these links, use Internet Explorer to download. If using Firefox, you should right-click and use "Save link As". Otherwise, on some systems, FF attempts to open the file as a script and just a bunch of gibberish is displayed.
    • Double click the OTL icon to run it.[​IMG]
    • The opened console will resemble this: [​IMG]
    • Set Output at the top to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Copy the entries in the Codebox below> Paste in the Custom Scan box.
      Code:
      netsvcs
      %SYSTEMDRIVE%\*.exe
      %systemroot%\*. /mp /s
      /md5start
      explorer.exe
      winlogon.exe
      userinit.exe
      /md5stop
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      Make sure all other windows are closed and to let it run uninterrupted.
    • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

    Please leave new Combofix log, Security Check and the 2 logs from OTL in your next reply.
     
  11. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Here are the latest log files. They wouldn't all fit, so I put the OTL logs in the next post.

    Results of screen317's Security Check version 0.99.38
    Windows XP Service Pack 2 x86
    Out of date service pack!!
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:
    Windows Security Center service is not running! This report may not be accurate!
    Windows Firewall Disabled!
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:
    Malwarebytes Anti-Malware version 1.61.0.1400
    HijackThis 2.0.2
    Java(TM) 6 Update 30
    Java version out of date!
    Adobe Flash Player 10 Flash Player out of date!
    Adobe Reader 9 Adobe Reader out of date!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent
    Malwarebytes Anti-Malware mbamservice.exe
    Symantec AntiVirus DefWatch.exe
    Symantec AntiVirus SavRoam.exe
    ``````````End of Log````````````


    ComboFix 12-05-17.02 - dolsen 05/25/2012 9:11.4.2 - x86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.486 [GMT -4:00]
    Running from: c:\documents and settings\dolsen\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\dolsen\Desktop\CFScript.txt
    .
    - REDUCED FUNCTIONALITY MODE -
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\dolsen\Application Data\uTorrent
    c:\documents and settings\dolsen\Application Data\uTorrent\03 God Gave Me You.m4a.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\apps\3609FC884502A1DF0AA5D9D160C827BB1BD51FC9.btapp
    c:\documents and settings\dolsen\Application Data\uTorrent\apps\player.btapp
    c:\documents and settings\dolsen\Application Data\uTorrent\apps\plus.btapp
    c:\documents and settings\dolsen\Application Data\uTorrent\apps\whatsnew-ut.btapp
    c:\documents and settings\dolsen\Application Data\uTorrent\Boston - Don't Look Back.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Boston - More Than A Feeling.avi.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Brad Paisley.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Brad_Paisley_-_I'm_Gonna_Miss_Her_(2nafish).mpg.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Chris Cagle - My Life's Been A Country Song (192Kbs) (2008).torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\DeathGrips-BitTorrent.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\dht.dat
    c:\documents and settings\dolsen\Application Data\uTorrent\dht_feed.dat
    c:\documents and settings\dolsen\Application Data\uTorrent\dht_feed.dat.old
    c:\documents and settings\dolsen\Application Data\uTorrent\dlimagecache\10E6FBE4D921B475FA5FEC6E9A535A540D6FEED1
    c:\documents and settings\dolsen\Application Data\uTorrent\dlimagecache\32F529521A3DEC709F97F761F192AABF29BDC408
    c:\documents and settings\dolsen\Application Data\uTorrent\Eric Church - Drink in My Hand.mp4.1.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Eric Church - Drink in My Hand.mp4.2.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Eric Church - Drink in My Hand.mp4.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Eric_Church-Chief-2011.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Gary Allan - Watching Airplanes.mpg.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\resume.dat
    c:\documents and settings\dolsen\Application Data\uTorrent\resume.dat.old
    c:\documents and settings\dolsen\Application Data\uTorrent\Rodney Atkins - Take a Back Road.mp3.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\rss.dat
    c:\documents and settings\dolsen\Application Data\uTorrent\settings.dat
    c:\documents and settings\dolsen\Application Data\uTorrent\settings.dat.old
    c:\documents and settings\dolsen\Application Data\uTorrent\The Foundation.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Toby Keith - Made in America (2011).mp3.torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Zac Brown Band - You Get What You Give [2010-MP3-Cov][MJN].torrent
    c:\documents and settings\dolsen\Application Data\uTorrent\Zac Brown Band.torrent
    c:\program files\bittorrentbar\prxtbBit0.dll
    c:\windows\system32\test
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-25 to 2012-05-25 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-25 12:17 . 2012-05-25 12:57 -------- d-----w- c:\documents and settings\Guest
    2012-05-17 11:31 . 2004-08-04 10:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
    2012-05-15 16:09 . 2012-05-15 16:09 -------- d-----w- c:\documents and settings\nateit
    2012-05-07 00:09 . 2012-05-07 00:09 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
    2012-05-06 23:57 . 2011-04-05 21:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-05-06 23:57 . 2011-04-05 21:35 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-05-06 23:57 . 2011-02-08 13:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-05-06 23:57 . 2011-04-05 21:35 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-05-04 02:21 . 2012-05-04 02:21 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-05-04 02:20 . 2012-05-04 02:20 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
    2012-05-02 22:13 . 2012-05-04 02:20 -------- d-----w- c:\program files\PrivacySafeGuard
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-04-23 23:32 . 2012-04-23 23:32 57344 ----a-w- c:\windows\system32\Iasv32(2).dll
    2012-04-04 19:56 . 2010-12-23 20:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-06-14 16:55 . 2010-06-14 16:55 368128 ----a-w- c:\program files\EModelViewer.exe
    2010-06-14 16:55 . 2010-06-14 16:55 97280 ----a-w- c:\program files\EModelEx
    2010-06-14 16:55 . 2010-06-14 16:55 27648 ----a-w- c:\program files\edrwthumbnailprovider.dll
    2010-06-14 16:54 . 2010-06-14 16:54 1149952 ----a-w- c:\program files\eDrawingOfficeAutomator.exe
    2010-06-14 16:53 . 2010-06-14 16:53 835584 ----a-w- c:\program files\EModelSWDisplayLists.dll
    2010-06-14 16:52 . 2010-06-14 16:52 91136 ----a-w- c:\program files\EModelExport.dll
    2010-06-14 16:52 . 2010-06-14 16:52 143360 ----a-w- c:\program files\EModelMDReader.dll
    2010-06-14 16:52 . 2010-06-14 16:52 8760832 ----a-w- c:\program files\EModelXlator.dll
    2010-06-14 16:51 . 2010-06-14 16:51 72192 ----a-w- c:\program files\EModelEventLog.dll
    2010-06-14 16:49 . 2010-06-14 16:49 868352 ----a-w- c:\program files\EModelReviewer.dll
    2010-06-14 16:46 . 2010-06-14 16:46 4797952 ----a-w- c:\program files\EModelView.dll
    2010-06-14 16:38 . 2010-06-14 16:38 61440 ----a-w- c:\program files\EModelUtilsVista.dll
    2010-06-14 16:38 . 2010-06-14 16:38 216576 ----a-w- c:\program files\EModelUtils.dll
    2010-06-14 16:38 . 2010-06-14 16:38 3385344 ----a-w- c:\program files\EModelAddIn_libFNP.dll
    2010-06-14 16:38 . 2010-06-14 16:38 2938383 ----a-w- c:\program files\EModelAddIn.dll
    2010-06-14 16:37 . 2010-06-14 16:37 53248 ----a-w- c:\program files\eDrawingsGraphicsCardClient.dll
    2010-06-14 16:37 . 2010-06-14 16:37 4483584 ----a-w- c:\program files\HoopsManager.dll
    2010-06-14 15:52 . 2010-06-14 15:52 299288 ----a-w- c:\program files\solidworkslicenseservice.dll
    2010-06-14 15:52 . 2010-06-14 15:52 263464 ----a-w- c:\program files\swlicservinst.exe
    2010-06-14 15:50 . 2010-06-14 15:50 17920 ----a-w- c:\program files\IMPLODE.DLL
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-05-17_12.25.20 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-05-18 12:17 . 2012-05-18 12:17 16384 c:\windows\Temp\Perflib_Perfdata_308.dat
    + 2004-08-11 22:00 . 2012-05-18 12:21 72978 c:\windows\system32\perfc009.dat
    - 2004-08-11 22:00 . 2012-05-17 12:04 72978 c:\windows\system32\perfc009.dat
    - 2010-03-17 13:18 . 2011-09-06 13:32 23040 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 23040 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 61440 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 61440 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 27136 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 27136 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 11264 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 11264 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 12288 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 12288 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 4096 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 4096 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2004-08-11 22:00 . 2012-05-18 12:21 445938 c:\windows\system32\perfh009.dat
    - 2004-08-11 22:00 . 2012-05-17 12:04 445938 c:\windows\system32\perfh009.dat
    + 2010-03-17 13:18 . 2012-05-25 12:19 409600 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 409600 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 286720 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 286720 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 249856 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 249856 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 794624 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 794624 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 135168 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\misc.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 135168 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\misc.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    "AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-04-25 42320]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-179605362-725345543-1608\Scripts\Logon\0\0]
    "Script"=defaultLogon.vbs
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EMBASSY Trust Suite Secure Update.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk
    backup=c:\windows\pss\EMBASSY Trust Suite Secure Update.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Forget Me Not.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Forget Me Not.lnk
    backup=c:\windows\pss\Forget Me Not.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^Epson Home Theater Registration.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\Epson Home Theater Registration.lnk
    backup=c:\windows\pss\Epson Home Theater Registration.lnkStartup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2010-06-19 16:36 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
    2010-06-19 23:04 38840 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 05:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
    2011-04-25 21:52 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    2005-10-07 17:13 176128 ----a-r- c:\program files\Apoint\Apoint.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
    2006-11-22 22:35 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    2004-02-29 22:44 66680 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2004-08-04 10:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2006-08-29 02:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 10:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    2005-12-10 01:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
    2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\aol\1285799699\ee\aolsoftware.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-12-13 21:41 77824 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-12-13 21:45 118784 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-12-13 21:44 98304 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2004-07-27 21:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2004-07-27 21:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
    2011-11-11 18:08 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
    2012-04-04 19:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
    2010-06-01 14:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
    2006-03-24 21:30 282624 ----a-w- c:\windows\stsystra.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-03-03 18:20 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2012-05-05 01:56 879984 ----a-w- c:\documents and settings\dolsen\Desktop\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0350Mon.exe]
    2007-06-04 17:02 32768 ----a-r- c:\windows\V0350Mon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
    2004-03-12 21:18 124128 ----a-w- c:\progra~1\SYMANT~1\VPTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ccSetMgr"=2 (0x2)
    "ccPwdSvc"=3 (0x3)
    "ccEvtMgr"=2 (0x2)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
    "c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
    "c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
    "c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Common Files\\aol\\1285799699\\ee\\aolsoftware.exe"=
    "c:\\Program Files\\Outlook Express\\msimn.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
    "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    .
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/6/2012 7:57 PM 332248]
    R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [5/6/2012 7:57 PM 212568]
    R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/23/2010 4:40 PM 654408]
    R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 5:18 PM 169192]
    R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [7/24/2011 9:39 PM 33792]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/23/2010 4:40 PM 22344]
    R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S0 mtjjs;mtjjs;c:\windows\system32\drivers\mvoxailg.sys --> c:\windows\system32\drivers\mvoxailg.sys [?]
    S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS);c:\windows\system32\drivers\icd2w2k.sys [3/22/2004 4:43 AM 12427]
    S2 MCUSBPM3;Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS);c:\windows\system32\drivers\PM3w2k.sys [3/22/2004 2:45 AM 12447]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.SYS [11/23/2010 5:25 PM 12160]
    S3 nicsrkw;nicsrkw;c:\windows\system32\DRIVERS\nicsrkw.sys --> c:\windows\system32\DRIVERS\nicsrkw.sys [?]
    S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [5/6/2012 7:57 PM 94040]
    S3 VF0350Afx;VF0350 Audio FX;c:\windows\system32\drivers\V0350Afx.sys [3/31/2010 8:08 AM 142656]
    S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [3/31/2010 8:08 AM 7424]
    S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [3/31/2010 8:08 AM 170368]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ATWPKT2
    *Deregistered* - ATWPKT2
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608Core.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    2012-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608UA.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.weather.com/weather/right-now/USMA0273
    mSearch Bar = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: intuit.com\ttlc
    TCP: DhcpNameServer = 192.168.2.12 192.168.2.11
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-25 09:13
    Windows 5.1.2600 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(1500)
    c:\windows\system32\igfxdev.dll
    .
    Completion time: 2012-05-25 09:15:38
    ComboFix-quarantined-files.txt 2012-05-25 13:15
    ComboFix2.txt 2012-05-17 12:33
    .
    Pre-Run: 51,007,934,464 bytes free
    Post-Run: 50,989,076,480 bytes free
    .
    - - End Of File - - 90AC0825CCE15E523A8BEE8DF7275C9D
     
  12. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Here is the first OTL log.

    OTL logfile created on: 5/25/2012 9:36:47 AM - Run 1
    OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\dolsen\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1014.05 Mb Total Physical Memory | 499.77 Mb Available Physical Memory | 49.28% Memory free
    3.87 Gb Paging File | 3.48 Gb Available in Paging File | 89.95% Paging File free
    Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.47 Gb Total Space | 47.52 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
    Drive H: | 890.49 Gb Total Space | 542.81 Gb Free Space | 60.96% Space Free | Partition Type: NTFS
    Drive X: | 890.49 Gb Total Space | 542.81 Gb Free Space | 60.96% Space Free | Partition Type: NTFS

    Computer Name: TEST1 | User Name: dolsen | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\dolsen\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    PRC - C:\Program Files\Common Files\aol\1285799699\ee\aolsoftware.exe (AOL Inc.)
    PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
    PRC - C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
    PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll ()
    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll ()
    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
    MOD - C:\WINDOWS\system32\bcm1xsup.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (DataSvr2) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe File not found
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
    SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (AOL ACS) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
    SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
    SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe ()
    SRV - (libusbd) -- C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
    SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
    SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
    SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
    SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
    SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
    SRV - (ccPwdSvc) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
    SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (WDICA) -- File not found
    DRV - (USBAAPL) -- System32\Drivers\usbaapl.sys File not found
    DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREdrv.sys File not found
    DRV - (PDRFRAME) -- File not found
    DRV - (PDRELI) -- File not found
    DRV - (PDFRAME) -- File not found
    DRV - (PDCOMP) -- File not found
    DRV - (PCIDump) -- File not found
    DRV - (nicsrkw) -- system32\DRIVERS\nicsrkw.sys File not found
    DRV - (mtjjs) -- System32\drivers\mvoxailg.sys File not found
    DRV - (mbr) -- C:\DOCUME~1\dolsen\LOCALS~1\Temp\mbr.sys File not found
    DRV - (lbrtfdc) -- File not found
    DRV - (Changer) -- File not found
    DRV - (catchme) -- C:\DOCUME~1\dolsen\LOCALS~1\Temp\catchme.sys File not found
    DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
    DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
    DRV - (SbTis) -- C:\WINDOWS\system32\drivers\sbtis.sys (Sunbelt Software, Inc.)
    DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
    DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
    DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
    DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100823.002\NAVEX15.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100823.002\NAVENG.SYS (Symantec Corporation)
    DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
    DRV - (LVUVC) Logitech Webcam 120(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
    DRV - (VF0350Afx) -- C:\WINDOWS\system32\drivers\V0350Afx.sys (Creative Technology Ltd.)
    DRV - (VF0350Vid) Live! Cam Video IM (VF0350) -- C:\WINDOWS\system32\drivers\V0350Vid.sys (Creative Technology Ltd.)
    DRV - (NCBULK) -- C:\WINDOWS\system32\drivers\RealICEBulk.SYS (PLX Technology, Inc. (visit www.PlxTech.com))
    DRV - (VF0350Vfx) -- C:\WINDOWS\system32\drivers\V0350Vfx.sys (EyePower Games Pte. Ltd.)
    DRV - (guardian2) -- C:\WINDOWS\system32\drivers\oz776.sys (O2Micro)
    DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
    DRV - (DSproct) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
    DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
    DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
    DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
    DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
    DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
    DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
    DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
    DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
    DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
    DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
    DRV - (APPDRV) -- C:\WINDOWS\system32\drivers\APPDRV.SYS (Dell Inc)
    DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
    DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
    DRV - (MCUSBICD2) Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS) -- C:\WINDOWS\system32\drivers\icd2w2k.sys (Microchip Technology, Inc.)
    DRV - (MCUSBPM3) Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS) -- C:\WINDOWS\system32\drivers\PM3w2k.sys (Microchip Technology, Inc.)
    DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\symtdi.sys (Symantec Corporation)
    DRV - (SYMREDRV) -- C:\WINDOWS\system32\drivers\symredrv.sys (Symantec Corporation)
    DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
    DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc)
    DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
    DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.weather.com/weather/right-now/USMA0273
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15150&src=crm&q={searchTerms}&locale=en_US
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7DMUS_enUS221
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


    [2010/09/30 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dolsen\Application Data\Mozilla\Extensions
    [2010/09/30 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dolsen\Application Data\Mozilla\Extensions\mozswing@mozswing.org

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - Extension: YouTube = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
    CHR - Extension: Google Search = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
    CHR - Extension: Gmail = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

    O1 HOSTS File: ([2012/05/25 09:13:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178310621687 (WUWebControl Class)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstBanr.ocx (NOXLATE-BANR)
    O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstFred.ocx (InstaFred)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/AcPreview.ocx (AcPreview Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.12 192.168.2.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aspenthermal.local
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42B39CB8-08E9-402D-AABB-D369E8FDC8C8}: DhcpNameServer = 192.168.2.12 192.168.2.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{528D6902-83EA-4BF9-BE9E-6330E3C55526}: DhcpNameServer = 192.168.2.12 192.168.2.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8FB8631-14EB-4BD0-9EBA-74664FE3AF1E}: DhcpNameServer = 192.168.2.12 192.168.2.11
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/05/25 09:33:58 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dolsen\Desktop\OTL.exe
    [2012/05/25 09:10:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/05/25 09:10:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/05/25 09:10:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/05/25 09:10:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/05/17 07:24:56 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/05/17 07:21:37 | 004,495,594 | R--- | C] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\ComboFix.exe
    [2012/05/15 20:36:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\dds.scr
    [2012/05/15 11:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dolsen\Desktop\Tax Stuff
    [2012/05/06 20:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
    [2012/05/06 19:57:48 | 000,094,040 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbhips.sys
    [2012/05/06 19:57:46 | 000,212,568 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbtis.sys
    [2012/05/06 19:57:08 | 000,069,208 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
    [2012/05/06 19:57:07 | 000,332,248 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
    [2012/05/04 21:56:24 | 000,879,984 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
    [2012/05/03 22:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32-0.1.10.1
    [2012/05/03 22:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LibUSB-Win32
    [2012/05/02 18:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Privacy SafeGuard
    [2012/05/02 18:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\PrivacySafeGuard
    [2010/06/14 12:55:40 | 000,368,128 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelViewer.exe
    [2010/06/14 12:55:14 | 000,097,280 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelEx
    [2010/06/14 12:55:12 | 000,027,648 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\edrwthumbnailprovider.dll
    [2010/06/14 12:54:20 | 001,149,952 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\eDrawingOfficeAutomator.exe
    [2010/06/14 12:53:54 | 000,835,584 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelSWDisplayLists.dll
    [2010/06/14 12:52:50 | 000,091,136 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelExport.dll
    [2010/06/14 12:52:28 | 000,143,360 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelMDReader.dll
    [2010/06/14 12:52:08 | 008,760,832 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelXlator.dll
    [2010/06/14 12:51:16 | 000,072,192 | ---- | C] (Solidworks) -- C:\Program Files\EModelEventLog.dll
    [2010/06/14 12:49:52 | 000,868,352 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelReviewer.dll
    [2010/06/14 12:46:36 | 004,797,952 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelView.dll
    [2010/06/14 12:38:48 | 000,061,440 | ---- | C] (Solidworks) -- C:\Program Files\EModelUtilsVista.dll
    [2010/06/14 12:38:38 | 000,216,576 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelUtils.dll
    [2010/06/14 12:38:06 | 003,385,344 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\EModelAddIn_libFNP.dll
    [2010/06/14 12:38:04 | 002,938,383 | ---- | C] (Solidworks) -- C:\Program Files\EModelAddIn.dll
    [2010/06/14 12:37:50 | 000,053,248 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\eDrawingsGraphicsCardClient.dll
    [2010/06/14 12:37:42 | 004,483,584 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\HoopsManager.dll
    [2010/06/14 11:52:34 | 000,299,288 | ---- | C] (SolidWorks) -- C:\Program Files\solidworkslicenseservice.dll
    [2010/06/14 11:52:34 | 000,263,464 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\swlicservinst.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/05/25 09:39:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/05/25 09:36:37 | 166,609,920 | ---- | M] () -- C:\archive.pst
    [2012/05/25 09:34:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dolsen\Desktop\OTL.exe
    [2012/05/25 09:13:15 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/05/25 09:00:35 | 000,852,401 | ---- | M] () -- C:\Documents and Settings\dolsen\Desktop\SecurityCheck.exe
    [2012/05/25 08:57:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/05/25 08:56:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608UA.job
    [2012/05/25 08:22:18 | 000,094,679 | ---- | M] () -- C:\VETlog.dmp
    [2012/05/25 08:19:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
    [2012/05/25 00:56:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608Core.job
    [2012/05/18 08:21:12 | 000,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/05/18 08:21:12 | 000,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/05/18 08:17:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/05/18 08:17:04 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
    [2012/05/17 07:21:37 | 004,495,594 | R--- | M] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\ComboFix.exe
    [2012/05/15 20:47:49 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\dolsen\Desktop\xp_scr_fix.zip
    [2012/05/15 20:36:20 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\dds.scr
    [2012/05/15 20:33:47 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\dolsen\Desktop\xyd9mwlo.exe
    [2012/05/14 14:41:04 | 011,918,848 | ---- | M] () -- C:\Documents and Settings\dolsen\Desktop\RE PRM.msg
    [2012/05/07 22:42:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/06 23:19:35 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\dolsen\Desktop\RE 97 Ford Probe - $1500 (Belmont).msg
    [2012/05/06 19:36:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2012/05/04 21:56:38 | 000,879,984 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
    [2012/05/04 21:47:04 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\dolsen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/05/03 22:22:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

    ========== Files Created - No Company Name ==========

    [2012/05/25 09:10:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/05/25 09:10:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/05/25 09:10:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/05/25 09:10:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/05/25 09:10:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/05/25 09:00:10 | 000,852,401 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\SecurityCheck.exe
    [2012/05/15 20:47:46 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\xp_scr_fix.zip
    [2012/05/15 20:33:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\xyd9mwlo.exe
    [2012/05/14 14:41:04 | 011,918,848 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\RE PRM.msg
    [2012/05/07 22:30:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/06 23:19:35 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\RE 97 Ford Probe - $1500 (Belmont).msg
    [2012/04/23 19:32:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\Iasv32(2).dll
    [2012/04/23 18:23:54 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
    [2012/04/23 18:23:54 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
    [2012/03/03 15:00:54 | 000,238,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2011/12/25 18:32:56 | 000,000,027 | ---- | C] () -- C:\WINDOWS\PHC705HD.ini
    [2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
    [2011/07/24 21:39:00 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
    [2010/09/23 11:05:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
    [2010/09/21 14:45:03 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
    [2010/07/15 07:29:26 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\dolsen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/07/02 05:40:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/06/24 17:40:30 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/06/14 12:53:02 | 001,785,416 | ---- | C] () -- C:\Program Files\GraphicsCardInfo.xml
    [2010/06/14 12:37:52 | 000,002,796 | ---- | C] () -- C:\Program Files\eDrawingsGraphicsCardClient.tlb
    [2010/06/14 11:55:10 | 000,004,072 | ---- | C] () -- C:\Program Files\emodelviewer.exe.config
    [2010/06/14 11:54:46 | 000,161,412 | ---- | C] () -- C:\Program Files\GTOL.SYM
    [2010/06/14 11:50:52 | 000,017,920 | ---- | C] () -- C:\Program Files\IMPLODE.DLL

    ========== LOP Check ==========

    [2011/11/11 17:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Armagetron
    [2010/07/17 12:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
    [2012/04/04 23:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F4D55EDB00052BCF000071D92830AC72
    [2010/10/04 10:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
    [2012/03/03 13:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
    [2011/12/23 19:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2007/04/24 10:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
    [2011/06/03 21:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2011/08/14 08:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\.minecraft
    [2011/11/11 17:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Armagetron
    [2010/04/12 14:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Autodesk
    [2010/11/22 12:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Canon
    [2010/09/23 11:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\EDrawings
    [2010/06/18 12:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Eltima Software
    [2010/07/15 08:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\FinalMediaPlayer
    [2011/01/21 19:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Leadertech
    [2010/12/10 13:42:35 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\dolsen\Application Data\Microchip
    [2012/03/03 13:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\TaxCut
    [2011/12/23 22:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Viewpoint

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < %SYSTEMDRIVE%\*.exe >

    < %systemroot%\*. /mp /s >

    < MD5 for: EXPLORER.EXE >
    [2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ERDNT\cache\explorer.exe
    [2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe

    < MD5 for: USERINIT.EXE >
    [2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
    [2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
    [2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
    [2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
    [2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ERDNT\cache\winlogon.exe
    [2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
    [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

    < %systemroot%\*. /mp /s >

    < >
    < End of report >
     
  13. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Here is the second OTL log.

    OTL Extras logfile created on: 5/25/2012 9:36:47 AM - Run 1
    OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\dolsen\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1014.05 Mb Total Physical Memory | 499.77 Mb Available Physical Memory | 49.28% Memory free
    3.87 Gb Paging File | 3.48 Gb Available in Paging File | 89.95% Paging File free
    Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.47 Gb Total Space | 47.52 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
    Drive H: | 890.49 Gb Total Space | 542.81 Gb Free Space | 60.96% Space Free | Partition Type: NTFS
    Drive X: | 890.49 Gb Total Space | 542.81 Gb Free Space | 60.96% Space Free | Partition Type: NTFS

    Computer Name: TEST1 | User Name: dolsen | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "UpdatesDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
    "C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
    "C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
    "C:\Program Files\Common Files\aol\1274295049\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1274295049\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
    "C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
    "C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
    "C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
    "C:\Program Files\Common Files\aol\1277126877\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1277126877\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
    "C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe" = C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe:*:Enabled:Final Media Player Update Checker -- (Bitberry Software)
    "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
    "C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
    "C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
    "C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
    "C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
    "C:\Program Files\Common Files\aol\1285799699\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1285799699\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
    "C:\Program Files\Outlook Express\msimn.exe" = C:\Program Files\Outlook Express\msimn.exe:*:Enabled:Outlook Express -- (Microsoft Corporation)
    "C:\Program Files\AOL Desktop 9.6\waol.exe" = C:\Program Files\AOL Desktop 9.6\waol.exe:*:Enabled:AOL -- (AOL Inc.)
    "C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe:*:Enabled:AOL Browser -- (AOL Inc.)
    "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
    "{0BA2A0BA-7F4D-4B7B-AE94-5F0233AC8A5A}" = NTRU Hybrid TSS v2.0.25
    "{0C186265-F6F9-4FAF-BD49-2BEA28387EFC}" = SolidWorks eDrawings 2011
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
    "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 30
    "{281D28EC-1357-4778-B2D7-DEA56D70EF96}" = Logitech High Quality Video
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer
    "{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
    "{5783F2D7-0109-0409-0000-0060B0CE6BBA}" = AutoCAD LT 2002
    "{5E906720-54EA-11D5-A6DF-0010A4099FF7}" = AESPcLink
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
    "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
    "{7F9C8D01-5B27-454F-8629-9EDAA1D9A0BC}" = H&R Block Massachusetts 2011
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
    "{848AC794-8B81-440A-81AE-6474337DB527}" = Symantec AntiVirus
    "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
    "{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
    "{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
    "{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
    "{9770A25C-45A7-478E-AF50-4FDE53EED270}" = American Greetings CreataCard Select 6
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
    "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
    "{A8B6F571-EA7C-4128-811A-E1CD38334387}" = Microsoft .NET Framework 2.0 Language Pack - JPN
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
    "{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
    "{AC76BA86-1033-0000-BA7E-000000000004}_934" = Adobe Acrobat 9.3.4 - CPSID_83708
    "{AC76BA86-1033-0000-BA7E-000000000004}{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
    "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
    "{AFEA2EBC-E0CA-4A0D-BAB6-03B663B753AD}" = SolidWorks eDrawings 2010
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
    "{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom Gigabit Integrated Controller
    "{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
    "{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
    "{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}" = H&R Block Deluxe + Efile + State 2011
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
    "{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
    "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
    "{D4ADA052-31EB-42DB-9EB7-5A8C04CE9582}" = MPLAB Tools v8.46
    "{DD41AC25-61B2-4FC9-90AA-672F32139AC3}" = ETS Launch Pad
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
    "{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "Add/Remove Pro (Freeware)_is1" = Add/Remove Pro (Freeware)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "AnswerWorks" = AnswerWorks Runtime
    "AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
    "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
    "Armagetron Advanced" = Armagetron Advanced 0.2.8.3.2
    "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
    "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
    "Creative Live! Cam Center" = Creative Live! Cam Center
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Creative VF0350" = Creative Live! Cam Video Chat or Video IM Driver (1.02.01.00)
    "ESET Online Scanner" = ESET Online Scanner v3
    "FinalMediaPlayer_is1" = Final Media Player 2010
    "HijackThis" = HijackThis 2.0.2
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
    "InstallShield_{D4ADA052-31EB-42DB-9EB7-5A8C04CE9582}" = MPLAB Tools v8.46
    "InstallShield_{DD41AC25-61B2-4FC9-90AA-672F32139AC3}" = ETS Launch Pad
    "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
    "LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation)
    "lvdrivers_12.10" = Logitech Webcam Software Driver Package
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "Microsoft .NET Framework 2.0 Language Pack - JPN" = Microsoft .NET Framework 2.0 日本語 Language Pack
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "PRJSTDR" = Microsoft Office Project Standard 2007
    "SearchAssist" = SearchAssist
    "SysInfo" = Creative System Information
    "TurboTax 2010" = TurboTax 2010
    "Tweak UI 2.10" = Tweak UI
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "Volo View Express" = Volo View Express
    "WebPost" = Microsoft Web Publishing Wizard 1.52
    "WIC" = Windows Imaging Component
    "WinRAR archiver" = WinRAR archiver
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 4/3/2012 7:57:53 PM | Computer Name = TEST1 | Source = UserInit | ID = 1000
    Description = Could not execute the following script defaultLogon.vbs. The system
    cannot find the file specified. .

    Error - 4/3/2012 8:02:57 PM | Computer Name = TEST1 | Source = Application Error | ID = 1000
    Description = Faulting application jusched.exe, version 2.0.6.1, faulting module
    user32.dll, version 5.1.2600.2180, fault address 0x0002efae.

    Error - 4/4/2012 6:43:09 AM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 2:43:10 PM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 10:43:11 PM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 11:21:25 PM | Computer Name = TEST1 | Source = Userenv | ID = 1054
    Description = Windows cannot obtain the domain controller name for your computer
    network. (The specified domain either does not exist or could not be contacted.
    ). Group Policy processing aborted.

    Error - 4/4/2012 11:21:26 PM | Computer Name = TEST1 | Source = Userenv | ID = 1508
    Description = Windows was unable to load the registry. This is often caused by insufficient
    memory or insufficient security rights. DETAIL - Insufficient system resources
    exist to complete the requested service. for C:\Documents and Settings\dolsen\ntuser.dat

    Error - 4/4/2012 11:21:28 PM | Computer Name = TEST1 | Source = Userenv | ID = 1505
    Description = Windows cannot load the user's profile but has logged you on with
    the default profile for the system. DETAIL - Insufficient system resources exist
    to complete the requested service.

    Error - 4/4/2012 11:21:38 PM | Computer Name = TEST1 | Source = EventSystem | ID = 4609
    Description = The COM+ Event System detected a bad return code during its internal
    processing. HRESULT was 800705AA from line 338 of d:\qxp_slp\com\com1x\src\events\tier2\eventsystem2.cpp.
    Please contact Microsoft Product Support Services to report this erro

    Error - 4/4/2012 11:21:44 PM | Computer Name = TEST1 | Source = Symantec AntiVirus | ID = 16711694
    Description = Symantec AntiVirus services failed to start. Virus definition file
    is invalid. (CC001000)

    [ Application Events ]
    Error - 4/3/2012 7:57:53 PM | Computer Name = TEST1 | Source = UserInit | ID = 1000
    Description = Could not execute the following script defaultLogon.vbs. The system
    cannot find the file specified. .

    Error - 4/3/2012 8:02:57 PM | Computer Name = TEST1 | Source = Application Error | ID = 1000
    Description = Faulting application jusched.exe, version 2.0.6.1, faulting module
    user32.dll, version 5.1.2600.2180, fault address 0x0002efae.

    Error - 4/4/2012 6:43:09 AM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 2:43:10 PM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 10:43:11 PM | Computer Name = TEST1 | Source = AutoEnrollment | ID = 15
    Description = Automatic certificate enrollment for local system failed to contact
    the active directory (0x8007054b). The specified domain either does not exist
    or could not be contacted. Enrollment will not be performed.

    Error - 4/4/2012 11:21:25 PM | Computer Name = TEST1 | Source = Userenv | ID = 1054
    Description = Windows cannot obtain the domain controller name for your computer
    network. (The specified domain either does not exist or could not be contacted.
    ). Group Policy processing aborted.

    Error - 4/4/2012 11:21:26 PM | Computer Name = TEST1 | Source = Userenv | ID = 1508
    Description = Windows was unable to load the registry. This is often caused by insufficient
    memory or insufficient security rights. DETAIL - Insufficient system resources
    exist to complete the requested service. for C:\Documents and Settings\dolsen\ntuser.dat

    Error - 4/4/2012 11:21:28 PM | Computer Name = TEST1 | Source = Userenv | ID = 1505
    Description = Windows cannot load the user's profile but has logged you on with
    the default profile for the system. DETAIL - Insufficient system resources exist
    to complete the requested service.

    Error - 4/4/2012 11:21:38 PM | Computer Name = TEST1 | Source = EventSystem | ID = 4609
    Description = The COM+ Event System detected a bad return code during its internal
    processing. HRESULT was 800705AA from line 338 of d:\qxp_slp\com\com1x\src\events\tier2\eventsystem2.cpp.
    Please contact Microsoft Product Support Services to report this erro

    Error - 4/4/2012 11:21:44 PM | Computer Name = TEST1 | Source = Symantec AntiVirus | ID = 16711694
    Description = Symantec AntiVirus services failed to start. Virus definition file
    is invalid. (CC001000)

    [ System Events ]
    Error - 5/24/2012 11:51:04 PM | Computer Name = TEST1 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 239 minutes. NtpClient has no source of accurate
    time.

    Error - 5/25/2012 12:44:14 AM | Computer Name = TEST1 | Source = NETLOGON | ID = 5719
    Description = No Domain Controller is available for domain ASPENTHERMAL due to the
    following: %%1311. Make sure that the computer is connected to the network and try
    again.
    If the problem persists, please contact your domain administrator.

    Error - 5/25/2012 3:51:04 AM | Computer Name = TEST1 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 479 minutes. NtpClient has no source of accurate
    time.

    Error - 5/25/2012 7:52:42 AM | Computer Name = TEST1 | Source = NETLOGON | ID = 5719
    Description = No Domain Controller is available for domain ASPENTHERMAL due to the
    following: %%1311. Make sure that the computer is connected to the network and try
    again.
    If the problem persists, please contact your domain administrator.

    Error - 5/25/2012 8:12:43 AM | Computer Name = TEST1 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.5 for the Network Card with network
    address 00197D995577 has been denied by the DHCP server 192.168.2.11 (The DHCP Server
    sent a DHCPNACK message).

    Error - 5/25/2012 8:12:46 AM | Computer Name = TEST1 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 5/25/2012 8:14:59 AM | Computer Name = TEST1 | Source = BROWSER | ID = 8032
    Description = The browser service has failed to retrieve the backup list too many
    times on transport \Device\NetBT_Tcpip_{42B39CB8-08E9-402D-AABB-D369E8FDC8C8}. The
    backup browser is stopping.

    Error - 5/25/2012 8:57:45 AM | Computer Name = TEST1 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 5/25/2012 9:11:01 AM | Computer Name = TEST1 | Source = Service Control Manager | ID = 7034
    Description = The Dell Wireless WLAN Tray Service service terminated unexpectedly.
    It has done this 1 time(s).

    Error - 5/25/2012 9:11:01 AM | Computer Name = TEST1 | Source = Service Control Manager | ID = 7034
    Description = The NTRU Hybrid TSS v2.0.25 TCS service terminated unexpectedly.
    It has done this 1 time(s).


    < End of report >
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Please don't make changes in the logs.

    What did you do differently in Combofix that caused it to run in - REDUCED FUNCTIONALITY MODE ?
     
  15. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    It said that the version I had was outdated even tho it was only 9 days .
    I redownloaded and ran again.
    Thanks for your help and patience!

    Log is below.

    ComboFix 12-05-27.01 - dolsen 05/27/2012 6:55.5.2 - x86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.712 [GMT -4:00]
    Running from: c:\documents and settings\dolsen\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\dolsen\Desktop\CFScript.txt
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-27 to 2012-05-27 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-25 12:17 . 2012-05-25 21:51 -------- d-----w- c:\documents and settings\Guest
    2012-05-17 11:31 . 2004-08-04 10:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
    2012-05-15 16:09 . 2012-05-15 16:09 -------- d-----w- c:\documents and settings\nateit
    2012-05-07 00:09 . 2012-05-07 00:09 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
    2012-05-06 23:57 . 2011-04-05 21:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-05-06 23:57 . 2011-04-05 21:35 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-05-06 23:57 . 2011-02-08 13:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-05-06 23:57 . 2011-04-05 21:35 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-05-04 02:21 . 2012-05-04 02:21 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-05-04 02:20 . 2012-05-04 02:20 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
    2012-05-02 22:13 . 2012-05-04 02:20 -------- d-----w- c:\program files\PrivacySafeGuard
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-04-23 23:32 . 2012-04-23 23:32 57344 ----a-w- c:\windows\system32\Iasv32(2).dll
    2012-04-04 19:56 . 2010-12-23 20:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-06-14 16:55 . 2010-06-14 16:55 368128 ----a-w- c:\program files\EModelViewer.exe
    2010-06-14 16:55 . 2010-06-14 16:55 97280 ----a-w- c:\program files\EModelEx
    2010-06-14 16:55 . 2010-06-14 16:55 27648 ----a-w- c:\program files\edrwthumbnailprovider.dll
    2010-06-14 16:54 . 2010-06-14 16:54 1149952 ----a-w- c:\program files\eDrawingOfficeAutomator.exe
    2010-06-14 16:53 . 2010-06-14 16:53 835584 ----a-w- c:\program files\EModelSWDisplayLists.dll
    2010-06-14 16:52 . 2010-06-14 16:52 91136 ----a-w- c:\program files\EModelExport.dll
    2010-06-14 16:52 . 2010-06-14 16:52 143360 ----a-w- c:\program files\EModelMDReader.dll
    2010-06-14 16:52 . 2010-06-14 16:52 8760832 ----a-w- c:\program files\EModelXlator.dll
    2010-06-14 16:51 . 2010-06-14 16:51 72192 ----a-w- c:\program files\EModelEventLog.dll
    2010-06-14 16:49 . 2010-06-14 16:49 868352 ----a-w- c:\program files\EModelReviewer.dll
    2010-06-14 16:46 . 2010-06-14 16:46 4797952 ----a-w- c:\program files\EModelView.dll
    2010-06-14 16:38 . 2010-06-14 16:38 61440 ----a-w- c:\program files\EModelUtilsVista.dll
    2010-06-14 16:38 . 2010-06-14 16:38 216576 ----a-w- c:\program files\EModelUtils.dll
    2010-06-14 16:38 . 2010-06-14 16:38 3385344 ----a-w- c:\program files\EModelAddIn_libFNP.dll
    2010-06-14 16:38 . 2010-06-14 16:38 2938383 ----a-w- c:\program files\EModelAddIn.dll
    2010-06-14 16:37 . 2010-06-14 16:37 53248 ----a-w- c:\program files\eDrawingsGraphicsCardClient.dll
    2010-06-14 16:37 . 2010-06-14 16:37 4483584 ----a-w- c:\program files\HoopsManager.dll
    2010-06-14 15:52 . 2010-06-14 15:52 299288 ----a-w- c:\program files\solidworkslicenseservice.dll
    2010-06-14 15:52 . 2010-06-14 15:52 263464 ----a-w- c:\program files\swlicservinst.exe
    2010-06-14 15:50 . 2010-06-14 15:50 17920 ----a-w- c:\program files\IMPLODE.DLL
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-05-17_12.25.20 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-05-27 10:54 . 2012-05-27 10:54 16384 c:\windows\Temp\Perflib_Perfdata_c4.dat
    + 2004-08-11 22:00 . 2012-05-27 10:59 72978 c:\windows\system32\perfc009.dat
    - 2004-08-11 22:00 . 2012-05-17 12:04 72978 c:\windows\system32\perfc009.dat
    - 2010-03-17 13:18 . 2011-09-06 13:32 23040 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 23040 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 61440 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 61440 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 27136 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 27136 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 11264 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 11264 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 12288 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 12288 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 4096 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 4096 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2004-08-11 22:00 . 2012-05-27 10:59 445938 c:\windows\system32\perfh009.dat
    - 2004-08-11 22:00 . 2012-05-17 12:04 445938 c:\windows\system32\perfh009.dat
    + 2010-03-17 13:18 . 2012-05-25 12:19 409600 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 409600 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 286720 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 286720 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 249856 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 249856 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 794624 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 794624 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2010-03-17 13:18 . 2012-05-25 12:19 135168 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\misc.exe
    - 2010-03-17 13:18 . 2011-09-06 13:32 135168 c:\windows\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\misc.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    "AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-04-25 42320]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-179605362-725345543-1608\Scripts\Logon\0\0]
    "Script"=defaultLogon.vbs
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EMBASSY Trust Suite Secure Update.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk
    backup=c:\windows\pss\EMBASSY Trust Suite Secure Update.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Forget Me Not.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Forget Me Not.lnk
    backup=c:\windows\pss\Forget Me Not.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^Epson Home Theater Registration.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\Epson Home Theater Registration.lnk
    backup=c:\windows\pss\Epson Home Theater Registration.lnkStartup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^dolsen^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\documents and settings\dolsen\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2010-06-19 16:36 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
    2010-06-19 23:04 38840 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 05:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
    2011-04-25 21:52 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    2005-10-07 17:13 176128 ----a-r- c:\program files\Apoint\Apoint.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
    2006-11-22 22:35 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    2004-02-29 22:44 66680 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2004-08-04 10:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2006-08-29 02:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 10:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    2005-12-10 01:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
    2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\aol\1285799699\ee\aolsoftware.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-12-13 21:41 77824 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-12-13 21:45 118784 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-12-13 21:44 98304 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2004-07-27 21:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2004-07-27 21:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
    2011-11-11 18:08 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
    2012-04-04 19:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
    2010-06-01 14:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
    2006-03-24 21:30 282624 ----a-w- c:\windows\stsystra.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-03-03 18:20 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2012-05-05 01:56 879984 ----a-w- c:\documents and settings\dolsen\Desktop\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0350Mon.exe]
    2007-06-04 17:02 32768 ----a-r- c:\windows\V0350Mon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
    2004-03-12 21:18 124128 ----a-w- c:\progra~1\SYMANT~1\VPTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ccSetMgr"=2 (0x2)
    "ccPwdSvc"=3 (0x3)
    "ccEvtMgr"=2 (0x2)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
    "c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
    "c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
    "c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
    "c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Common Files\\aol\\1285799699\\ee\\aolsoftware.exe"=
    "c:\\Program Files\\Outlook Express\\msimn.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
    "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    .
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/6/2012 7:57 PM 332248]
    R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [5/6/2012 7:57 PM 212568]
    R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/23/2010 4:40 PM 654408]
    R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 5:18 PM 169192]
    R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [7/24/2011 9:39 PM 33792]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/23/2010 4:40 PM 22344]
    R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S0 mtjjs;mtjjs;c:\windows\system32\drivers\mvoxailg.sys --> c:\windows\system32\drivers\mvoxailg.sys [?]
    S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS);c:\windows\system32\drivers\icd2w2k.sys [3/22/2004 4:43 AM 12427]
    S2 MCUSBPM3;Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS);c:\windows\system32\drivers\PM3w2k.sys [3/22/2004 2:45 AM 12447]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 10:10 AM 135664]
    S3 NCBULK;MPLAB HS USB client driver;c:\windows\system32\drivers\RealICEBulk.SYS [11/23/2010 5:25 PM 12160]
    S3 nicsrkw;nicsrkw;c:\windows\system32\DRIVERS\nicsrkw.sys --> c:\windows\system32\DRIVERS\nicsrkw.sys [?]
    S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [5/6/2012 7:57 PM 69208]
    S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [5/6/2012 7:57 PM 94040]
    S3 VF0350Afx;VF0350 Audio FX;c:\windows\system32\drivers\V0350Afx.sys [3/31/2010 8:08 AM 142656]
    S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [3/31/2010 8:08 AM 7424]
    S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [3/31/2010 8:08 AM 170368]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 14:10]
    .
    2012-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608Core.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    2012-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608UA.job
    - c:\documents and settings\dolsen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-21 23:24]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.weather.com/weather/right-now/USMA0273
    mSearch Bar = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: intuit.com\ttlc
    TCP: DhcpNameServer = 192.168.1.1
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-27 07:02
    Windows 5.1.2600 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    Completion time: 2012-05-27 07:03:47
    ComboFix-quarantined-files.txt 2012-05-27 11:03
    ComboFix2.txt 2012-05-25 13:15
    ComboFix3.txt 2012-05-17 12:33
    .
    Pre-Run: 50,904,395,776 bytes free
    Post-Run: 50,909,347,840 bytes free
    .
    - - End Of File - - 3A77DBC9F18DC758478EF9C0070A7124
     
  16. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Sorry- didn't get feedback for your reply.

    • Run OTL
    • Copy the contents of the Code box and paste in the Custom Scans/Fixes box at the bottom:

      Code:
      :OTL
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15150&src=crm&q={searchTerms}&locale=en_US
      O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
      O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
      [2012/05/04 21:56:24 | 000,879,984 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
      [2012/05/04 21:56:38 | 000,879,984 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
      [2011/12/23 22:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Viewpoint
      :Reg
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "ViewpointMediaPlayer" 
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
      :Files
      ipconfig /flushdns /c
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]5
      [emptyjava]
      [resethosts]
      [CreateRestorePoint]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run uninterrupted, reboot the PC when it is done
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    =======================================================
    IMORTANT! Uncheck any pre-checked boxes on download screens before you downlod! Do not get McAfee Security Scan Plus or any checked TB or BHO.
    Update ALL of the following:
    • Windows:
      [o] Windows Updates. You should get All updates marked Critical and the current SP updates.
    • Adobe Reder: Current is vX (10-.x.x) .
      [o] Adobe Reade. Uninstall old.
    • Java: Current is v7u4
      [o]Java . Uninstall old.
    • Adobe Flash Player:
      [o] Flash Player Update. Uninstall old.
    ===========================================
    Please be sure your security is configured correctly. I see processes for Symantec- looks like just the AV. I see processes for Sunbelt, usually firewll, but no note of it in the Security Check. Also see process for AdAware antivirus.
    ===========================================
    How is the system doing now?
     
  17. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    When it gets to ViewpointMediaPlayer it seems to hang.

    Tried it several times with the same result.

    Any thoughts?
     
  18. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    It may be running:

    Boot into Safe Mode with Networking
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode with Networking option when the Windows Advanced Options menu appears, and then press ENTER.

    Now see if OTM will finish.
     
  19. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Same thing.
    Hangs when it gets to Processing Registry data "ViewpointMediaPlayer"
     
  20. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    • Run OTL
    • Copy the contents of the Code box and paste in the Custom Scans/Fixes box at the bottom: (Registry entry for Viewpoint Media Player to uninstall has been removed. See if the fix will complete now.)

      Code:
      :OTL
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15150&src=crm&q={searchTerms}&locale=en_US
      O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
      O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
      [2012/05/04 21:56:24 | 000,879,984 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
      [2012/05/04 21:56:38 | 000,879,984 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\dolsen\Desktop\uTorrent.exe
      [2011/12/23 22:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Viewpoint
      :Reg
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
      :Files
      ipconfig /flushdns /c
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]5
      [emptyjava]
      [resethosts]
      [CreateRestorePoint]
      [Reboot]
      
      [*]Then click the [color="#FF0000"][b]Run Fix[/b][/color] button at the top
      [*]Let the program run uninterrupted, reboot the PC when it is done
      [*]Open OTL again and click the [b]Quick Scan[/b] button. Post the log it produces in your next reply.[/list]
    [/code][/LIST]
     
  21. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Ok, that worked.
    The log is big so it is in 3 replies
    Here is the first half

    OTL logfile created on: 6/3/2012 10:11:18 PM - Run 2
    OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\dolsen\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1014.05 Mb Total Physical Memory | 518.45 Mb Available Physical Memory | 51.13% Memory free
    2.38 Gb Paging File | 2.01 Gb Available in Paging File | 84.34% Paging File free
    Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.47 Gb Total Space | 49.63 Gb Free Space | 66.64% Space Free | Partition Type: NTFS

    Computer Name: TEST1 | User Name: dolsen | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\dolsen\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
    PRC - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe ()
    PRC - C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
    PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll ()
    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll ()
    MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
    MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
    MOD - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe ()
    MOD - C:\Program Files\Microsoft Office\OFFICE11\OUTLCTL.DLL ()


    ========== Win32 Services (SafeList) ==========

    SRV - (DataSvr2) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe File not found
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
    SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (AOL ACS) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
    SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
    SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe ()
    SRV - (libusbd) -- C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
    SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
    SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
    SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
    SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
    SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
    SRV - (ccPwdSvc) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
    SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (WDICA) -- File not found
    DRV - (USBAAPL) -- System32\Drivers\usbaapl.sys File not found
    DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREdrv.sys File not found
    DRV - (PDRFRAME) -- File not found
    DRV - (PDRELI) -- File not found
    DRV - (PDFRAME) -- File not found
    DRV - (PDCOMP) -- File not found
    DRV - (PCIDump) -- File not found
    DRV - (nicsrkw) -- system32\DRIVERS\nicsrkw.sys File not found
    DRV - (mtjjs) -- System32\drivers\mvoxailg.sys File not found
    DRV - (lbrtfdc) -- File not found
    DRV - (Changer) -- File not found
    DRV - (catchme) -- C:\DOCUME~1\dolsen\LOCALS~1\Temp\catchme.sys File not found
    DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
    DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
    DRV - (SbTis) -- C:\WINDOWS\system32\drivers\sbtis.sys (Sunbelt Software, Inc.)
    DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
    DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
    DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
    DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100823.002\NAVEX15.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100823.002\NAVENG.SYS (Symantec Corporation)
    DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
    DRV - (LVUVC) Logitech Webcam 120(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
    DRV - (VF0350Afx) -- C:\WINDOWS\system32\drivers\V0350Afx.sys (Creative Technology Ltd.)
    DRV - (VF0350Vid) Live! Cam Video IM (VF0350) -- C:\WINDOWS\system32\drivers\V0350Vid.sys (Creative Technology Ltd.)
    DRV - (NCBULK) -- C:\WINDOWS\system32\drivers\RealICEBulk.SYS (PLX Technology, Inc. (visit www.PlxTech.com))
    DRV - (VF0350Vfx) -- C:\WINDOWS\system32\drivers\V0350Vfx.sys (EyePower Games Pte. Ltd.)
    DRV - (guardian2) -- C:\WINDOWS\system32\drivers\oz776.sys (O2Micro)
    DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
    DRV - (DSproct) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
    DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
    DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
    DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
    DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
    DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
    DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
    DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
    DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
    DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
    DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
    DRV - (APPDRV) -- C:\WINDOWS\system32\drivers\APPDRV.SYS (Dell Inc)
    DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
    DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
    DRV - (MCUSBICD2) Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS) -- C:\WINDOWS\system32\drivers\icd2w2k.sys (Microchip Technology, Inc.)
    DRV - (MCUSBPM3) Microchip MPLAB PM3 Firmware Client Driver (PM3W2K.SYS) -- C:\WINDOWS\system32\drivers\PM3w2k.sys (Microchip Technology, Inc.)
    DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\symtdi.sys (Symantec Corporation)
    DRV - (SYMREDRV) -- C:\WINDOWS\system32\drivers\symredrv.sys (Symantec Corporation)
    DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
    DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc)
    DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
    DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070424
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.weather.com/weather/right-now/USMA0273
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7DMUS_enUS221
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


    [2010/09/30 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dolsen\Application Data\Mozilla\Extensions
    [2010/09/30 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dolsen\Application Data\Mozilla\Extensions\mozswing@mozswing.org

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - Extension: YouTube = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
    CHR - Extension: Google Search = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
    CHR - Extension: Gmail = C:\Documents and Settings\dolsen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

    O1 HOSTS File: ([2012/06/03 21:59:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178310621687 (WUWebControl Class)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstBanr.ocx (NOXLATE-BANR)
    O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/InstFred.ocx (InstaFred)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%20LT%202002/AcPreview.ocx (AcPreview Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aspenthermal.local
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42B39CB8-08E9-402D-AABB-D369E8FDC8C8}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{528D6902-83EA-4BF9-BE9E-6330E3C55526}: DhcpNameServer = 192.168.2.12 192.168.2.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8FB8631-14EB-4BD0-9EBA-74664FE3AF1E}: DhcpNameServer = 192.168.2.12 192.168.2.11
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/03 21:59:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/06/03 15:37:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/06/03 15:37:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/06/03 15:37:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/06/03 15:37:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/06/02 11:38:45 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/05/27 06:44:47 | 004,535,468 | R--- | C] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\ComboFix.exe
    [2012/05/25 09:33:58 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dolsen\Desktop\OTL.exe
    [2012/05/17 07:24:56 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/05/15 20:36:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\dolsen\Desktop\dds.scr
    [2012/05/15 11:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dolsen\Desktop\Tax Stuff
    [2012/05/06 20:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
    [2012/05/06 19:57:48 | 000,094,040 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbhips.sys
    [2012/05/06 19:57:46 | 000,212,568 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbtis.sys
    [2012/05/06 19:57:08 | 000,069,208 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
    [2012/05/06 19:57:07 | 000,332,248 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
    [2010/06/14 12:55:40 | 000,368,128 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelViewer.exe
    [2010/06/14 12:55:14 | 000,097,280 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelEx
    [2010/06/14 12:55:12 | 000,027,648 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\edrwthumbnailprovider.dll
    [2010/06/14 12:54:20 | 001,149,952 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\eDrawingOfficeAutomator.exe
    [2010/06/14 12:53:54 | 000,835,584 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelSWDisplayLists.dll
    [2010/06/14 12:52:50 | 000,091,136 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelExport.dll
    [2010/06/14 12:52:28 | 000,143,360 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelMDReader.dll
    [2010/06/14 12:52:08 | 008,760,832 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelXlator.dll
    [2010/06/14 12:51:16 | 000,072,192 | ---- | C] (Solidworks) -- C:\Program Files\EModelEventLog.dll
    [2010/06/14 12:49:52 | 000,868,352 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelReviewer.dll
    [2010/06/14 12:46:36 | 004,797,952 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelView.dll
    [2010/06/14 12:38:48 | 000,061,440 | ---- | C] (Solidworks) -- C:\Program Files\EModelUtilsVista.dll
    [2010/06/14 12:38:38 | 000,216,576 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\EModelUtils.dll
    [2010/06/14 12:38:06 | 003,385,344 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\EModelAddIn_libFNP.dll
    [2010/06/14 12:38:04 | 002,938,383 | ---- | C] (Solidworks) -- C:\Program Files\EModelAddIn.dll
    [2010/06/14 12:37:50 | 000,053,248 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\eDrawingsGraphicsCardClient.dll
    [2010/06/14 12:37:42 | 004,483,584 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\HoopsManager.dll
    [2010/06/14 11:52:34 | 000,299,288 | ---- | C] (SolidWorks) -- C:\Program Files\solidworkslicenseservice.dll
    [2010/06/14 11:52:34 | 000,263,464 | ---- | C] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\swlicservinst.exe

    ========== Files - Modified Within 30 Days ==========

    File not found -- C:\WINDOWS\System32\Zlib.dll
    File not found -- C:\WINDOWS\System32\zipfldr.dll
    File not found -- C:\WINDOWS\zip.exe
    File not found -- C:\WINDOWS\Zapotec.bmp
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\xyd9mwlo.exe
    File not found -- C:\WINDOWS\System32\xpssvcs.dll
    File not found -- C:\WINDOWS\System32\xpsshhdr.dll
    File not found -- C:\WINDOWS\System32\xpsp3res.dll
    File not found -- C:\WINDOWS\System32\xpsp2res.dll
    File not found -- C:\WINDOWS\System32\xpsp1res.dll
    File not found -- C:\WINDOWS\System32\xpob2res.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\xp_scr_fix.zip
    File not found -- C:\WINDOWS\System32\xolehlp.dll
    File not found -- C:\WINDOWS\System32\xmlprovi.dll
    File not found -- C:\WINDOWS\System32\xmlprov.dll
    File not found -- C:\WINDOWS\System32\xmllite.dll
    File not found -- C:\WINDOWS\System32\xenroll.dll
    File not found -- C:\WINDOWS\System32\xcopy.exe
    File not found -- C:\WINDOWS\System32\xactsrv.dll
    File not found -- C:\WINDOWS\System32\wzcsvc.dll
    File not found -- C:\WINDOWS\System32\wzcsapi.dll
    File not found -- C:\WINDOWS\System32\wzcdlg.dll
    File not found -- C:\WINDOWS\System32\wuweb.dll
    File not found -- C:\WINDOWS\System32\wups.dll
    File not found -- C:\WINDOWS\System32\wupdmgr.exe
    File not found -- C:\WINDOWS\System32\wucltui.dll
    File not found -- C:\WINDOWS\System32\wuauserv.dll
    File not found -- C:\WINDOWS\System32\wuaueng1.dll
    File not found -- C:\WINDOWS\System32\wuaueng.dll
    File not found -- C:\WINDOWS\System32\wuaucpl.cpl
    File not found -- C:\WINDOWS\System32\wuauclt1.exe
    File not found -- C:\WINDOWS\System32\wuauclt.exe
    File not found -- C:\WINDOWS\System32\wuapi.dll
    File not found -- C:\WINDOWS\System32\wtsapi32.dll
    File not found -- C:\WINDOWS\System32\wstrenderer.ax
    File not found -- C:\WINDOWS\System32\wstpager.ax
    File not found -- C:\WINDOWS\System32\wstdecod.dll
    File not found -- C:\WINDOWS\System32\wsock32.dll
    File not found -- C:\WINDOWS\System32\wsnmp32.dll
    File not found -- C:\WINDOWS\System32\wshtcpip.dll
    File not found -- C:\WINDOWS\System32\WshRm.dll
    File not found -- C:\WINDOWS\System32\wshom.ocx
    File not found -- C:\WINDOWS\System32\wshnetbs.dll
    File not found -- C:\WINDOWS\System32\wshisn.dll
    File not found -- C:\WINDOWS\System32\wship6.dll
    File not found -- C:\WINDOWS\System32\wshext.dll
    File not found -- C:\WINDOWS\System32\wshcon.dll
    File not found -- C:\WINDOWS\System32\wshbth.dll
    File not found -- C:\WINDOWS\System32\wshatm.dll
    File not found -- C:\WINDOWS\System32\wsecedit.dll
    File not found -- C:\WINDOWS\System32\wscui.cpl
    File not found -- C:\WINDOWS\System32\wscsvc.dll
    File not found -- C:\WINDOWS\System32\wscript.exe
    File not found -- C:\WINDOWS\System32\wscntfy.exe
    File not found -- C:\WINDOWS\System32\ws2help.dll
    File not found -- C:\WINDOWS\System32\ws2_32.dll
    File not found -- C:\WINDOWS\System32\write.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\wrar393.exe
    File not found -- C:\WINDOWS\System32\WPWIZDLL.DLL
    File not found -- C:\WINDOWS\System32\wpnpinst.exe
    File not found -- C:\WINDOWS\System32\wpabaln.exe
    File not found -- C:\WINDOWS\System32\wpa.dbl
    File not found -- C:\WINDOWS\System32\wowfaxui.dll
    File not found -- C:\WINDOWS\System32\wowfax.dll
    File not found -- C:\WINDOWS\System32\wowexec.exe
    File not found -- C:\WINDOWS\System32\wowdeb.exe
    File not found -- C:\WINDOWS\System32\wow32.dll
    File not found -- C:\WINDOWS\System32\wmvds32.ax
    File not found -- C:\WINDOWS\System32\wmvdmoe2.dll
    File not found -- C:\WINDOWS\System32\wmvdmod.dll
    File not found -- C:\WINDOWS\System32\wmvcore.dll
    File not found -- C:\WINDOWS\System32\wmv8ds32.ax
    File not found -- C:\WINDOWS\WMSysPr9.prx
    File not found -- C:\WINDOWS\System32\wmstream.dll
    File not found -- C:\WINDOWS\System32\wmspdmoe.dll
    File not found -- C:\WINDOWS\System32\wmspdmod.dll
    File not found -- C:\WINDOWS\System32\wmsdmoe2.dll
    File not found -- C:\WINDOWS\System32\wmsdmoe.dll
    File not found -- C:\WINDOWS\System32\wmsdmod.dll
    File not found -- C:\WINDOWS\System32\wmpui.dll
    File not found -- C:\WINDOWS\System32\wmpshell.dll
    File not found -- C:\WINDOWS\System32\wmpns.dll
    File not found -- C:\WINDOWS\System32\wmploc.dll
    File not found -- C:\WINDOWS\System32\WMPhoto.dll
    File not found -- C:\WINDOWS\System32\wmpdxm.dll
    File not found -- C:\WINDOWS\System32\wmpcore.dll
    File not found -- C:\WINDOWS\System32\wmpcd.dll
    File not found -- C:\WINDOWS\System32\wmpasf.dll
    File not found -- C:\WINDOWS\System32\wmp.ocx
    File not found -- C:\WINDOWS\System32\wmp.dll
    File not found -- C:\WINDOWS\System32\wmnetmgr.dll
    File not found -- C:\WINDOWS\System32\wmiscmgr.dll
    File not found -- C:\WINDOWS\System32\wmiprop.dll
    File not found -- C:\WINDOWS\System32\wmimgmt.msc
    File not found -- C:\WINDOWS\System32\wmidx.dll
    File not found -- C:\WINDOWS\System32\wmi.dll
    File not found -- C:\WINDOWS\System32\wmerror.dll
    File not found -- C:\WINDOWS\System32\wmerrenu.dll
    File not found -- C:\WINDOWS\System32\wmdmps.dll
    File not found -- C:\WINDOWS\System32\wmdmlog.dll
    File not found -- C:\WINDOWS\System32\wmasf.dll
    File not found -- C:\WINDOWS\System32\wmadmoe.dll
    File not found -- C:\WINDOWS\System32\wmadmod.dll
    File not found -- C:\WINDOWS\System32\wltrynt.dll
    File not found -- C:\WINDOWS\System32\wlnotify.dll
    File not found -- C:\WINDOWS\System32\wldap32.dll
    File not found -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
    File not found -- C:\WINDOWS\System32\wkssvc.dll
    File not found -- C:\WINDOWS\System32\WISPTIS.EXE
    File not found -- C:\WINDOWS\System32\WINZM.MB
    File not found -- C:\WINDOWS\System32\WINZM.IME
    File not found -- C:\WINDOWS\System32\winver.exe
    File not found -- C:\WINDOWS\System32\wintrust.dll
    File not found -- C:\WINDOWS\System32\winstrm.dll
    File not found -- C:\WINDOWS\System32\winsta.dll
    File not found -- C:\WINDOWS\System32\winsrv.dll
    File not found -- C:\WINDOWS\System32\winspool.exe
    File not found -- C:\WINDOWS\System32\winspool.drv
    File not found -- C:\WINDOWS\System\WINSPOOL.DRV
    File not found -- C:\WINDOWS\System32\WINSP.MB
    File not found -- C:\WINDOWS\System32\WINSP.IME
    File not found -- C:\WINDOWS\System32\winsock.dll
    File not found -- C:\WINDOWS\System32\winshfhc.dll
    File not found -- C:\WINDOWS\System32\winscard.dll
    File not found -- C:\WINDOWS\System32\winrnr.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\WinRAR.lnk
    File not found -- C:\WINDOWS\System32\WINPY.MB
    File not found -- C:\WINDOWS\System32\WINPY.IME
    File not found -- C:\WINDOWS\System32\winoldap.mod
    File not found -- C:\WINDOWS\System32\winntbbu.dll
    File not found -- C:\WINDOWS\winnt256.bmp
    File not found -- C:\WINDOWS\winnt.bmp
    File not found -- C:\WINDOWS\System32\winnls.dll
    File not found -- C:\WINDOWS\System32\winmsd.exe
    File not found -- C:\WINDOWS\System32\winmm.dll
    File not found -- C:\WINDOWS\System32\winmine.exe
    File not found -- C:\WINDOWS\System32\winlogon.exe
    File not found -- C:\WINDOWS\System32\winipsec.dll
    File not found -- C:\WINDOWS\wininit.ini
    File not found -- C:\WINDOWS\System32\wininet.dll
    File not found -- C:\WINDOWS\System32\winime.ime
    File not found -- C:\WINDOWS\System32\winhttp.dll
    File not found -- C:\WINDOWS\winhlp32.exe
    File not found -- C:\WINDOWS\System32\winhlp32.exe
    File not found -- C:\WINDOWS\winhelp.exe
    File not found -- C:\WINDOWS\System32\WINGB.IME
    File not found -- C:\WINDOWS\System32\WinFXDocObj.exe
    File not found -- C:\WINDOWS\System32\winfax.dll
    File not found -- C:\WINDOWS\System32\WindowsCodecsExt.dll
    File not found -- C:\WINDOWS\System32\WindowsCodecs.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\Windows Media Player.lnk
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    File not found -- C:\WINDOWS\System32\winchat.exe
    File not found -- C:\WINDOWS\System32\winbrand.dll
    File not found -- C:\WINDOWS\System32\winar30.ime
    File not found -- C:\WINDOWS\System32\win32spl.dll
    File not found -- C:\WINDOWS\System32\win32k.sys
    File not found -- C:\WINDOWS\System32\win.com
    File not found -- C:\WINDOWS\System32\wifeman.dll
    File not found -- C:\WINDOWS\System32\wiavusd.dll
    File not found -- C:\WINDOWS\System32\wiavideo.dll
    File not found -- C:\WINDOWS\System32\wiashext.dll
    File not found -- C:\WINDOWS\System32\wiasf.ax
    File not found -- C:\WINDOWS\System32\wiaservc.dll
    File not found -- C:\WINDOWS\System32\wiascr.dll
    File not found -- C:\WINDOWS\System32\wiadss.dll
    File not found -- C:\WINDOWS\System32\wiadefui.dll
    File not found -- C:\WINDOWS\System32\wiaaut.dll
    File not found -- C:\WINDOWS\System32\wiaacmgr.exe
    File not found -- C:\WINDOWS\System32\wfwnet.drv
    File not found -- C:\WINDOWS\System\WFWNET.DRV
    File not found -- C:\WINDOWS\System32\wextract.exe
    File not found -- C:\WINDOWS\System32\webvw.dll
    File not found -- C:\WINDOWS\System32\WEBPOST.DLL
    File not found -- C:\WINDOWS\System32\webhits.dll
    File not found -- C:\WINDOWS\System32\webfldrs.msi
    File not found -- C:\WINDOWS\System32\webclnt.dll
    File not found -- C:\WINDOWS\System32\webcheck.dll
    File not found -- C:\WINDOWS\System32\wdmaud.drv
    File not found -- C:\WINDOWS\System32\wdl.trm
    File not found -- C:\WINDOWS\System32\wdigest.dll
    File not found -- C:\WINDOWS\System32\wbdbase.sve
    File not found -- C:\WINDOWS\System32\wbdbase.nld
    File not found -- C:\WINDOWS\System32\wbdbase.ita
    File not found -- C:\WINDOWS\System32\wbdbase.fra
    File not found -- C:\WINDOWS\System32\wbdbase.esn
    File not found -- C:\WINDOWS\System32\wbdbase.enu
    File not found -- C:\WINDOWS\System32\wbdbase.deu
    File not found -- C:\WINDOWS\System32\wbcache.sve
    File not found -- C:\WINDOWS\System32\wbcache.nld
    File not found -- C:\WINDOWS\System32\wbcache.ita
    File not found -- C:\WINDOWS\System32\wbcache.fra
    File not found -- C:\WINDOWS\System32\wbcache.esn
    File not found -- C:\WINDOWS\System32\wbcache.enu
    File not found -- C:\WINDOWS\System32\wbcache.deu
    File not found -- C:\WINDOWS\System32\wavemsp.dll
    File not found -- C:\WINDOWS\System32\watchdog.sys
    File not found -- C:\WINDOWS\System32\w3ssl.dll
    File not found -- C:\WINDOWS\System32\w32topl.dll
    File not found -- C:\WINDOWS\System32\w32tm.exe
    File not found -- C:\WINDOWS\System32\w32time.dll
    File not found -- C:\WINDOWS\System32\vxdmdcdlg.dll
    File not found -- C:\WINDOWS\System32\Vxdif.dll
    File not found -- C:\WINDOWS\System32\VXBLOCK.dll
    File not found -- C:\WINDOWS\System32\vwipxspx.dll
    File not found -- C:\WINDOWS\System32\vssvc.exe
    File not found -- C:\WINDOWS\System32\vssapi.dll
    File not found -- C:\WINDOWS\System32\vssadmin.exe
    File not found -- C:\WINDOWS\System32\vss_ps.dll
    File not found -- C:\WINDOWS\System32\vsflex8l.ocx
    File not found -- C:\WINDOWS\System32\VSFLEX3.OCX
    File not found -- C:\WINDOWS\VPC32.INI
    File not found -- C:\Documents and Settings\All Users\Desktop\Volo View Express.lnk
    File not found -- C:\WINDOWS\vmmreg32.dll
    File not found -- C:\WINDOWS\System32\vjoy.dll
    File not found -- C:\WINDOWS\System32\View Channels.scf
    File not found -- C:\WINDOWS\System32\vidcap.ax
    File not found -- C:\WINDOWS\System32\vga64k.dll
    File not found -- C:\WINDOWS\System32\vga256.dll
    File not found -- C:\WINDOWS\System32\vga.drv
    File not found -- C:\WINDOWS\System\VGA.DRV
    File not found -- C:\WINDOWS\System32\vga.dll
    File not found -- C:\WINDOWS\System32\vfwwdm32.dll
    File not found -- C:\WINDOWS\System32\vfpodbc.dll
    File not found -- C:\WINDOWS\VF0350.uns
    File not found -- C:\WINDOWS\System32\version.dll
    File not found -- C:\WINDOWS\System32\verifier.exe
    File not found -- C:\WINDOWS\System32\verifier.dll
    File not found -- C:\WINDOWS\System32\verclsid.exe
    File not found -- C:\WINDOWS\System32\ver.dll
    File not found -- C:\WINDOWS\System\VER.DLL
    File not found -- C:\WINDOWS\System32\VEN2232.OLB
    File not found -- C:\WINDOWS\System32\vdmredir.dll
    File not found -- C:\WINDOWS\System32\vdmdbg.dll
    File not found -- C:\WINDOWS\System32\vcdex.dll
    File not found -- C:\WINDOWS\System32\vbscript.dll
    File not found -- C:\WINDOWS\System32\vbisurf.ax
    File not found -- C:\WINDOWS\System32\vbicodec.ax
    File not found -- C:\WINDOWS\System32\VBAME.DLL
    File not found -- C:\WINDOWS\System32\vbajet32.dll
    File not found -- C:\WINDOWS\System32\VBAEND32.OLB
    File not found -- C:\WINDOWS\System32\VBAEN32.OLB
    File not found -- C:\WINDOWS\System32\VB5DB.DLL
    File not found -- C:\WINDOWS\System32\v7vga.rom
    File not found -- C:\WINDOWS\System32\V0350Vfw.dll
    File not found -- C:\WINDOWS\System32\V0350Srv.exe
    File not found -- C:\WINDOWS\System32\V0350Pin.dll
    File not found -- C:\WINDOWS\V0350Mon.exe
    File not found -- C:\WINDOWS\System32\V0350Hwx.dll
    File not found -- C:\WINDOWS\System32\V0350Ext.crl
    File not found -- C:\WINDOWS\System32\V0350Ext.ax
    File not found -- C:\WINDOWS\System32\V0350Cvw.dll
    File not found -- C:\WINDOWS\System32\V0350Cvw.crl
    File not found -- C:\WINDOWS\System32\V0350Cvw.bff
    File not found -- C:\WINDOWS\V0350Cfg.exe
    File not found -- C:\WINDOWS\System32\V0350Afx.dll
    File not found -- C:\WINDOWS\System32\uxtheme.dll
    File not found -- C:\WINDOWS\System32\utilman.exe
    File not found -- C:\WINDOWS\System32\utildll.dll
    File not found -- C:\WINDOWS\System32\usrvpa.dll
    File not found -- C:\WINDOWS\System32\usrvoica.dll
    File not found -- C:\WINDOWS\System32\usrv80a.dll
    File not found -- C:\WINDOWS\System32\usrv42a.dll
    File not found -- C:\WINDOWS\System32\usrsvpia.dll
    File not found -- C:\WINDOWS\System32\usrshuta.exe
    File not found -- C:\WINDOWS\System32\usrsdpia.dll
    File not found -- C:\WINDOWS\System32\usrrtosa.dll
    File not found -- C:\WINDOWS\System32\usrprbda.exe
    File not found -- C:\WINDOWS\System32\usrmlnka.exe
    File not found -- C:\WINDOWS\System32\usrlogon.cmd
    File not found -- C:\WINDOWS\System32\usrlbva.dll
    File not found -- C:\WINDOWS\System32\usrfaxa.dll
    File not found -- C:\WINDOWS\System32\usrdtea.dll
    File not found -- C:\WINDOWS\System32\usrdpa.dll
    File not found -- C:\WINDOWS\System32\usrcoina.dll
    File not found -- C:\WINDOWS\System32\usrcntra.dll
    File not found -- C:\WINDOWS\System32\usp10.dll
    File not found -- C:\WINDOWS\System32\userinit.exe
    File not found -- C:\WINDOWS\System32\userenv.dll
    File not found -- C:\WINDOWS\System32\user32.dll
    File not found -- C:\WINDOWS\System32\user.exe
    File not found -- C:\WINDOWS\System32\usbui.dll
    File not found -- C:\WINDOWS\System32\usbmon.dll
    File not found -- C:\WINDOWS\System32\urlmon.dll
    File not found -- C:\WINDOWS\System32\url.dll
    File not found -- C:\WINDOWS\System32\ureg.dll
    File not found -- C:\WINDOWS\System32\ups.exe
    File not found -- C:\WINDOWS\System32\upnpui.dll
    File not found -- C:\WINDOWS\System32\upnphost.dll
    File not found -- C:\WINDOWS\System32\upnpcont.exe
    File not found -- C:\WINDOWS\System32\upnp.dll
    File not found -- C:\WINDOWS\System32\untfs.dll
    File not found -- C:\WINDOWS\System32\unlodctr.exe
    File not found -- C:\WINDOWS\System32\uniplat.dll
    File not found -- C:\WINDOWS\uninst.exe
    File not found -- C:\WINDOWS\System32\unimdmat.dll
    File not found -- C:\WINDOWS\System32\unimdm.tsp
    File not found -- C:\WINDOWS\System32\uniime.dll
    File not found -- C:\WINDOWS\System32\unicdime.ime
    File not found -- C:\WINDOWS\System32\umpnpmgr.dll
    File not found -- C:\WINDOWS\System32\UMLoader.dll
    File not found -- C:\WINDOWS\System32\umdmxfrm.dll
    File not found -- C:\WINDOWS\System32\umandlg.dll
    File not found -- C:\WINDOWS\System32\ulib.dll
    File not found -- C:\WINDOWS\System32\UIAutomationCore.dll
    File not found -- C:\WINDOWS\System32\ufat.dll
    File not found -- C:\WINDOWS\System32\udhisapi.dll
    File not found -- C:\WINDOWS\System32\UCS32P.DLL
    File not found -- C:\WINDOWS\System32\Uci32103.dll
    File not found -- C:\WINDOWS\System32\tzchange.exe
    File not found -- C:\WINDOWS\System32\typeperf.exe
    File not found -- C:\WINDOWS\System32\typelib.dll
    File not found -- C:\WINDOWS\System32\txflog.dll
    File not found -- C:\WINDOWS\twunk_32.exe
    File not found -- C:\WINDOWS\twunk_16.exe
    File not found -- C:\WINDOWS\System32\twext.dll
    File not found -- C:\WINDOWS\System32\TweakUI.exe
    File not found -- C:\WINDOWS\twain_32.dll
    File not found -- C:\WINDOWS\twain.dll
    File not found -- C:\Documents and Settings\All Users\Desktop\TurboTax 2010.lnk
    File not found -- C:\WINDOWS\System32\TsWpfWrp.exe
    File not found -- C:\WINDOWS\System32\tssoft32.acm
    File not found -- C:\WINDOWS\System32\tsshutdn.exe
    File not found -- C:\WINDOWS\System32\TspPopup_RUS.dll
    File not found -- C:\WINDOWS\System32\TspPopup_ITA.dll
    File not found -- C:\WINDOWS\System32\TspPopup_FRA.dll
    File not found -- C:\WINDOWS\System32\TspPopup_ESN.dll
    File not found -- C:\WINDOWS\System32\TspPopup_ENU.dll
    File not found -- C:\WINDOWS\System32\TspPopup_DEU.dll
    File not found -- C:\WINDOWS\System32\TspPopup_CHS.dll
    File not found -- C:\WINDOWS\System32\Tsp.dll
     
  22. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Heres the second...

    File not found -- C:\WINDOWS\System32\tslabels.h
    File not found -- C:\WINDOWS\System32\tskill.exe
    File not found -- C:\WINDOWS\System32\tsdiscon.exe
    File not found -- C:\WINDOWS\System32\tsddd.dll
    File not found -- C:\WINDOWS\System32\tscupgrd.exe
    File not found -- C:\WINDOWS\System32\tscon.exe
    File not found -- C:\WINDOWS\System32\tscfgwmi.dll
    File not found -- C:\WINDOWS\System32\tsbyuv.dll
    File not found -- C:\WINDOWS\System32\tsappcmp.dll
    File not found -- C:\WINDOWS\System32\trkwks.dll
    File not found -- C:\WINDOWS\System32\tree.com
    File not found -- C:\Documents and Settings\dolsen\Desktop\transfer.pst
    File not found -- C:\WINDOWS\System32\traffic.dll
    File not found -- C:\WINDOWS\System32\tracert6.exe
    File not found -- C:\WINDOWS\System32\tracert.exe
    File not found -- C:\WINDOWS\System32\tracerpt.exe
    File not found -- C:\WINDOWS\System32\tpmddl.dll
    File not found -- C:\WINDOWS\System32\tourstart.exe
    File not found -- C:\WINDOWS\System32\toolhelp.dll
    File not found -- C:\WINDOWS\System32\tlntsvrp.dll
    File not found -- C:\WINDOWS\System32\tlntsvr.exe
    File not found -- C:\WINDOWS\System32\tlntsess.exe
    File not found -- C:\WINDOWS\System32\tlntadmn.exe
    File not found -- C:\WINDOWS\System32\TINTLGNT.IME
    File not found -- C:\WINDOWS\System32\timer.drv
    File not found -- C:\WINDOWS\System\TIMER.DRV
    File not found -- C:\WINDOWS\System32\timedate.cpl
    File not found -- C:\WINDOWS\System32\ticrf.rat
    File not found -- C:\WINDOWS\System32\themeui.dll
    File not found -- C:\WINDOWS\System32\tftp.exe
    File not found -- C:\WINDOWS\System\tfmessbsp.dll
    File not found -- C:\WINDOWS\System32\termsrv.dll
    File not found -- C:\WINDOWS\System32\termmgr.dll
    File not found -- C:\WINDOWS\System32\termcap
    File not found -- C:\WINDOWS\System32\telnet.exe
    File not found -- C:\WINDOWS\System32\telephon.cpl
    File not found -- C:\WINDOWS\System32\tdc.ocx
    File not found -- C:\WINDOWS\System32\tcpsvcs.exe
    File not found -- C:\WINDOWS\System32\tcpmonui.dll
    File not found -- C:\WINDOWS\System32\tcpmon.dll
    File not found -- C:\WINDOWS\System32\tcpmib.dll
    File not found -- C:\WINDOWS\System32\tcmsetup.exe
    File not found -- C:\WINDOWS\System32\taskmgr.exe
    File not found -- C:\WINDOWS\TASKMAN.EXE
    File not found -- C:\WINDOWS\System32\taskman.exe
    File not found -- C:\WINDOWS\System32\tasklist.exe
    File not found -- C:\WINDOWS\System32\taskkill.exe
    File not found -- C:\WINDOWS\System32\tapiui.dll
    File not found -- C:\WINDOWS\System32\tapisrv.dll
    File not found -- C:\WINDOWS\System32\tapiperf.dll
    File not found -- C:\WINDOWS\System32\tapi32.dll
    File not found -- C:\WINDOWS\System32\tapi3.dll
    File not found -- C:\WINDOWS\System32\tapi.dll
    File not found -- C:\WINDOWS\System\TAPI.DLL
    File not found -- C:\WINDOWS\System32\TABCTL32.OCX
    File not found -- C:\WINDOWS\System32\t2embed.dll
    File not found -- C:\WINDOWS\System32\systray.exe
    File not found -- C:\WINDOWS\System32\systeminfo.exe
    File not found -- C:\WINDOWS\System32\system.drv
    File not found -- C:\WINDOWS\System\SYSTEM.DRV
    File not found -- C:\WINDOWS\System32\syssetup.dll
    File not found -- C:\WINDOWS\System32\sysprtj.sep
    File not found -- C:\WINDOWS\System32\sysprint.sep
    File not found -- C:\WINDOWS\System32\sysocmgr.exe
    File not found -- C:\WINDOWS\System32\sysmon.ocx
    File not found -- C:\WINDOWS\System32\syskey.exe
    File not found -- C:\WINDOWS\System32\sysinv.dll
    File not found -- C:\WINDOWS\System32\sysedit.exe
    File not found -- C:\WINDOWS\System32\sysdm.cpl
    File not found -- C:\WINDOWS\System32\syncui.dll
    File not found -- C:\WINDOWS\System32\synceng.dll
    File not found -- C:\WINDOWS\System32\syncapp.exe
    File not found -- C:\WINDOWS\System32\SymRedir.dll
    File not found -- C:\WINDOWS\System32\SymNeti.dll
    File not found -- C:\WINDOWS\System32\sxs.dll
    File not found -- C:\WINDOWS\SWXCACLS.exe
    File not found -- C:\WINDOWS\SWSC.exe
    File not found -- C:\WINDOWS\SWREG.exe
    File not found -- C:\WINDOWS\System32\swprv.dll
    File not found -- C:\Program Files\swlicservinst.exe
    File not found -- C:\WINDOWS\System32\svcpack.dll
    File not found -- C:\WINDOWS\System32\svchost.exe
    File not found -- C:\WINDOWS\System32\subst.exe
    File not found -- C:\WINDOWS\System32\styleman.cpl
    File not found -- C:\WINDOWS\stsystra.exe
    File not found -- C:\WINDOWS\System32\strmfilt.dll
    File not found -- C:\WINDOWS\System32\strmdll.dll
    File not found -- C:\WINDOWS\System32\streamci.dll
    File not found -- C:\WINDOWS\System32\storprop.dll
    File not found -- C:\WINDOWS\System32\storage.dll
    File not found -- C:\WINDOWS\System32\stobject.dll
    File not found -- C:\WINDOWS\System32\stlang.dll
    File not found -- C:\WINDOWS\System32\stimon.exe
    File not found -- C:\WINDOWS\System32\sti_ci.dll
    File not found -- C:\WINDOWS\System32\sti.dll
    File not found -- C:\WINDOWS\System32\stdole32.tlb
    File not found -- C:\WINDOWS\System32\stdole2.tlb
    File not found -- C:\WINDOWS\System\stdole.tlb
    File not found -- C:\WINDOWS\System32\stclient.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\stairs.bak
    File not found -- C:\WINDOWS\System32\staco.dll
    File not found -- C:\WINDOWS\System32\stacgui.cpl
    File not found -- C:\WINDOWS\System32\stacapi.dll
    File not found -- C:\WINDOWS\System32\sstext3d.scr
    File not found -- C:\WINDOWS\System32\ssstars.scr
    File not found -- C:\WINDOWS\System32\sspipes.scr
    File not found -- C:\WINDOWS\System32\ssmyst.scr
    File not found -- C:\WINDOWS\System32\ssmypics.scr
    File not found -- C:\WINDOWS\System32\ssmarque.scr
    File not found -- C:\WINDOWS\System32\ssflwbox.scr
    File not found -- C:\WINDOWS\System32\ssdpsrv.dll
    File not found -- C:\WINDOWS\System32\ssdpapi.dll
    File not found -- C:\WINDOWS\System32\SSCE4132.DLL
    File not found -- C:\WINDOWS\System32\ssbezier.scr
    File not found -- C:\WINDOWS\System32\ss3dfo.scr
    File not found -- C:\WINDOWS\System32\srvsvc.dll
    File not found -- C:\WINDOWS\System32\srsvc.dll
    File not found -- C:\WINDOWS\System32\srrstr.dll
    File not found -- C:\WINDOWS\System32\srclient.dll
    File not found -- C:\WINDOWS\System32\sqlwoa.dll
    File not found -- C:\WINDOWS\System32\sqlwid.dll
    File not found -- C:\WINDOWS\System32\sqlunirl.dll
    File not found -- C:\WINDOWS\System32\sqlsrv32.rll
    File not found -- C:\WINDOWS\System32\sqlsrv32.dll
    File not found -- C:\WINDOWS\System32\sqlsodbc.chm
    File not found -- C:\WINDOWS\System32\spxcoins.dll
    File not found -- C:\WINDOWS\System32\spupdsvc.exe
    File not found -- C:\WINDOWS\System32\sprio800.dll
    File not found -- C:\WINDOWS\System32\sprio600.dll
    File not found -- C:\WINDOWS\System32\sprestrt.exe
    File not found -- C:\WINDOWS\System32\spoolsv.exe
    File not found -- C:\WINDOWS\System32\spoolss.dll
    File not found -- C:\WINDOWS\System32\spnpinst.exe
    File not found -- C:\WINDOWS\System32\spnike.dll
    File not found -- C:\WINDOWS\System32\spmsg.dll
    File not found -- C:\WINDOWS\System32\spiisupd.exe
    File not found -- C:\WINDOWS\System32\spider.exe
    File not found -- C:\WINDOWS\System32\sound.drv
    File not found -- C:\WINDOWS\System\SOUND.DRV
    File not found -- C:\WINDOWS\System32\sort.exe
    File not found -- C:\Program Files\solidworkslicenseservice.dll
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks eDrawings 2011.lnk
    File not found -- C:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2011.lnk
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SolidWorks eDrawings 2010.lnk
    File not found -- C:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2010.lnk
    File not found -- C:\WINDOWS\System32\sol.exe
    File not found -- C:\WINDOWS\System32\softpub.dll
    File not found -- C:\WINDOWS\Soap Bubbles.bmp
    File not found -- C:\WINDOWS\System32\snmpsnap.dll
    File not found -- C:\WINDOWS\System32\snmpapi.dll
    File not found -- C:\WINDOWS\System32\sndvol32.exe
    File not found -- C:\WINDOWS\System32\sndrec32.exe
    File not found -- C:\WINDOWS\System32\smss.exe
    File not found -- C:\WINDOWS\smscfg.ini
    File not found -- C:\WINDOWS\System32\smlogsvc.exe
    File not found -- C:\WINDOWS\System32\smlogcfg.dll
    File not found -- C:\WINDOWS\System32\smbinst.exe
    File not found -- C:\WINDOWS\System32\slbrccsp.dll
    File not found -- C:\WINDOWS\System32\slbiop.dll
    File not found -- C:\WINDOWS\System32\slbcsp.dll
    File not found -- C:\WINDOWS\System32\slayerxp.dll
    File not found -- C:\WINDOWS\System32\sl_anet.acm
    File not found -- C:\WINDOWS\System32\skeys.exe
    File not found -- C:\WINDOWS\System32\skdll.dll
    File not found -- C:\WINDOWS\System32\sisbkup.dll
    File not found -- C:\WINDOWS\System32\simpdata.tlb
    File not found -- C:\Documents and Settings\dolsen\Desktop\Silverlight.exe
    File not found -- C:\WINDOWS\System32\sigverif.exe
    File not found -- C:\WINDOWS\System32\sigtab.dll
    File not found -- C:\WINDOWS\System32\shutdown.exe
    File not found -- C:\WINDOWS\System32\shsvcs.dll
    File not found -- C:\WINDOWS\System32\shscrap.dll
    File not found -- C:\WINDOWS\System32\shrpubw.exe
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
    File not found -- C:\Documents and Settings\dolsen\Desktop\Shortcut to WINWORD.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\Shortcut to POWERPNT.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\Shortcut to OUTLOOK.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\Shortcut to EXCEL.lnk
    File not found -- C:\WINDOWS\System32\shmgrate.exe
    File not found -- C:\WINDOWS\System32\shmedia.dll
    File not found -- C:\WINDOWS\System32\shlwapi.dll
    File not found -- C:\WINDOWS\System32\shimgvw.dll
    File not found -- C:\WINDOWS\System32\shimeng.dll
    File not found -- C:\WINDOWS\System32\shgina.dll
    File not found -- C:\WINDOWS\System32\shfolder.dll
    File not found -- C:\WINDOWS\System32\shellstyle.dll
    File not found -- C:\WINDOWS\System32\shell32.dll
    File not found -- C:\WINDOWS\System32\shell.dll
    File not found -- C:\WINDOWS\System\SHELL.DLL
    File not found -- C:\WINDOWS\System32\shdocvw.dll
    File not found -- C:\WINDOWS\System32\shdoclc.dll
    File not found -- C:\WINDOWS\System32\shadow.exe
    File not found -- C:\WINDOWS\System32\sfmapi.dll
    File not found -- C:\WINDOWS\System32\sfcfiles.dll
    File not found -- C:\WINDOWS\System32\sfc_os.dll
    File not found -- C:\WINDOWS\System32\sfc.exe
    File not found -- C:\WINDOWS\System32\sfc.dll
    File not found -- C:\WINDOWS\setuplog.del
    File not found -- C:\WINDOWS\setuperr.del
    File not found -- C:\WINDOWS\System32\setupdll.dll
    File not found -- C:\WINDOWS\System32\setupdd.dll
    File not found -- C:\WINDOWS\System32\setupapi.dll
    File not found -- C:\WINDOWS\setupapi.del
    File not found -- C:\WINDOWS\setupact.del
    File not found -- C:\WINDOWS\System\setup.inf
    File not found -- C:\WINDOWS\System32\setup.exe
    File not found -- C:\WINDOWS\System32\setup.bmp
    File not found -- C:\WINDOWS\setpwrcg.exe
    File not found -- C:\WINDOWS\System32\sethc.exe
    File not found -- C:\WINDOWS\System32\sessmgr.exe
    File not found -- C:\WINDOWS\System32\serwvdrv.dll
    File not found -- C:\WINDOWS\System32\services.msc
    File not found -- C:\WINDOWS\System32\services.exe
    File not found -- C:\WINDOWS\System32\servdeps.dll
    File not found -- C:\WINDOWS\System32\serialui.dll
    File not found -- C:\WINDOWS\System32\senscfg.dll
    File not found -- C:\WINDOWS\System32\sensapi.dll
    File not found -- C:\WINDOWS\System32\sens.dll
    File not found -- C:\WINDOWS\System32\sendmail.dll
    File not found -- C:\WINDOWS\System32\sendcmsg.dll
    File not found -- C:\WINDOWS\sed.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\SecurityCheck.exe
    File not found -- C:\WINDOWS\System32\security.dll
    File not found -- C:\WINDOWS\System32\secur32.dll
    File not found -- C:\WINDOWS\System32\secupd.sig
    File not found -- C:\WINDOWS\System32\secupd.dat
    File not found -- C:\WINDOWS\System32\secpol.msc
    File not found -- C:\WINDOWS\System32\seclogon.dll
    File not found -- C:\WINDOWS\System32\secedit.exe
    File not found -- C:\WINDOWS\System32\sdpblb.dll
    File not found -- C:\WINDOWS\System32\sdhcinst.dll
    File not found -- C:\WINDOWS\System32\sdbinst.exe
    File not found -- C:\WINDOWS\System32\scrrun.dll
    File not found -- C:\WINDOWS\System32\scrobj.dll
    File not found -- C:\WINDOWS\System32\scrnsave.scr
    File not found -- C:\WINDOWS\System32\scredir.dll
    File not found -- C:\WINDOWS\System32\SCP32.DLL
    File not found -- C:\WINDOWS\System32\sclgntfy.dll
    File not found -- C:\WINDOWS\System32\schtasks.exe
    File not found -- C:\WINDOWS\System32\schedsvc.dll
    File not found -- C:\WINDOWS\System32\schannel.dll
    File not found -- C:\WINDOWS\System32\scesrv.dll
    File not found -- C:\WINDOWS\System32\scecli.dll
    File not found -- C:\WINDOWS\System32\sccsccp.dll
    File not found -- C:\WINDOWS\System32\sccbase.dll
    File not found -- C:\WINDOWS\System32\scardsvr.exe
    File not found -- C:\WINDOWS\System32\scardssp.dll
    File not found -- C:\WINDOWS\System32\scarddlg.dll
    File not found -- C:\WINDOWS\System32\sc.exe
    File not found -- C:\WINDOWS\System32\sbeio.dll
    File not found -- C:\WINDOWS\System32\savedump.exe
    File not found -- C:\WINDOWS\Santa Fe Stucco.bmp
    File not found -- C:\WINDOWS\System32\samsrv.dll
    File not found -- C:\WINDOWS\System32\samlib.dll
    File not found -- C:\WINDOWS\System32\safrslv.dll
    File not found -- C:\WINDOWS\System32\safrdm.dll
    File not found -- C:\WINDOWS\System32\safrcdlg.dll
    File not found -- C:\WINDOWS\System32\S32EVNT1.DLL
    File not found -- C:\WINDOWS\System32\rwinsta.exe
    File not found -- C:\WINDOWS\System32\runonce.exe
    File not found -- C:\WINDOWS\System32\rundll32.exe
    File not found -- C:\WINDOWS\System32\runas.exe
    File not found -- C:\WINDOWS\System32\rtutils.dll
    File not found -- C:\WINDOWS\System32\rtm.dll
    File not found -- C:\WINDOWS\System32\rtipxmib.dll
    File not found -- C:\WINDOWS\System32\rtcshare.exe
    File not found -- C:\WINDOWS\System32\rsvpsp.dll
    File not found -- C:\WINDOWS\System32\rsvpperf.dll
    File not found -- C:\WINDOWS\System32\rsvpmsg.dll
    File not found -- C:\WINDOWS\System32\rsvpcnts.h
    File not found -- C:\WINDOWS\System32\rsvp.exe
    File not found -- C:\WINDOWS\System32\rsopprov.exe
    File not found -- C:\WINDOWS\System32\rsop.msc
    File not found -- C:\WINDOWS\System32\rsnotify.exe
    File not found -- C:\WINDOWS\System32\rsmui.exe
    File not found -- C:\WINDOWS\System32\rsmsink.exe
    File not found -- C:\WINDOWS\System32\rsmps.dll
    File not found -- C:\WINDOWS\System32\rsm.exe
    File not found -- C:\WINDOWS\System32\rshx32.dll
    File not found -- C:\WINDOWS\System32\rsh.exe
    File not found -- C:\WINDOWS\System32\rsfsaps.dll
    File not found -- C:\WINDOWS\System32\rsaenh.dll
    File not found -- C:\WINDOWS\System32\rsaci.rat
    File not found -- C:\WINDOWS\System32\rpcss.dll
    File not found -- C:\WINDOWS\System32\rpcrt4.dll
    File not found -- C:\WINDOWS\System32\rpcns4.dll
    File not found -- C:\WINDOWS\System32\routetab.dll
    File not found -- C:\WINDOWS\System32\routemon.exe
    File not found -- C:\WINDOWS\System32\route.exe
    File not found -- C:\WINDOWS\System32\romanime.ime
    File not found -- C:\WINDOWS\System32\rnr20.dll
    File not found -- C:\WINDOWS\River Sumida.bmp
    File not found -- C:\WINDOWS\System32\riched32.dll
    File not found -- C:\WINDOWS\System32\riched20.dll
    File not found -- C:\WINDOWS\Rhododendron.bmp
    File not found -- C:\WINDOWS\System32\rgb9rast_2.dll
    File not found -- C:\WINDOWS\System32\rexec.exe
    File not found -- C:\WINDOWS\System32\resutils.dll
    File not found -- C:\WINDOWS\System32\reset.exe
    File not found -- C:\WINDOWS\System32\replace.exe
    File not found -- C:\WINDOWS\System32\rend.dll
    File not found -- C:\WINDOWS\System32\remotesp.tsp
    File not found -- C:\WINDOWS\System32\remotepg.dll
    File not found -- C:\WINDOWS\System32\relog.exe
    File not found -- C:\WINDOWS\System32\regwizc.dll
    File not found -- C:\WINDOWS\System32\regwiz.exe
    File not found -- C:\WINDOWS\System32\regsvr32.exe
    File not found -- C:\WINDOWS\System32\regsvc.dll
    File not found -- C:\WINDOWS\REGLOCS.OLD
    File not found -- C:\WINDOWS\System32\regini.exe
    File not found -- C:\WINDOWS\System32\regedt32.exe
    File not found -- C:\WINDOWS\regedit.exe
    File not found -- C:\WINDOWS\System32\regapi.dll
    File not found -- C:\WINDOWS\System32\reg.exe
    File not found -- C:\WINDOWS\System32\recover.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\RE PRM.msg
    File not found -- C:\Documents and Settings\dolsen\Desktop\RE 97 Ford Probe - $1500 (Belmont).msg
    File not found -- C:\WINDOWS\System32\rdshost.exe
    File not found -- C:\WINDOWS\System32\rdsaddin.exe
    File not found -- C:\WINDOWS\System32\rdpwsx.dll
    File not found -- C:\WINDOWS\System32\rdpsnd.dll
    File not found -- C:\WINDOWS\System32\rdpdd.dll
    File not found -- C:\WINDOWS\System32\rdpclip.exe
    File not found -- C:\WINDOWS\System32\rdpcfgex.dll
    File not found -- C:\WINDOWS\System32\RDOCURS.DLL
    File not found -- C:\WINDOWS\System32\rdchost.dll
    File not found -- C:\WINDOWS\System32\rcp.exe
    File not found -- C:\WINDOWS\System32\rcimlby.exe
    File not found -- C:\WINDOWS\System32\rcbdyctl.dll
    File not found -- C:\WINDOWS\System32\rastls.dll
    File not found -- C:\WINDOWS\System32\rastapi.dll
    File not found -- C:\WINDOWS\System32\rasser.dll
    File not found -- C:\WINDOWS\System32\rassapi.dll
    File not found -- C:\WINDOWS\System32\rasrad.dll
    File not found -- C:\WINDOWS\System32\rasppp.dll
    File not found -- C:\WINDOWS\System32\rasphone.exe
    File not found -- C:\WINDOWS\System32\rasmxs.dll
    File not found -- C:\WINDOWS\System32\rasmontr.dll
    File not found -- C:\WINDOWS\System32\rasmans.dll
    File not found -- C:\WINDOWS\System32\rasman.dll
    File not found -- C:\WINDOWS\System32\rasdlg.dll
    File not found -- C:\WINDOWS\System32\rasdial.exe
    File not found -- C:\WINDOWS\System32\rasctrs.dll
    File not found -- C:\WINDOWS\System32\rasctrnm.h
    File not found -- C:\WINDOWS\System32\raschap.dll
    File not found -- C:\WINDOWS\System32\rasautou.exe
    File not found -- C:\WINDOWS\System32\rasauto.dll
    File not found -- C:\WINDOWS\System32\rasapi32.dll
    File not found -- C:\WINDOWS\System32\rasadhlp.dll
    File not found -- C:\WINDOWS\System32\racpldlg.dll
    File not found -- C:\WINDOWS\System32\qwinsta.exe
    File not found -- C:\WINDOWS\System32\QuickTimeVR.qtx
    File not found -- C:\Documents and Settings\dolsen\Desktop\QuickTimeInstaller.exe
    File not found -- C:\WINDOWS\System32\QuickTime.qts
    File not found -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    File not found -- C:\WINDOWS\System32\quick.ime
    File not found -- C:\WINDOWS\System32\query.dll
    File not found -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
    File not found -- C:\WINDOWS\System32\qprocess.exe
    File not found -- C:\WINDOWS\System32\qosname.dll
    File not found -- C:\WINDOWS\System32\qmgrprxy.dll
    File not found -- C:\WINDOWS\System32\qmgr.dll
    File not found -- C:\WINDOWS\System32\qasf.dll
    File not found -- C:\WINDOWS\System32\qappsrv.exe
    File not found -- C:\WINDOWS\System32\pxwma.dll
    File not found -- C:\WINDOWS\System32\PxWave.dll
    File not found -- C:\WINDOWS\System32\PxSFS.DLL
    File not found -- C:\WINDOWS\System32\PxMas.dll
    File not found -- C:\WINDOWS\System32\pxdrv.dll
    File not found -- C:\WINDOWS\System32\px.ini
    File not found -- C:\WINDOWS\System32\Px.dll
    File not found -- C:\WINDOWS\System32\pubprn.vbs
    File not found -- C:\WINDOWS\System32\pstorsvc.dll
    File not found -- C:\WINDOWS\System32\pstorec.dll
    File not found -- C:\WINDOWS\System32\psnppagn.dll
    File not found -- C:\WINDOWS\System32\pscript.sep
    File not found -- C:\WINDOWS\System32\pschdprf.dll
    File not found -- C:\WINDOWS\System32\pschdcnt.h
    File not found -- C:\WINDOWS\System32\psbase.dll
    File not found -- C:\WINDOWS\System32\psapi.dll
    File not found -- C:\WINDOWS\System32\proxycfg.exe
    File not found -- C:\WINDOWS\System32\proquota.exe
    File not found -- C:\WINDOWS\System32\progman.exe
    File not found -- C:\WINDOWS\System32\profmap.dll
    File not found -- C:\WINDOWS\System32\proctexe.ocx
    File not found -- C:\WINDOWS\System32\prntvpt.dll
    File not found -- C:\WINDOWS\System32\prnqctl.vbs
    File not found -- C:\WINDOWS\System32\prnport.vbs
    File not found -- C:\WINDOWS\System32\prnmngr.vbs
    File not found -- C:\WINDOWS\System32\prnjobs.vbs
    File not found -- C:\WINDOWS\System32\prndrvr.vbs
    File not found -- C:\WINDOWS\System32\prncnfg.vbs
    File not found -- C:\WINDOWS\System32\printui.dll
    File not found -- C:\WINDOWS\System32\print.exe
    File not found -- C:\WINDOWS\System32\prflbmsg.dll
    File not found -- C:\WINDOWS\System32\PretzelSpellCheck.dll
    File not found -- C:\WINDOWS\System32\PresentationNative_v0300.dll
    File not found -- C:\WINDOWS\System32\PresentationHostProxy.dll
    File not found -- C:\WINDOWS\System32\PresentationHost.exe
    File not found -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
    File not found -- C:\WINDOWS\System32\preflib.dll
    File not found -- C:\WINDOWS\Prairie Wind.bmp
    File not found -- C:\WINDOWS\System32\powrprof.dll
    File not found -- C:\WINDOWS\System32\PowerToysLicense.rtf
    File not found -- C:\WINDOWS\System32\powercfg.exe
    File not found -- C:\WINDOWS\System32\powercfg.cpl
    File not found -- C:\WINDOWS\System32\POSTWPP.DLL
    File not found -- C:\WINDOWS\System32\Popup.ocx
    File not found -- C:\WINDOWS\System32\polstore.dll
    File not found -- C:\WINDOWS\System32\pnrpnsp.dll
    File not found -- C:\WINDOWS\System32\pngfilt.dll
    File not found -- C:\WINDOWS\System32\pmspl.dll
    File not found -- C:\WINDOWS\System32\plustab.dll
    File not found -- C:\WINDOWS\System32\plotman.cpl
    File not found -- C:\WINDOWS\System32\pjlmon.dll
    File not found -- C:\WINDOWS\System32\PIPARSE.DLL
    File not found -- C:\WINDOWS\System32\PINTLGNT.IME
    File not found -- C:\WINDOWS\System32\ping6.exe
    File not found -- C:\WINDOWS\System32\ping.exe
    File not found -- C:\WINDOWS\System32\pifmgr.dll
    File not found -- C:\WINDOWS\System32\pidgen.dll
    File not found -- C:\WINDOWS\System32\pid.dll
    File not found -- C:\WINDOWS\System32\photowiz.dll
    File not found -- C:\WINDOWS\System32\photometadatahandler.dll
    File not found -- C:\WINDOWS\System32\phonptr.tbl
    File not found -- C:\WINDOWS\System32\phoncode.tbl
    File not found -- C:\WINDOWS\System32\phon.tbl
    File not found -- C:\WINDOWS\System32\phon.ime
    File not found -- C:\WINDOWS\PHC705HD.ini
    File not found -- C:\WINDOWS\PEV.exe
    File not found -- C:\WINDOWS\System32\perfwci.h
    File not found -- C:\WINDOWS\System32\perfts.dll
    File not found -- C:\WINDOWS\System32\perfproc.dll
    File not found -- C:\WINDOWS\System32\perfos.dll
    File not found -- C:\WINDOWS\System32\perfnw.dll
    File not found -- C:\WINDOWS\System32\perfnet.dll
    File not found -- C:\WINDOWS\System32\perfmon.msc
    File not found -- C:\WINDOWS\System32\perfmon.exe
    File not found -- C:\WINDOWS\System32\perfi009.dat
    File not found -- C:\WINDOWS\System32\perfh009.dat
    File not found -- C:\WINDOWS\System32\perffilt.h
    File not found -- C:\WINDOWS\System32\perfdisk.dll
    File not found -- C:\WINDOWS\System32\perfd009.dat
    File not found -- C:\WINDOWS\System32\perfctrs.dll
    File not found -- C:\WINDOWS\System32\perfci.h
    File not found -- C:\WINDOWS\System32\perfc009.dat
    File not found -- C:\WINDOWS\System32\pentnt.exe
    File not found -- C:\WINDOWS\System32\PEGRPCS.DLL
    File not found -- C:\WINDOWS\System32\pds.dll
    File not found -- C:\WINDOWS\System32\pdh.dll
    File not found -- C:\WINDOWS\System32\pcl.sep
    File not found -- C:\Documents and Settings\dolsen\Desktop\pc81eni.exe
    File not found -- C:\WINDOWS\System32\pautoenr.dll
    File not found -- C:\WINDOWS\System32\pathping.exe
    File not found -- C:\WINDOWS\System32\panmap.dll
    File not found -- C:\WINDOWS\System32\pagefileconfig.vbs
    File not found -- C:\WINDOWS\System32\packager.exe
    File not found -- C:\WINDOWS\System32\p2psvc.dll
    File not found -- C:\WINDOWS\System32\p2pnetsh.dll
    File not found -- C:\WINDOWS\System32\p2pgraph.dll
    File not found -- C:\WINDOWS\System32\p2pgasvc.dll
    File not found -- C:\WINDOWS\System32\p2p.dll
    File not found -- C:\WINDOWS\System32\OUTLPERF.INI
    File not found -- C:\WINDOWS\System32\OUTLPERF.H
    File not found -- C:\Documents and Settings\dolsen\Desktop\OTL.exe
    File not found -- C:\WINDOWS\System32\osuninst.exe
    File not found -- C:\WINDOWS\System32\osuninst.dll
    File not found -- C:\WINDOWS\System32\osk.exe
    File not found -- C:\WINDOWS\orun32.isu
    File not found -- C:\WINDOWS\orun32.ini
    File not found -- C:\WINDOWS\System32\opengl32.dll
    File not found -- C:\WINDOWS\System32\openfiles.exe
    File not found -- C:\WINDOWS\System32\olethk32.dll
    File not found -- C:\WINDOWS\System32\olesvr32.dll
    File not found -- C:\WINDOWS\System32\olesvr.dll
    File not found -- C:\WINDOWS\System\OLESVR.DLL
    File not found -- C:\WINDOWS\System32\olepro32.dll
    File not found -- C:\WINDOWS\System32\oleprn.dll
    File not found -- C:\WINDOWS\System32\oledlg.dll
    File not found -- C:\WINDOWS\System32\olecnv32.dll
    File not found -- C:\WINDOWS\System32\olecli32.dll
    File not found -- C:\WINDOWS\System32\olecli.dll
    File not found -- C:\WINDOWS\System\OLECLI.DLL
    File not found -- C:\WINDOWS\System32\oleaut32.dll
    File not found -- C:\WINDOWS\System32\oleaccrc.dll
    File not found -- C:\WINDOWS\System32\oleacc.dll
    File not found -- C:\WINDOWS\System32\ole32.dll
    File not found -- C:\WINDOWS\System32\ole2nls.dll
    File not found -- C:\WINDOWS\System32\ole2disp.dll
    File not found -- C:\WINDOWS\System32\ole2.dll
    File not found -- C:\WINDOWS\System32\offfilt.dll
    File not found -- C:\WINDOWS\System32\OEMLOGO.BMP
    File not found -- C:\WINDOWS\System32\OEMINFO.PNF
    File not found -- C:\WINDOWS\System32\OEMINFO.INI
    File not found -- C:\WINDOWS\System32\OEMBKGN1.BMP
    File not found -- C:\WINDOWS\System32\oembios.sig
    File not found -- C:\WINDOWS\System32\oembios.dat
    File not found -- C:\WINDOWS\System32\oembios.bin
    File not found -- C:\WINDOWS\System32\odtext32.dll
    File not found -- C:\WINDOWS\System32\odpdx32.dll
    File not found -- C:\WINDOWS\System32\odfox32.dll
    File not found -- C:\WINDOWS\System32\odexl32.dll
    File not found -- C:\WINDOWS\System32\oddbse32.dll
    File not found -- C:\WINDOWS\System32\odbctrac.dll
    File not found -- C:\WINDOWS\System32\odbcp32r.dll
    File not found -- C:\WINDOWS\System32\odbcjt32.dll
    File not found -- C:\WINDOWS\System32\odbcji32.dll
    File not found -- C:\WINDOWS\System32\odbcint.dll
    File not found -- C:\WINDOWS\ODBCINST.INI
    File not found -- C:\WINDOWS\System32\odbccu32.dll
    File not found -- C:\WINDOWS\System32\odbccr32.dll
    File not found -- C:\WINDOWS\System32\odbccp32.dll
    File not found -- C:\WINDOWS\System32\odbccp32.cpl
    File not found -- C:\WINDOWS\System32\odbcconf.rsp
    File not found -- C:\WINDOWS\System32\odbcconf.exe
    File not found -- C:\WINDOWS\System32\odbcconf.dll
    File not found -- C:\WINDOWS\System32\odbcbcp.dll
    File not found -- C:\WINDOWS\System32\odbcad32.exe
    File not found -- C:\WINDOWS\System32\odbc32gt.dll
    File not found -- C:\WINDOWS\System32\odbc32.dll
    File not found -- C:\WINDOWS\System32\odbc16gt.dll
    File not found -- C:\WINDOWS\ODBC.INI
    File not found -- C:\WINDOWS\System32\ocmanage.dll
    File not found -- C:\WINDOWS\System32\occache.dll
    File not found -- C:\WINDOWS\System32\objsel.dll
    File not found -- C:\WINDOWS\System32\oakley.dll
    File not found -- C:\WINDOWS\System32\nwwks.dll
    File not found -- C:\WINDOWS\System32\nwscript.exe
    File not found -- C:\WINDOWS\System32\nwprovau.dll
    File not found -- C:\WINDOWS\System32\nwevent.dll
    File not found -- C:\WINDOWS\System32\nwcfg.dll
    File not found -- C:\WINDOWS\System32\nwc.cpl
    File not found -- C:\WINDOWS\System32\nwapi32.dll
    File not found -- C:\WINDOWS\System32\nwapi16.dll
    File not found -- C:\WINDOWS\System32\nv4_disp.dll
    File not found -- C:\WINDOWS\System32\nusrmgr.cpl
    File not found -- C:\WINDOWS\System32\ntvdmd.dll
    File not found -- C:\WINDOWS\System32\ntvdm.exe
    File not found -- C:\Documents and Settings\All Users\ntuser.pol
    File not found -- C:\WINDOWS\System32\ntshrui.dll
    File not found -- C:\WINDOWS\System32\ntsdexts.dll
    File not found -- C:\WINDOWS\System32\ntsd.exe
    File not found -- C:\WINDOWS\System32\nts.dll
    File not found -- C:\WINDOWS\System32\ntprint.dll
    File not found -- C:\WINDOWS\System32\ntoskrnl.exe
    File not found -- C:\WINDOWS\System32\ntmssvc.dll
    File not found -- C:\WINDOWS\System32\ntmsoprq.msc
    File not found -- C:\WINDOWS\System32\ntmsmgr.msc
    File not found -- C:\WINDOWS\System32\ntmsmgr.dll
    File not found -- C:\WINDOWS\System32\ntmsevt.dll
    File not found -- C:\WINDOWS\System32\ntmsdba.dll
    File not found -- C:\WINDOWS\System32\ntmsapi.dll
    File not found -- C:\WINDOWS\System32\ntmarta.dll
    File not found -- C:\WINDOWS\System32\ntlsapi.dll
    File not found -- C:\WINDOWS\System32\ntlanui2.dll
    File not found -- C:\WINDOWS\System32\ntlanui.dll
    File not found -- C:\WINDOWS\System32\ntlanman.dll
    File not found -- C:\WINDOWS\System32\ntkrnlpa.exe
    File not found -- C:\WINDOWS\System32\ntimage.gif
    File not found -- C:\WINDOWS\System32\ntdsbcli.dll
    File not found -- C:\WINDOWS\System32\ntdsapi.dll
    File not found -- C:\WINDOWS\System32\ntdll.dll
    File not found -- C:\WINDOWS\System32\ntbackup.exe
    File not found -- C:\WINDOWS\nsreg.dat
    File not found -- C:\WINDOWS\System32\nslookup.exe
    File not found -- C:\WINDOWS\System32\nscompat.tlb
    File not found -- C:\WINDOWS\System32\npptools.dll
    File not found -- C:\WINDOWS\System32\notepad.exe
    File not found -- C:\WINDOWS\NOTEPAD.EXE
    File not found -- C:\WINDOWS\System32\normaliz.dll
    File not found -- C:\WINDOWS\System32\noise.tha
    File not found -- C:\WINDOWS\System32\noise.sve
    File not found -- C:\WINDOWS\System32\noise.nld
    File not found -- C:\WINDOWS\System32\noise.kor
    File not found -- C:\WINDOWS\System32\noise.jpn
    File not found -- C:\WINDOWS\System32\noise.ita
    File not found -- C:\WINDOWS\System32\noise.fra
    File not found -- C:\WINDOWS\System32\noise.esn
    File not found -- C:\WINDOWS\System32\noise.enu
    File not found -- C:\WINDOWS\System32\noise.eng
    File not found -- C:\WINDOWS\System32\noise.deu
    File not found -- C:\WINDOWS\System32\noise.dat
    File not found -- C:\WINDOWS\System32\noise.cht
    File not found -- C:\WINDOWS\System32\noise.chs
    File not found -- C:\WINDOWS\System32\nmmkcert.dll
    File not found -- C:\WINDOWS\System32\nmevtmsg.dll
    File not found -- C:\WINDOWS\System32\nlsdl.dll
    File not found -- C:\WINDOWS\System32\nlhtml.dll
    File not found -- C:\WINDOWS\System32\nismbusci.dll
    File not found -- C:\WINDOWS\NIRCMD.exe
    File not found -- C:\WINDOWS\System32\NicConfigSvc.cpl
    File not found -- C:\WINDOWS\System32\newdev.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\new.dwg
    File not found -- C:\WINDOWS\System32\netui2.dll
    File not found -- C:\WINDOWS\System32\netui1.dll
    File not found -- C:\WINDOWS\System32\netui0.dll
    File not found -- C:\WINDOWS\System32\netstat.exe
    File not found -- C:\WINDOWS\System32\netshell.dll
    File not found -- C:\WINDOWS\System32\netsh.exe
    File not found -- C:\WINDOWS\System32\netsetup.exe
    File not found -- C:\WINDOWS\System32\netsetup.cpl
    File not found -- C:\WINDOWS\System32\netrap.dll
    File not found -- C:\WINDOWS\System32\netplwiz.dll
    File not found -- C:\WINDOWS\System32\netmsg.dll
    File not found -- C:\WINDOWS\System32\netman.dll
    File not found -- C:\WINDOWS\System32\netlogon.dll
    File not found -- C:\WINDOWS\System32\netid.dll
    File not found -- C:\WINDOWS\System32\neth.dll
    File not found -- C:\WINDOWS\System32\netfxperf.dll
    File not found -- C:\WINDOWS\System32\netevent.dll
    File not found -- C:\WINDOWS\System32\netdde.exe
    File not found -- C:\WINDOWS\System32\netcfgx.dll
    File not found -- C:\WINDOWS\System32\netapi32.dll
    File not found -- C:\WINDOWS\System32\netapi.dll
    File not found -- C:\WINDOWS\System32\net1.exe
    File not found -- C:\WINDOWS\System32\net.exe
    File not found -- C:\WINDOWS\System32\ndptsp.tsp
    File not found -- C:\WINDOWS\System32\nddenb32.dll
    File not found -- C:\WINDOWS\System32\nddeapir.exe
    File not found -- C:\WINDOWS\System32\nddeapi.dll
    File not found -- C:\WINDOWS\System32\ncxpnt.dll
    File not found -- C:\WINDOWS\System32\ncpa.cpl
    File not found -- C:\WINDOWS\System32\ncobjapi.dll
    File not found -- C:\WINDOWS\System32\nbtstat.exe
    File not found -- C:\WINDOWS\System32\NavLogon.dll
    File not found -- C:\WINDOWS\System32\narrhook.dll
    File not found -- C:\WINDOWS\System32\narrator.exe
    File not found -- C:\WINDOWS\System32\N124UFW.dll
    File not found -- C:\WINDOWS\System32\mydocs.dll
    File not found -- C:\WINDOWS\System32\mycomput.dll
    File not found -- C:\WINDOWS\System32\mtxoci.dll
    File not found -- C:\WINDOWS\System32\mtxlegih.dll
    File not found -- C:\WINDOWS\System32\mtxex.dll
    File not found -- C:\WINDOWS\System32\mtxdm.dll
    File not found -- C:\WINDOWS\System32\mtxclu.dll
    File not found -- C:\WINDOWS\System32\mtstack.exe
    File not found -- C:\WINDOWS\System32\msyuv.dll
    File not found -- C:\WINDOWS\System32\msxmlr.dll
    File not found -- C:\WINDOWS\System32\msxml6r.dll
    File not found -- C:\WINDOWS\System32\msxml6.dll
    File not found -- C:\WINDOWS\System32\msxml3r.dll
    File not found -- C:\WINDOWS\System32\msxml3.dll
    File not found -- C:\WINDOWS\System32\msxml2r.dll
    File not found -- C:\WINDOWS\System32\msxml2.dll
    File not found -- C:\WINDOWS\System32\msxml.dll
    File not found -- C:\WINDOWS\System32\msxbde40.dll
    File not found -- C:\WINDOWS\System32\mswstr10.dll
    File not found -- C:\WINDOWS\System32\mswsock.dll
    File not found -- C:\WINDOWS\System32\mswmdm.dll
    File not found -- C:\WINDOWS\System32\mswebdvd.dll
    File not found -- C:\WINDOWS\System32\mswdat10.dll
    File not found -- C:\WINDOWS\System32\msw3prt.dll
    File not found -- C:\WINDOWS\System32\msvideo.dll
    File not found -- C:\WINDOWS\System\MSVIDEO.DLL
    File not found -- C:\WINDOWS\System32\msvidctl.dll
    File not found -- C:\WINDOWS\System32\msvidc32.dll
    File not found -- C:\WINDOWS\System32\msvfw32.dll
    File not found -- C:\WINDOWS\System32\msvcrt40.dll
    File not found -- C:\WINDOWS\System32\msvcrt20.dll
    File not found -- C:\WINDOWS\System32\msvcrt.dll
    File not found -- C:\WINDOWS\System32\msvcr71.dll
    File not found -- C:\WINDOWS\System32\msvcr70.dll
    File not found -- C:\WINDOWS\System32\msvcp71.dll
    File not found -- C:\WINDOWS\System32\msvcp70.dll
    File not found -- C:\WINDOWS\System32\msvcp60.dll
    File not found -- C:\WINDOWS\System32\msvcp50.dll
    File not found -- C:\WINDOWS\System32\msvcirt.dll
    File not found -- C:\WINDOWS\System32\msvci70.dll
    File not found -- C:\WINDOWS\System32\msvbvm60.dll
    File not found -- C:\WINDOWS\System32\msvbvm50.dll
    File not found -- C:\WINDOWS\System32\msv1_0.dll
    File not found -- C:\WINDOWS\System32\msutb.dll
    File not found -- C:\WINDOWS\System32\mstscax.dll
    File not found -- C:\WINDOWS\System32\mstsc.exe
    File not found -- C:\WINDOWS\System32\mstlsapi.dll
    File not found -- C:\WINDOWS\System32\mstinit.exe
    File not found -- C:\WINDOWS\System32\mstime.dll
    File not found -- C:\WINDOWS\System32\mstext40.dll
    File not found -- C:\WINDOWS\System32\mstask.dll
    File not found -- C:\WINDOWS\System32\msswchx.exe
    File not found -- C:\WINDOWS\System32\msswch.dll
    File not found -- C:\WINDOWS\System32\msstkprp.dll
    File not found -- C:\WINDOWS\System32\MSSTDFMT.DLL
    File not found -- C:\WINDOWS\System32\mssip32.dll
    File not found -- C:\WINDOWS\System32\mssign32.dll
    File not found -- C:\WINDOWS\System32\msscript.ocx
    File not found -- C:\WINDOWS\System32\msscp.dll
    File not found -- C:\WINDOWS\System32\msscds32.ax
    File not found -- C:\WINDOWS\System32\mssap.dll
    File not found -- C:\WINDOWS\System32\msrle32.dll
    File not found -- C:\WINDOWS\System32\msrepl40.dll
    File not found -- C:\WINDOWS\System32\msrecr40.dll
    File not found -- C:\WINDOWS\System32\MSRDO20.DLL
    File not found -- C:\WINDOWS\System32\msrd3x40.dll
    File not found -- C:\WINDOWS\System32\msrd2x40.dll
    File not found -- C:\WINDOWS\System32\msrclr40.dll
    File not found -- C:\WINDOWS\System32\msrating.dll.mui
    File not found -- C:\WINDOWS\System32\msrating.dll
    File not found -- C:\WINDOWS\System32\msratelc.dll
    File not found -- C:\WINDOWS\System32\msr2cenu.dll
    File not found -- C:\WINDOWS\System32\msr2c.dll
    File not found -- C:\WINDOWS\System32\msprivs.dll
    File not found -- C:\WINDOWS\System32\msports.dll
    File not found -- C:\WINDOWS\System32\mspmsp.dll
    File not found -- C:\WINDOWS\System32\mspmsnsv.dll
    File not found -- C:\WINDOWS\System32\mspbde40.dll
    File not found -- C:\WINDOWS\System32\mspatcha.dll
    File not found -- C:\WINDOWS\System32\mspaint.exe
    File not found -- C:\WINDOWS\System32\msorcl32.dll
    File not found -- C:\WINDOWS\System32\msorc32r.dll
    File not found -- C:\WINDOWS\msoffice.ini
    File not found -- C:\WINDOWS\System32\msoert2.dll
    File not found -- C:\WINDOWS\System32\msoeacct.dll
    File not found -- C:\WINDOWS\System32\msobjs.dll
    File not found -- C:\WINDOWS\System32\msnsspc.dll
    File not found -- C:\WINDOWS\System32\msnetobj.dll
    File not found -- C:\WINDOWS\System32\MSMASK32.OCX
    File not found -- C:\WINDOWS\System32\msltus40.dll
    File not found -- C:\WINDOWS\System32\msls31.dll
    File not found -- C:\WINDOWS\System32\mslbui.dll
    File not found -- C:\WINDOWS\System32\msjtes40.dll
    File not found -- C:\WINDOWS\System32\msjter40.dll
    File not found -- C:\WINDOWS\System32\msjint40.dll
    File not found -- C:\WINDOWS\System32\msjet40.dll
    File not found -- C:\WINDOWS\System32\msisip.dll
    File not found -- C:\WINDOWS\System32\msir3jp.lex
    File not found -- C:\WINDOWS\System32\msir3jp.dll
    File not found -- C:\WINDOWS\System32\MSIMTF.dll
    File not found -- C:\WINDOWS\System32\msimsg.dll
    File not found -- C:\WINDOWS\System32\msimg32.dll
    File not found -- C:\WINDOWS\System32\msihnd.dll
    File not found -- C:\WINDOWS\System32\msiexec.exe
    File not found -- C:\WINDOWS\System32\msieftp.dll
    File not found -- C:\WINDOWS\System32\msidntld.dll
    File not found -- C:\WINDOWS\System32\msidle.dll
    File not found -- C:\WINDOWS\System32\msident.dll
    File not found -- C:\WINDOWS\System32\msi.dll
    File not found -- C:\WINDOWS\System32\mshtmler.dll
    File not found -- C:\WINDOWS\System32\mshtmled.dll
    File not found -- C:\WINDOWS\System32\mshtml.tlb
    File not found -- C:\WINDOWS\System32\mshtml.dll
    File not found -- C:\WINDOWS\System32\mshta.exe.mui
    File not found -- C:\WINDOWS\System32\mshta.exe
    File not found -- C:\WINDOWS\System32\mshearts.exe
    File not found -- C:\WINDOWS\System32\msh263.drv
    File not found -- C:\WINDOWS\System32\msh261.drv
    File not found -- C:\WINDOWS\System32\msgsys.dll
    File not found -- C:\WINDOWS\System32\msgsvc.dll
    File not found -- C:\WINDOWS\System32\msgsm32.acm
    File not found -- C:\WINDOWS\System32\msgina.dll
    File not found -- C:\WINDOWS\System32\msg723.acm
    File not found -- C:\WINDOWS\System32\msg711.acm
    File not found -- C:\WINDOWS\System32\msg.exe
    File not found -- C:\WINDOWS\System32\msftedit.dll
    File not found -- C:\WINDOWS\System32\MSFLXGRD.OCX
    File not found -- C:\WINDOWS\System32\msfeedssync.exe
    File not found -- C:\WINDOWS\System32\msfeedsbs.dll
    File not found -- C:\WINDOWS\System32\msfeeds.dll
    File not found -- C:\WINDOWS\System32\msexcl40.dll
    File not found -- C:\WINDOWS\System32\msexch40.dll
    File not found -- C:\WINDOWS\System32\msdxm.ocx
    File not found -- C:\WINDOWS\System32\msdtcuiu.dll
    File not found -- C:\WINDOWS\System32\msdtctm.dll
    File not found -- C:\WINDOWS\System32\msdtcprx.dll
    File not found -- C:\WINDOWS\System32\msdtcprf.h
    File not found -- C:\WINDOWS\System32\msdtclog.dll
    File not found -- C:\WINDOWS\System32\msdtc.exe
    File not found -- C:\WINDOWS\System32\msdbg2.dll
    File not found -- C:\WINDOWS\System32\msdayi.tbl
    File not found -- C:\WINDOWS\System32\msdatsrc.tlb
    File not found -- C:\WINDOWS\System32\msdart.dll
    File not found -- C:\WINDOWS\System32\msdadiag.dll
    File not found -- C:\WINDOWS\System32\MSCTFP.dll
    File not found -- C:\WINDOWS\System32\MSCTFIME.IME
    File not found -- C:\WINDOWS\System32\msctf.dll
    File not found -- C:\WINDOWS\System32\mscpxl32.dLL
    File not found -- C:\WINDOWS\System32\mscpx32r.dLL
    File not found -- C:\WINDOWS\System32\mscories.dll
    File not found -- C:\WINDOWS\System32\mscorier.dll
    File not found -- C:\WINDOWS\System32\mscoree.dll
    File not found -- C:\WINDOWS\System32\msconf.dll
    File not found -- C:\WINDOWS\System32\mscomm32.ocx
    File not found -- C:\WINDOWS\System32\MSCOMCTL.OCX
    File not found -- C:\WINDOWS\System32\Mscomct2.ocx
    File not found -- C:\WINDOWS\System32\mscms.dll
    File not found -- C:\WINDOWS\System32\mscat32.dll
    File not found -- C:\WINDOWS\System32\msaudite.dll
    File not found -- C:\WINDOWS\System32\msaud32.acm
    File not found -- C:\WINDOWS\System32\msasn1.dll
    File not found -- C:\WINDOWS\System32\msapsspc.dll
    File not found -- C:\WINDOWS\System32\msafd.dll
    File not found -- C:\WINDOWS\System32\msadp32.acm
    File not found -- C:\WINDOWS\System32\msadds32.ax
    File not found -- C:\WINDOWS\System32\msacm32.drv
     
  23. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    Heres the third

    File not found -- C:\WINDOWS\System32\msacm32.dll
    File not found -- C:\WINDOWS\System32\msacm.dll
    File not found -- C:\WINDOWS\System32\msaatext.dll
    File not found -- C:\WINDOWS\System32\Mrt7enu.dll
    File not found -- C:\WINDOWS\System32\mrinfo.exe
    File not found -- C:\WINDOWS\System32\mqutil.dll
    File not found -- C:\WINDOWS\System32\mqupgrd.dll
    File not found -- C:\WINDOWS\System32\mqtrig.dll
    File not found -- C:\WINDOWS\System32\mqtgsvc.exe
    File not found -- C:\WINDOWS\System32\mqsvc.exe
    File not found -- C:\WINDOWS\System32\mqsnap.dll
    File not found -- C:\WINDOWS\System32\mqsec.dll
    File not found -- C:\WINDOWS\System32\mqrtdep.dll
    File not found -- C:\WINDOWS\System32\mqrt.dll
    File not found -- C:\WINDOWS\System32\mqqm.dll
    File not found -- C:\WINDOWS\System32\mqprfsym.h
    File not found -- C:\WINDOWS\System32\mqperf.dll
    File not found -- C:\WINDOWS\System32\mqoa20.tlb
    File not found -- C:\WINDOWS\System32\mqoa10.tlb
    File not found -- C:\WINDOWS\System32\mqoa.tlb
    File not found -- C:\WINDOWS\System32\mqoa.dll
    File not found -- C:\WINDOWS\System32\mqlogmgr.dll
    File not found -- C:\WINDOWS\System32\mqise.dll
    File not found -- C:\WINDOWS\System32\mqgentr.dll
    File not found -- C:\WINDOWS\System32\mqdscli.dll
    File not found -- C:\WINDOWS\System32\mqcertui.dll
    File not found -- C:\WINDOWS\System32\mqbkup.exe
    File not found -- C:\WINDOWS\System32\mqad.dll
    File not found -- C:\WINDOWS\System32\mpxerces-c_2_7.dll
    File not found -- C:\WINDOWS\System32\mpusbapi.dll
    File not found -- C:\WINDOWS\System32\MpSigStub.exe
    File not found -- C:\WINDOWS\System32\mprui.dll
    File not found -- C:\WINDOWS\System32\mprmsg.dll
    File not found -- C:\WINDOWS\System32\mprdim.dll
    File not found -- C:\WINDOWS\System32\mprddm.dll
    File not found -- C:\WINDOWS\System32\mprapi.dll
    File not found -- C:\WINDOWS\System32\mpr.dll
    File not found -- C:\WINDOWS\System32\mppython.dll
    File not found -- C:\WINDOWS\System32\mpPathan.dll
    File not found -- C:\WINDOWS\System32\mpnotify.exe
    File not found -- C:\WINDOWS\System32\MPMapTrace.dll
    File not found -- C:\WINDOWS\System32\MPLBCOMM.dll
    File not found -- C:\WINDOWS\System32\mplay32.exe
    File not found -- C:\Documents and Settings\All Users\Desktop\MPLAB IDE v8.46.lnk
    File not found -- C:\WINDOWS\System32\mpg4ds32.ax
    File not found -- C:\WINDOWS\System32\mpg4dmod.dll
    File not found -- C:\WINDOWS\System32\mpg2splt.ax
    File not found -- C:\WINDOWS\System32\mpeg2data.ax
    File not found -- C:\WINDOWS\System32\mp4sdmod.dll
    File not found -- C:\WINDOWS\System32\mp43dmod.dll
    File not found -- C:\WINDOWS\System32\mouse.drv
    File not found -- C:\WINDOWS\System\MOUSE.DRV
    File not found -- C:\WINDOWS\System32\mountvol.exe
    File not found -- C:\WINDOWS\System32\moricons.dll
    File not found -- C:\WINDOWS\System32\more.com
    File not found -- C:\WINDOWS\System32\modex.dll
    File not found -- C:\WINDOWS\System32\modemui.dll
    File not found -- C:\WINDOWS\System32\mode.com
    File not found -- C:\WINDOWS\System32\mobsync.exe
    File not found -- C:\WINDOWS\System32\mobsync.dll
    File not found -- C:\WINDOWS\System32\mnmsrvc.exe
    File not found -- C:\WINDOWS\System32\mnmdd.dll
    File not found -- C:\WINDOWS\System32\mmutilse.dll
    File not found -- C:\WINDOWS\System32\mmtask.tsk
    File not found -- C:\WINDOWS\System\MMTASK.TSK
    File not found -- C:\WINDOWS\System32\mmsystem.dll
    File not found -- C:\WINDOWS\System\MMSYSTEM.DLL
    File not found -- C:\WINDOWS\System32\mmsys.cpl
    File not found -- C:\WINDOWS\System32\mmfutil.dll
    File not found -- C:\WINDOWS\System32\mmdrv.dll
    File not found -- C:\WINDOWS\System32\mmdriver.inf
    File not found -- C:\WINDOWS\System32\mmcshext.dll
    File not found -- C:\WINDOWS\System32\mmcndmgr.dll
    File not found -- C:\WINDOWS\System32\mmcbase.dll
    File not found -- C:\WINDOWS\System32\mmc.exe
    File not found -- C:\WINDOWS\System32\mll_qic.dll
    File not found -- C:\WINDOWS\System32\mll_mtf.dll
    File not found -- C:\WINDOWS\System32\mll_hp.dll
    File not found -- C:\WINDOWS\System32\mlang.dll
    File not found -- C:\WINDOWS\System32\mlang.dat
    File not found -- C:\WINDOWS\System32\miniime.tpl
    File not found -- C:\Documents and Settings\dolsen\Desktop\Minecraft.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\Minecraft
    File not found -- C:\WINDOWS\System32\mimefilt.dll
    File not found -- C:\WINDOWS\System32\migpwd.exe
    File not found -- C:\WINDOWS\System32\miglibnt.dll
    File not found -- C:\WINDOWS\System32\midimap.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\Microsoft Office Project 2007.lnk
    File not found -- C:\WINDOWS\System32\mib.bin
    File not found -- C:\WINDOWS\System32\mgmtapi.dll
    File not found -- C:\WINDOWS\System32\mfcsubs.dll
    File not found -- C:\WINDOWS\System32\mfc71u.dll
    File not found -- C:\WINDOWS\System32\MFC71KOR.DLL
    File not found -- C:\WINDOWS\System32\MFC71JPN.DLL
    File not found -- C:\WINDOWS\System32\MFC71ITA.DLL
    File not found -- C:\WINDOWS\System32\MFC71FRA.DLL
    File not found -- C:\WINDOWS\System32\MFC71ESP.DLL
    File not found -- C:\WINDOWS\System32\MFC71ENU.DLL
    File not found -- C:\WINDOWS\System32\MFC71DEU.DLL
    File not found -- C:\WINDOWS\System32\MFC71CHT.DLL
    File not found -- C:\WINDOWS\System32\MFC71CHS.DLL
    File not found -- C:\WINDOWS\System32\MFC71.dll
    File not found -- C:\WINDOWS\System32\mfc70u.dll
    File not found -- C:\WINDOWS\System32\mfc70.dll
    File not found -- C:\WINDOWS\System32\mfc42u.dll
    File not found -- C:\WINDOWS\System32\MFC42ENU.DLL
    File not found -- C:\WINDOWS\System32\mfc42.dll
    File not found -- C:\WINDOWS\System32\mfc40u.dll
    File not found -- C:\WINDOWS\System32\mfc40.dll
    File not found -- C:\WINDOWS\System32\mf3216.dll
    File not found -- C:\WINDOWS\System32\mdwmdmsp.dll
    File not found -- C:\WINDOWS\System32\mdmxsdk.dll
    File not found -- C:\WINDOWS\System32\mdminst.dll
    File not found -- C:\WINDOWS\System32\mdimon.dll
    File not found -- C:\WINDOWS\System32\mdhcp.dll
    File not found -- C:\WINDOWS\System32\mciwave.drv
    File not found -- C:\WINDOWS\System\MCIWAVE.DRV
    File not found -- C:\WINDOWS\System32\mciwave.dll
    File not found -- C:\WINDOWS\System32\mciseq.drv
    File not found -- C:\WINDOWS\System\MCISEQ.DRV
    File not found -- C:\WINDOWS\System32\mciseq.dll
    File not found -- C:\WINDOWS\System32\mciole32.dll
    File not found -- C:\WINDOWS\System32\mciole16.dll
    File not found -- C:\WINDOWS\System32\mcicda.dll
    File not found -- C:\WINDOWS\System32\mciavi32.dll
    File not found -- C:\WINDOWS\System32\mciavi.drv
    File not found -- C:\WINDOWS\System\MCIAVI.DRV
    File not found -- C:\WINDOWS\System32\mchgrcoi.dll
    File not found -- C:\WINDOWS\System32\mcdsrv32.dll
    File not found -- C:\WINDOWS\System32\MCDRV48F.DLL
    File not found -- C:\WINDOWS\MCDRV48F.DLL
    File not found -- C:\WINDOWS\System32\mcd32.dll
    File not found -- C:\WINDOWS\System32\mcastmib.dll
    File not found -- C:\WINDOWS\MBR.exe
    File not found -- C:\WINDOWS\System32\mapisvc.inf
    File not found -- C:\WINDOWS\System32\mapistub.dll
    File not found -- C:\WINDOWS\System32\mapi32.dll
    File not found -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    File not found -- C:\WINDOWS\System32\makecab.exe
    File not found -- C:\WINDOWS\System32\main.cpl
    File not found -- C:\WINDOWS\System32\magnify.exe
    File not found -- C:\WINDOWS\System32\mag_hook.dll
    File not found -- C:\WINDOWS\System32\lzexpand.dll
    File not found -- C:\WINDOWS\System\LZEXPAND.DLL
    File not found -- C:\WINDOWS\System32\lz32.dll
    File not found -- C:\WINDOWS\System32\LVUI2RC.dll
    File not found -- C:\WINDOWS\System32\LVUI2.dll
    File not found -- C:\WINDOWS\System32\lvcoinst.ini
    File not found -- C:\WINDOWS\System32\lvcodec2.dll
    File not found -- C:\WINDOWS\System32\lvci12101110.dll
    File not found -- C:\WINDOWS\System32\lusrmgr.msc
    File not found -- C:\WINDOWS\System32\ltvdd11w.drv
    File not found -- C:\WINDOWS\System32\ltkrn11n.dll
    File not found -- C:\WINDOWS\System32\ltimg11n.dll
    File not found -- C:\WINDOWS\System32\Ltih30tb.dll
    File not found -- C:\WINDOWS\System32\ltfil11n.DLL
    File not found -- C:\WINDOWS\System32\LTDIS11n.dll
    File not found -- C:\WINDOWS\System32\lsass.exe
    File not found -- C:\WINDOWS\System32\lsasrv.dll
    File not found -- C:\WINDOWS\System32\lprmonui.dll
    File not found -- C:\WINDOWS\System32\lprhelp.dll
    File not found -- C:\WINDOWS\System32\lpr.exe
    File not found -- C:\WINDOWS\System32\lpq.exe
    File not found -- C:\WINDOWS\System32\lpk.dll
    File not found -- C:\WINDOWS\System32\lookout.sec
    File not found -- C:\WINDOWS\System32\logonui.exe
    File not found -- C:\WINDOWS\System32\logon.scr
    File not found -- C:\WINDOWS\System32\logoff.exe
    File not found -- C:\WINDOWS\System32\logman.exe
    File not found -- C:\WINDOWS\System32\login.cmd
    File not found -- C:\WINDOWS\System32\loghours.dll
    File not found -- C:\WINDOWS\System32\logagent.exe
    File not found -- C:\WINDOWS\System32\lodctr.exe
    File not found -- C:\WINDOWS\System32\locator.exe
    File not found -- C:\WINDOWS\System32\localui.dll
    File not found -- C:\WINDOWS\System32\localspl.dll
    File not found -- C:\WINDOWS\System32\localsec.dll
    File not found -- C:\WINDOWS\System32\loc32vc0.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\LobsterTransaction.pdf
    File not found -- C:\Documents and Settings\dolsen\Desktop\LobsterLicense.pdf
    File not found -- C:\WINDOWS\System32\loadperf.dll
    File not found -- C:\WINDOWS\System32\lnkstub.exe
    File not found -- C:\WINDOWS\System32\lmrt.dll
    File not found -- C:\WINDOWS\System32\lmhsvc.dll
    File not found -- C:\WINDOWS\System32\linkinfo.dll
    File not found -- C:\WINDOWS\System32\lights.exe
    File not found -- C:\WINDOWS\System32\licwmi.dll
    File not found -- C:\WINDOWS\System32\licmgr10.dll
    File not found -- C:\WINDOWS\System32\licdll.dll
    File not found -- C:\WINDOWS\System32\libusbd-nt.exe
    File not found -- C:\WINDOWS\System32\libusbd-9x.exe
    File not found -- C:\WINDOWS\System32\libusb0.dll
    File not found -- C:\WINDOWS\System32\lfwpg11n.dll
    File not found -- C:\WINDOWS\System32\lfwmf11n.dll
    File not found -- C:\WINDOWS\System32\lftif11n.dll
    File not found -- C:\WINDOWS\System32\lfpsd11n.dll
    File not found -- C:\WINDOWS\System32\Lfpng11n.dll
    File not found -- C:\WINDOWS\System32\lfpcx11n.dll
    File not found -- C:\WINDOWS\System32\lfpcd11n.dll
    File not found -- C:\WINDOWS\System32\lfgif11n.dll
    File not found -- C:\WINDOWS\System32\lffax11n.dll
    File not found -- C:\WINDOWS\System32\lfeps11n.dll
    File not found -- C:\WINDOWS\System32\LFCMP11n.DLL
    File not found -- C:\WINDOWS\System32\lfbmp11n.dll
    File not found -- C:\WINDOWS\System32\lcptr.tbl
    File not found -- C:\WINDOWS\System32\lcphrase.tbl
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    File not found -- C:\Documents and Settings\All Users\Desktop\Launch AESPcLink.lnk
    File not found -- C:\WINDOWS\System32\laprxy.dll
    File not found -- C:\WINDOWS\System32\lanman.drv
    File not found -- C:\WINDOWS\System32\langwrbk.dll
    File not found -- C:\WINDOWS\System32\label.exe
    File not found -- C:\WINDOWS\System32\l3codecx.ax
    File not found -- C:\WINDOWS\System32\l3codeca.acm
    File not found -- C:\WINDOWS\System32\KzUiDll.dll
    File not found -- C:\WINDOWS\System32\KzService.exe
    File not found -- C:\WINDOWS\System32\KzRes.dll
    File not found -- C:\WINDOWS\System32\KzProjectStore.dll
    File not found -- C:\WINDOWS\System32\KzDesktop.dll
    File not found -- C:\WINDOWS\System32\ksxbar.ax
    File not found -- C:\WINDOWS\System32\kswdmcap.ax
    File not found -- C:\WINDOWS\System32\ksuser.dll
    File not found -- C:\WINDOWS\System32\kstvtune.ax
    File not found -- C:\WINDOWS\System32\ksproxy.ax
    File not found -- C:\WINDOWS\System32\krnl386.exe
    File not found -- C:\WINDOWS\System32\KPower.dll
    File not found -- C:\WINDOWS\System32\korwbrkr.lex
    File not found -- C:\WINDOWS\System32\korwbrkr.dll
    File not found -- C:\WINDOWS\System32\kmddsp.tsp
    File not found -- C:\WINDOWS\System32\keymgr.dll
    File not found -- C:\WINDOWS\System32\KeyHelp.ocx
    File not found -- C:\WINDOWS\System32\keyboard.drv
    File not found -- C:\WINDOWS\System\KEYBOARD.DRV
    File not found -- C:\WINDOWS\System32\kernel32.dll
    File not found -- C:\WINDOWS\System32\kerberos.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\KentuckyStateForms.pdf
    File not found -- C:\WINDOWS\System32\kdcom.dll
    File not found -- C:\WINDOWS\System32\kd1394.dll
    File not found -- C:\WINDOWS\System32\kbdycl.dll
    File not found -- C:\WINDOWS\System32\kbdycc.dll
    File not found -- C:\WINDOWS\System32\kbduzb.dll
    File not found -- C:\WINDOWS\System32\kbdusx.dll
    File not found -- C:\WINDOWS\System32\kbdusr.dll
    File not found -- C:\WINDOWS\System32\kbdusl.dll
    File not found -- C:\WINDOWS\System32\kbdus.dll
    File not found -- C:\WINDOWS\System32\kbdur.dll
    File not found -- C:\WINDOWS\System32\kbdukx.dll
    File not found -- C:\WINDOWS\System32\kbduk.dll
    File not found -- C:\WINDOWS\System32\kbdtuq.dll
    File not found -- C:\WINDOWS\System32\kbdtuf.dll
    File not found -- C:\WINDOWS\System32\kbdtat.dll
    File not found -- C:\WINDOWS\System32\kbdsw.dll
    File not found -- C:\WINDOWS\System32\kbdsp.dll
    File not found -- C:\WINDOWS\System32\kbdsmsno.dll
    File not found -- C:\WINDOWS\System32\kbdsmsfi.dll
    File not found -- C:\WINDOWS\System32\kbdsl1.dll
    File not found -- C:\WINDOWS\System32\kbdsl.dll
    File not found -- C:\WINDOWS\System32\kbdsg.dll
    File not found -- C:\WINDOWS\System32\kbdsf.dll
    File not found -- C:\WINDOWS\System32\kbdru1.dll
    File not found -- C:\WINDOWS\System32\kbdru.dll
    File not found -- C:\WINDOWS\System32\kbdro.dll
    File not found -- C:\WINDOWS\System32\kbdpo.dll
    File not found -- C:\WINDOWS\System32\kbdpl1.dll
    File not found -- C:\WINDOWS\System32\kbdpl.dll
    File not found -- C:\WINDOWS\System32\kbdno1.dll
    File not found -- C:\WINDOWS\System32\kbdno.dll
    File not found -- C:\WINDOWS\System32\kbdnecNT.dll
    File not found -- C:\WINDOWS\System32\kbdnecAT.dll
    File not found -- C:\WINDOWS\System32\kbdnec95.dll
    File not found -- C:\WINDOWS\System32\kbdnec.dll
    File not found -- C:\WINDOWS\System32\kbdne.dll
    File not found -- C:\WINDOWS\System32\kbdmon.dll
    File not found -- C:\WINDOWS\System32\kbdmlt48.dll
    File not found -- C:\WINDOWS\System32\kbdmlt47.dll
    File not found -- C:\WINDOWS\System32\kbdmaori.dll
    File not found -- C:\WINDOWS\System32\kbdmac.dll
    File not found -- C:\WINDOWS\System32\kbdlv1.dll
    File not found -- C:\WINDOWS\System32\kbdlv.dll
    File not found -- C:\WINDOWS\System32\kbdlt1.dll
    File not found -- C:\WINDOWS\System32\kbdlt.dll
    File not found -- C:\WINDOWS\System32\kbdlk41j.dll
    File not found -- C:\WINDOWS\System32\kbdlk41a.dll
    File not found -- C:\WINDOWS\System32\kbdla.dll
    File not found -- C:\WINDOWS\System32\kbdkyr.dll
    File not found -- C:\WINDOWS\System32\kbdkor.dll
    File not found -- C:\WINDOWS\System32\kbdkaz.dll
    File not found -- C:\WINDOWS\System32\kbdjpn.dll
    File not found -- C:\WINDOWS\System32\kbdit142.dll
    File not found -- C:\WINDOWS\System32\kbdit.dll
    File not found -- C:\WINDOWS\System32\kbdir.dll
    File not found -- C:\WINDOWS\System32\kbdinmal.dll
    File not found -- C:\WINDOWS\System32\kbdinben.dll
    File not found -- C:\WINDOWS\System32\kbdinbe1.dll
    File not found -- C:\WINDOWS\System32\kbdic.dll
    File not found -- C:\WINDOWS\System32\kbdibm02.dll
    File not found -- C:\WINDOWS\System32\kbdhu1.dll
    File not found -- C:\WINDOWS\System32\kbdhu.dll
    File not found -- C:\WINDOWS\System32\kbdhept.dll
    File not found -- C:\WINDOWS\System32\kbdhela3.dll
    File not found -- C:\WINDOWS\System32\kbdhela2.dll
    File not found -- C:\WINDOWS\System32\kbdhe319.dll
    File not found -- C:\WINDOWS\System32\kbdhe220.dll
    File not found -- C:\WINDOWS\System32\kbdhe.dll
    File not found -- C:\WINDOWS\System32\kbdgr1.dll
    File not found -- C:\WINDOWS\System32\kbdgr.dll
    File not found -- C:\WINDOWS\System32\kbdgkl.dll
    File not found -- C:\WINDOWS\System32\kbdgae.dll
    File not found -- C:\WINDOWS\System32\kbdfr.dll
    File not found -- C:\WINDOWS\System32\kbdfo.dll
    File not found -- C:\WINDOWS\System32\kbdfi1.dll
    File not found -- C:\WINDOWS\System32\kbdfi.dll
    File not found -- C:\WINDOWS\System32\kbdfc.dll
    File not found -- C:\WINDOWS\System32\kbdest.dll
    File not found -- C:\WINDOWS\System32\kbdes.dll
    File not found -- C:\WINDOWS\System32\kbddv.dll
    File not found -- C:\WINDOWS\System32\kbdda.dll
    File not found -- C:\WINDOWS\System32\kbdcz2.dll
    File not found -- C:\WINDOWS\System32\kbdcz1.dll
    File not found -- C:\WINDOWS\System32\kbdcz.dll
    File not found -- C:\WINDOWS\System32\kbdcr.dll
    File not found -- C:\WINDOWS\System32\kbdcan.dll
    File not found -- C:\WINDOWS\System32\kbdca.dll
    File not found -- C:\WINDOWS\System32\kbdbu.dll
    File not found -- C:\WINDOWS\System32\kbdbr.dll
    File not found -- C:\WINDOWS\System32\kbdblr.dll
    File not found -- C:\WINDOWS\System32\kbdbene.dll
    File not found -- C:\WINDOWS\System32\kbdbe.dll
    File not found -- C:\WINDOWS\System32\kbdazel.dll
    File not found -- C:\WINDOWS\System32\kbdaze.dll
    File not found -- C:\WINDOWS\System32\kbdax2.dll
    File not found -- C:\WINDOWS\System32\KBDAL.DLL
    File not found -- C:\WINDOWS\System32\kbd106n.dll
    File not found -- C:\WINDOWS\System32\kbd106.dll
    File not found -- C:\WINDOWS\System32\kbd103.dll
    File not found -- C:\WINDOWS\System32\kbd101c.dll
    File not found -- C:\WINDOWS\System32\kbd101b.dll
    File not found -- C:\WINDOWS\System32\kbd101a.dll
    File not found -- C:\WINDOWS\System32\kbd101.dll
    File not found -- C:\WINDOWS\System32\jsproxy.dll
    File not found -- C:\WINDOWS\System32\jscript.dll
    File not found -- C:\WINDOWS\System32\joy.cpl
    File not found -- C:\WINDOWS\System32\jobexec.dll
    File not found -- C:\WINDOWS\System32\JGST500.DLL
    File not found -- C:\WINDOWS\System32\JGSM500.DLL
    File not found -- C:\WINDOWS\System32\jgsh400.dll
    File not found -- C:\WINDOWS\System32\jgsd400.dll
    File not found -- C:\WINDOWS\System32\JGS1500.DLL
    File not found -- C:\WINDOWS\System32\JGPP500.DLL
    File not found -- C:\WINDOWS\System32\JGPL500.DLL
    File not found -- C:\WINDOWS\System32\jgpl400.dll
    File not found -- C:\WINDOWS\System32\JGPD500.DLL
    File not found -- C:\WINDOWS\System32\JGOS500.DLL
    File not found -- C:\WINDOWS\System32\JGMP500.DLL
    File not found -- C:\WINDOWS\System32\JGMK500.DLL
    File not found -- C:\WINDOWS\System32\JGMI500.DLL
    File not found -- C:\WINDOWS\System32\JGME500.DLL
    File not found -- C:\WINDOWS\System32\jgmd400.dll
    File not found -- C:\WINDOWS\System32\JGMC500.DLL
    File not found -- C:\WINDOWS\System32\JGIT500.DLL
    File not found -- C:\WINDOWS\System32\JGIQ500.DLL
    File not found -- C:\WINDOWS\System32\JGIP500.DLL
    File not found -- C:\WINDOWS\System32\JGID500.DLL
    File not found -- C:\WINDOWS\System32\JGEW500.DLL
    File not found -- C:\WINDOWS\System32\JGEM500.DLL
    File not found -- C:\WINDOWS\System32\JGED500.DLL
    File not found -- C:\WINDOWS\System32\JGEA500.DLL
    File not found -- C:\WINDOWS\System32\JGDW500.DLL
    File not found -- C:\WINDOWS\System32\jgdw400.dll
    File not found -- C:\WINDOWS\System32\JGDR500.DLL
    File not found -- C:\WINDOWS\System32\jgaw400.dll
    File not found -- C:\WINDOWS\System32\JGAU500.DLL
    File not found -- C:\WINDOWS\System32\JGAR500.DLL
    File not found -- C:\WINDOWS\System32\JGAE500.DLL
    File not found -- C:\WINDOWS\System32\JGAD500.DLL
    File not found -- C:\WINDOWS\System32\JGA1500.DLL
    File not found -- C:\WINDOWS\System32\JGA0500.DLL
    File not found -- C:\WINDOWS\System32\jet500.dll
    File not found -- C:\WINDOWS\System32\jdns_sd.dll
    File not found -- C:\WINDOWS\System32\javaws.exe
    File not found -- C:\WINDOWS\System32\javaw.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\JavaSetup6u31.exe
    File not found -- C:\WINDOWS\System32\javacpl.cpl
    File not found -- C:\WINDOWS\System32\java.exe
    File not found -- C:\WINDOWS\System32\iyuv_32.dll
    File not found -- C:\WINDOWS\System32\ixsso.dll
    File not found -- C:\WINDOWS\System32\ivfsrc.ax
    File not found -- C:\WINDOWS\System32\iuengine.dll
    File not found -- C:\WINDOWS\System32\itusbcore.dat
    File not found -- C:\Documents and Settings\dolsen\Desktop\iTunesSetup.exe
    File not found -- C:\WINDOWS\System32\itss.dll
    File not found -- C:\WINDOWS\System32\itlsvc.dat
    File not found -- C:\WINDOWS\System32\itircl.dll
    File not found -- C:\WINDOWS\System32\ISUSPM.cpl
    File not found -- C:\WINDOWS\IsUninst.exe
    File not found -- C:\WINDOWS\System32\isrdbg32.dll
    File not found -- C:\WINDOWS\System32\isign32.dll
    File not found -- C:\WINDOWS\System32\irprops.cpl
    File not found -- C:\WINDOWS\System32\irclass.dll
    File not found -- C:\WINDOWS\System32\ir50_qcx.dll
    File not found -- C:\WINDOWS\System32\ir50_qc.dll
    File not found -- C:\WINDOWS\System32\ir50_32.dll
    File not found -- C:\WINDOWS\System32\ir41_qcx.dll
    File not found -- C:\WINDOWS\System32\ir41_qc.dll
    File not found -- C:\WINDOWS\System32\ir41_32.ax
    File not found -- C:\WINDOWS\System32\ipxwan.dll
    File not found -- C:\WINDOWS\System32\ipxsap.dll
    File not found -- C:\WINDOWS\System32\ipxrtmgr.dll
    File not found -- C:\WINDOWS\System32\ipxroute.exe
    File not found -- C:\WINDOWS\System32\ipxrip.dll
    File not found -- C:\WINDOWS\System32\ipxpromn.dll
    File not found -- C:\WINDOWS\System32\ipxmontr.dll
    File not found -- C:\WINDOWS\System32\ipv6mon.dll
    File not found -- C:\WINDOWS\System32\ipv6.exe
    File not found -- C:\WINDOWS\System32\ipsmsnap.dll
    File not found -- C:\WINDOWS\System32\ipsink.ax
    File not found -- C:\WINDOWS\System32\ipsecsvc.dll
    File not found -- C:\WINDOWS\System32\ipsecsnp.dll
    File not found -- C:\WINDOWS\System32\ipsec6.exe
    File not found -- C:\WINDOWS\System32\iprtrmgr.dll
    File not found -- C:\WINDOWS\System32\iprtprio.dll
    File not found -- C:\WINDOWS\System32\iprop.dll
    File not found -- C:\WINDOWS\System32\ippromon.dll
    File not found -- C:\WINDOWS\System32\ipnathlp.dll
    File not found -- C:\WINDOWS\System32\ipmontr.dll
    File not found -- C:\WINDOWS\System32\iPlotLibrary.ocx
    File not found -- C:\WINDOWS\System32\iphlpapi.dll
    File not found -- C:\WINDOWS\System32\ipconfig.exe
    File not found -- C:\WINDOWS\System32\ipconf.tsp
    File not found -- C:\WINDOWS\System32\iologmsg.dll
    File not found -- C:\WINDOWS\System32\intl.cpl
    File not found -- C:\WINDOWS\System32\instcat.sql
    File not found -- C:\WINDOWS\System32\InstallUtil.InstallLog
    File not found -- C:\WINDOWS\System32\inseng.dll
    File not found -- C:\WINDOWS\System32\input.dll
    File not found -- C:\WINDOWS\System32\INKED.DLL
    File not found -- C:\WINDOWS\System32\initpki.dll
    File not found -- C:\WINDOWS\System32\infosoft.dll
    File not found -- C:\WINDOWS\System32\infocardcpl.cpl
    File not found -- C:\WINDOWS\System32\infocardapi.dll
    File not found -- C:\WINDOWS\System32\inetres.dll
    File not found -- C:\WINDOWS\System32\inetppui.dll
    File not found -- C:\WINDOWS\System32\inetpp.dll
    File not found -- C:\WINDOWS\System32\inetmib1.dll
    File not found -- C:\WINDOWS\System32\inetcplc.dll
    File not found -- C:\WINDOWS\System32\inetcpl.cpl
    File not found -- C:\WINDOWS\System32\inetcomm.dll
    File not found -- C:\WINDOWS\System32\InetClnt.dll
    File not found -- C:\WINDOWS\System32\inetcfg.dll
    File not found -- C:\WINDOWS\imsins.BAK
    File not found -- C:\Program Files\IMPLODE.DLL
    File not found -- C:\WINDOWS\System32\imm32.dll
    File not found -- C:\WINDOWS\System32\imjp81k.dll
    File not found -- C:\WINDOWS\System32\imjp81.ime
    File not found -- C:\WINDOWS\System32\imgutil.dll
    File not found -- C:\WINDOWS\System32\imeshare.dll
    File not found -- C:\WINDOWS\System32\imekr61.ime
    File not found -- C:\WINDOWS\System32\imapi.exe
    File not found -- C:\WINDOWS\System32\ImageServerMI.dll
    File not found -- C:\WINDOWS\System32\imagehlp.dll
    File not found -- C:\WINDOWS\System32\imaadp32.acm
    File not found -- C:\WINDOWS\System32\ils.dll
    File not found -- C:\WINDOWS\System32\iissuba.dll
    File not found -- C:\WINDOWS\System32\igxpxs32.vp
    File not found -- C:\WINDOWS\System32\igxpxk32.vp
    File not found -- C:\WINDOWS\System32\igxpxa32.vp
    File not found -- C:\WINDOWS\System32\igxpxa32.cpa
    File not found -- C:\WINDOWS\System32\igmpagnt.dll
    File not found -- C:\WINDOWS\System32\iglicd32.dll
    File not found -- C:\WINDOWS\System32\igldev32.dll
    File not found -- C:\WINDOWS\System32\igfxzoom.exe
    File not found -- C:\WINDOWS\System32\igfxsrvc.dll
    File not found -- C:\WINDOWS\System32\igfxrtrk.lrc
    File not found -- C:\WINDOWS\System32\igfxrtha.lrc
    File not found -- C:\WINDOWS\System32\igfxrsve.lrc
    File not found -- C:\WINDOWS\System32\igfxrrus.lrc
    File not found -- C:\WINDOWS\System32\igfxrptg.lrc
    File not found -- C:\WINDOWS\System32\igfxrptb.lrc
    File not found -- C:\WINDOWS\System32\igfxrplk.lrc
    File not found -- C:\WINDOWS\System32\igfxrnor.lrc
    File not found -- C:\WINDOWS\System32\igfxrnld.lrc
    File not found -- C:\WINDOWS\System32\igfxrkor.lrc
    File not found -- C:\WINDOWS\System32\igfxrjpn.lrc
    File not found -- C:\WINDOWS\System32\igfxrita.lrc
    File not found -- C:\WINDOWS\System32\igfxrhun.lrc
    File not found -- C:\WINDOWS\System32\igfxrheb.lrc
    File not found -- C:\WINDOWS\System32\igfxrfra.lrc
    File not found -- C:\WINDOWS\System32\igfxrfin.lrc
    File not found -- C:\WINDOWS\System32\igfxress.dll
    File not found -- C:\WINDOWS\System32\igfxresp.lrc
    File not found -- C:\WINDOWS\System32\igfxres.dll
    File not found -- C:\WINDOWS\System32\igfxrenu.lrc
    File not found -- C:\WINDOWS\System32\igfxrell.lrc
    File not found -- C:\WINDOWS\System32\igfxrdeu.lrc
    File not found -- C:\WINDOWS\System32\igfxrdan.lrc
    File not found -- C:\WINDOWS\System32\igfxrcsy.lrc
    File not found -- C:\WINDOWS\System32\igfxrcht.lrc
    File not found -- C:\WINDOWS\System32\igfxrchs.lrc
    File not found -- C:\WINDOWS\System32\igfxrara.lrc
    File not found -- C:\WINDOWS\System32\igfxpph.dll
    File not found -- C:\WINDOWS\System32\igfxexps.dll
    File not found -- C:\WINDOWS\System32\igfxcpl.cpl
    File not found -- C:\WINDOWS\System32\igfxcfg.exe
    File not found -- C:\WINDOWS\System32\ifsutil.dll
    File not found -- C:\WINDOWS\System32\ifmon.dll
    File not found -- C:\WINDOWS\System32\iexpress.exe
    File not found -- C:\WINDOWS\System32\ieuinit.inf
    File not found -- C:\WINDOWS\System32\ieui.dll
    File not found -- C:\WINDOWS\System32\ieudinit.exe
    File not found -- C:\WINDOWS\System32\iesetup.dll
    File not found -- C:\WINDOWS\System32\iertutil.dll
    File not found -- C:\WINDOWS\System32\iernonce.dll
    File not found -- C:\WINDOWS\System32\iepeers.dll
    File not found -- C:\WINDOWS\System32\ieframe.dll.mui
    File not found -- C:\WINDOWS\System32\ieframe.dll
    File not found -- C:\WINDOWS\System32\iedkcs32.dll.mui
    File not found -- C:\WINDOWS\System32\iedkcs32.dll
    File not found -- C:\WINDOWS\System32\ieapfltr.dll
    File not found -- C:\WINDOWS\System32\ieapfltr.dat
    File not found -- C:\WINDOWS\System32\ieakui.dll
    File not found -- C:\WINDOWS\System32\ieaksie.dll
    File not found -- C:\WINDOWS\System32\ieakeng.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\IE8-WindowsXP-x86-ENU.exe
    File not found -- C:\WINDOWS\System32\IE8Eula.rtf
    File not found -- C:\WINDOWS\System32\ie4uinit.exe.mui
    File not found -- C:\WINDOWS\System32\ie4uinit.exe
    File not found -- C:\WINDOWS\System32\idq.dll
    File not found -- C:\WINDOWS\System32\idndl.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\Identrust.pfx
    File not found -- C:\WINDOWS\System32\icwphbk.dll
    File not found -- C:\WINDOWS\System32\icwdial.dll
    File not found -- C:\WINDOWS\System32\icrav03.rat
    File not found -- C:\WINDOWS\System32\icmui.dll
    File not found -- C:\WINDOWS\System32\icmp.dll
    File not found -- C:\WINDOWS\System32\icm32.dll
    File not found -- C:\WINDOWS\System32\icfgnt5.dll
    File not found -- C:\WINDOWS\System32\iccvid.dll
    File not found -- C:\WINDOWS\System32\icardres.dll.mui
    File not found -- C:\WINDOWS\System32\icardres.dll
    File not found -- C:\WINDOWS\System32\icardie.dll
    File not found -- C:\WINDOWS\System32\icardagt.exe
    File not found -- C:\WINDOWS\System32\icaapi.dll
    File not found -- C:\WINDOWS\System32\Iasv32(2).dll
    File not found -- C:\WINDOWS\System32\iassvcs.dll
    File not found -- C:\WINDOWS\System32\iassdo.dll
    File not found -- C:\WINDOWS\System32\iassam.dll
    File not found -- C:\WINDOWS\System32\iasrecst.dll
    File not found -- C:\WINDOWS\System32\iasrad.dll
    File not found -- C:\WINDOWS\System32\iaspolcy.dll
    File not found -- C:\WINDOWS\System32\iasnap.dll
    File not found -- C:\WINDOWS\System32\iashlpr.dll
    File not found -- C:\WINDOWS\System32\iasads.dll
    File not found -- C:\WINDOWS\System32\iasacct.dll
    File not found -- C:\WINDOWS\System32\ialmrnt5.dll
    File not found -- C:\WINDOWS\System32\ialmrem.dll
    File not found -- C:\WINDOWS\System32\ialmdnt5.dll
    File not found -- C:\WINDOWS\System32\ialmdev5.dll
    File not found -- C:\WINDOWS\System32\ialmdd5.dll
    File not found -- C:\WINDOWS\System32\iAlmCoIn_v4446.dll
    File not found -- C:\WINDOWS\System32\iac25_32.ax
    File not found -- C:\WINDOWS\System32\hypertrm.dll
    File not found -- C:\WINDOWS\System32\htui.dll
    File not found -- C:\WINDOWS\System32\httpapi.dll
    File not found -- C:\WINDOWS\System32\html.iec
    File not found -- C:\WINDOWS\System32\hticons.dll
    File not found -- C:\WINDOWS\System32\hotplug.dll
    File not found -- C:\WINDOWS\System32\hostname.exe
    File not found -- C:\Program Files\HoopsManager.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\Honda_XR80R_XR100R_Factory_Service_Manual.torrent
    File not found -- C:\WINDOWS\System32\homepage.inf
    File not found -- C:\WINDOWS\System32\hnetwiz.dll
    File not found -- C:\WINDOWS\System32\hnetmon.dll
    File not found -- C:\WINDOWS\System32\hnetcfg.dll
    File not found -- C:\WINDOWS\System32\Hlp95en.dll
    File not found -- C:\WINDOWS\System32\hlink.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\HJTInstall.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\HijackThis.lnk
    File not found -- C:\WINDOWS\System32\hidserv.dll
    File not found -- C:\WINDOWS\System32\hidphone.tsp
    File not found -- C:\WINDOWS\System32\hid.dll
    File not found -- C:\WINDOWS\System32\hhsetup.dll
    File not found -- C:\WINDOWS\System32\hhctrl.ocx
    File not found -- C:\WINDOWS\System32\HHActiveX.dll
    File not found -- C:\WINDOWS\hh.exe
    File not found -- C:\WINDOWS\System32\help.exe
    File not found -- C:\WINDOWS\System32\hdwwiz.cpl
    File not found -- C:\WINDOWS\System32\hdimon.dll
    File not found -- C:\WINDOWS\System32\Hdaudpropshortcut.exe
    File not found -- C:\WINDOWS\System32\Hdaudpropres.dll
    File not found -- C:\WINDOWS\System32\Hdaudprop.dll
    File not found -- C:\WINDOWS\System32\hccutils.dll
    File not found -- C:\WINDOWS\System32\hccoin.dll
    File not found -- C:\WINDOWS\System32\HAL.DLL
    File not found -- C:\WINDOWS\System32\h323msp.dll
    File not found -- C:\WINDOWS\System32\h323.tsp
    File not found -- C:\Documents and Settings\All Users\Desktop\H&R Block 2011.lnk
    File not found -- C:\Program Files\GTOL.SYM
    File not found -- C:\WINDOWS\System32\GTKCMOS.sys
    File not found -- C:\WINDOWS\System32\GTDownDE_130.ocx
    File not found -- C:\WINDOWS\System32\grpconv.exe
    File not found -- C:\WINDOWS\grep.exe
    File not found -- C:\WINDOWS\Greenstone.bmp
    File not found -- C:\Program Files\GraphicsCardInfo.xml
    File not found -- C:\WINDOWS\System32\graphics.pro
    File not found -- C:\WINDOWS\System32\graftabl.com
    File not found -- C:\WINDOWS\System32\gpupdate.exe
    File not found -- C:\WINDOWS\System32\gptext.dll
    File not found -- C:\WINDOWS\System32\gpresult.exe
    File not found -- C:\WINDOWS\System32\gpkrsrc.dll
    File not found -- C:\WINDOWS\System32\gpkcsp.dll
    File not found -- C:\WINDOWS\System32\gpedit.msc
    File not found -- C:\WINDOWS\System32\gpedit.dll
    File not found -- C:\WINDOWS\System32\GPCIEnum.sys
    File not found -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608UA.job
    File not found -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-179605362-725345543-1608Core.job
    File not found -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    File not found -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    File not found -- C:\WINDOWS\Gone Fishing.bmp
    File not found -- C:\WINDOWS\System32\glu32.dll
    File not found -- C:\WINDOWS\System32\glmf32.dll
    File not found -- C:\WINDOWS\System32\getuname.dll
    File not found -- C:\WINDOWS\System32\getmac.exe
    File not found -- C:\WINDOWS\System32\gdiplus.dll
    File not found -- C:\WINDOWS\System32\gdi32.dll
    File not found -- C:\WINDOWS\System32\gdi.exe
    File not found -- C:\WINDOWS\System32\gcdef.dll
    File not found -- C:\WINDOWS\System32\g711codc.ax
    File not found -- C:\WINDOWS\System32\fxsxp32.dll
    File not found -- C:\WINDOWS\System32\fxswzrd.dll
    File not found -- C:\WINDOWS\System32\fxsui.dll
    File not found -- C:\WINDOWS\System32\fxstiff.dll
    File not found -- C:\WINDOWS\System32\fxst30.dll
    File not found -- C:\WINDOWS\System32\fxssvc.exe
    File not found -- C:\WINDOWS\System32\fxsst.dll
    File not found -- C:\WINDOWS\System32\fxssend.exe
    File not found -- C:\WINDOWS\System32\fxsroute.dll
    File not found -- C:\WINDOWS\System32\fxsres.dll
    File not found -- C:\WINDOWS\System32\fxsperf.ini
    File not found -- C:\WINDOWS\System32\fxsperf.dll
    File not found -- C:\WINDOWS\System32\fxsmon.dll
    File not found -- C:\WINDOWS\System32\fxsext32.dll
    File not found -- C:\WINDOWS\System32\fxsevent.dll
    File not found -- C:\WINDOWS\System32\fxsdrv.dll
    File not found -- C:\WINDOWS\System32\fxscover.exe
    File not found -- C:\WINDOWS\System32\fxscount.h
    File not found -- C:\WINDOWS\System32\fxscomex.dll
    File not found -- C:\WINDOWS\System32\fxscom.dll
    File not found -- C:\WINDOWS\System32\fxsclntR.dll
    File not found -- C:\WINDOWS\System32\fxsclnt.exe
    File not found -- C:\WINDOWS\System32\fxscfgwz.dll
    File not found -- C:\WINDOWS\System32\fxsapi.dll
    File not found -- C:\WINDOWS\System32\fwcfg.dll
    File not found -- C:\Documents and Settings\dolsen\Local Settings\Application Data\fusioncache.dat
    File not found -- C:\WINDOWS\System32\ftsrch.dll
    File not found -- C:\WINDOWS\System32\FTPWPP.DLL
    File not found -- C:\WINDOWS\System32\ftp.exe
    File not found -- C:\WINDOWS\System32\fsutil.exe
    File not found -- C:\WINDOWS\System32\fsusd.dll
    File not found -- C:\WINDOWS\System32\fsquirt.exe
    File not found -- C:\WINDOWS\System32\fsmgmt.msc
    File not found -- C:\WINDOWS\System32\freecell.exe
    File not found -- C:\WINDOWS\System32\framebuf.dll
    File not found -- C:\Documents and Settings\dolsen\My Documents\Frame.pdf
    File not found -- C:\WINDOWS\System32\FPWPP.DLL
    File not found -- C:\WINDOWS\System32\format.com
    File not found -- C:\WINDOWS\System32\forcedos.exe
    File not found -- C:\WINDOWS\System32\fontview.exe
    File not found -- C:\WINDOWS\System32\fontsub.dll
    File not found -- C:\WINDOWS\System32\fontext.dll
    File not found -- C:\WINDOWS\System32\FNTCACHE.DAT
    File not found -- C:\WINDOWS\System32\fmifs.dll
    File not found -- C:\WINDOWS\System32\FM20ENU.DLL
    File not found -- C:\WINDOWS\System32\FM20.DLL
    File not found -- C:\WINDOWS\System32\fltMc.exe
    File not found -- C:\WINDOWS\System32\fltlib.dll
    File not found -- C:\WINDOWS\System32\fldrclnr.dll
    File not found -- C:\WINDOWS\System32\fixmapi.exe
    File not found -- C:\WINDOWS\System32\firewall.cpl
    File not found -- C:\WINDOWS\System32\finger.exe
    File not found -- C:\WINDOWS\System32\findstr.exe
    File not found -- C:\WINDOWS\System32\find.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\FinalMediaPlayer.lnk
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
    File not found -- C:\WINDOWS\System32\filemgmt.dll
    File not found -- C:\WINDOWS\System32\feclient.dll
    File not found -- C:\WINDOWS\FeatherTexture.bmp
    File not found -- C:\WINDOWS\System32\fdeploy.dll
    File not found -- C:\WINDOWS\System32\fde.dll
    File not found -- C:\WINDOWS\System32\fc.exe
    File not found -- C:\WINDOWS\System32\faultrep.dll
    File not found -- C:\WINDOWS\System32\f3ahvoas.dll
    File not found -- C:\WINDOWS\System32\exts.dll
    File not found -- C:\WINDOWS\System32\extrac32.exe
    File not found -- C:\WINDOWS\System32\extmgr.dll
    File not found -- C:\WINDOWS\System32\expsrv.dll
    File not found -- C:\WINDOWS\explorer.scf
    File not found -- C:\WINDOWS\explorer.exe
    File not found -- C:\WINDOWS\System32\expand.exe
    File not found -- C:\WINDOWS\System32\evr.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\Everybody Is Someone Else's Secret.mp3
    File not found -- C:\WINDOWS\System32\eventvwr.msc
    File not found -- C:\WINDOWS\System32\eventvwr.exe
    File not found -- C:\WINDOWS\System32\eventtriggers.exe
    File not found -- C:\WINDOWS\System32\eventquery.vbs
    File not found -- C:\WINDOWS\System32\eventlog.dll
    File not found -- C:\WINDOWS\System32\eventcreate.exe
    File not found -- C:\WINDOWS\System32\eventcls.dll
    File not found -- C:\WINDOWS\System32\eudcedit.exe
    File not found -- C:\WINDOWS\System32\esentutl.exe
    File not found -- C:\WINDOWS\System32\esentprf.hxx
    File not found -- C:\WINDOWS\System32\esentprf.dll
    File not found -- C:\WINDOWS\System32\esent97.dll
    File not found -- C:\WINDOWS\System32\esent.dll
    File not found -- C:\WINDOWS\System32\es.dll
    File not found -- C:\WINDOWS\System32\ersvc.dll
    File not found -- C:\WINDOWS\System32\EqnClass.Dll
    File not found -- C:\WINDOWS\System32\encapi.dll
    File not found -- C:\WINDOWS\System32\emsmtp.dll
    File not found -- C:\WINDOWS\System32\emptyregdb.dat
    File not found -- C:\Program Files\EModelXlator.dll
    File not found -- C:\Program Files\emodelviewer.exe.config
    File not found -- C:\Program Files\EModelViewer.exe
    File not found -- C:\Program Files\EModelView.dll
    File not found -- C:\Program Files\EModelUtilsVista.dll
    File not found -- C:\Program Files\EModelUtils.dll
    File not found -- C:\Program Files\EModelSWDisplayLists.dll
    File not found -- C:\Program Files\EModelReviewer.dll
    File not found -- C:\Program Files\EModelMDReader.dll
    File not found -- C:\Program Files\EModelExport.dll
    File not found -- C:\Program Files\EModelEx
    File not found -- C:\Program Files\EModelEventLog.dll
    File not found -- C:\Program Files\EModelAddIn_libFNP.dll
    File not found -- C:\Program Files\EModelAddIn.dll
    File not found -- C:\WINDOWS\System32\els.dll
    File not found -- C:\WINDOWS\System32\ega.cpi
    File not found -- C:\WINDOWS\System32\efsadu.dll
    File not found -- C:\Program Files\edrwthumbnailprovider.dll
    File not found -- C:\Program Files\eDrawingsGraphicsCardClient.tlb
    File not found -- C:\Program Files\eDrawingsGraphicsCardClient.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\eDrawingsEnglish.exe
    File not found -- C:\WINDOWS\eDrawingOfficeAutomator.INI
    File not found -- C:\Program Files\eDrawingOfficeAutomator.exe
    File not found -- C:\WINDOWS\System32\dxva2.dll
    File not found -- C:\WINDOWS\System32\dxtrans.dll
    File not found -- C:\WINDOWS\System32\dxtmsft.dll
    File not found -- C:\WINDOWS\System32\dxdiagn.dll
    File not found -- C:\WINDOWS\System32\dxdiag.exe
    File not found -- C:\WINDOWS\System32\dx8vb.dll
    File not found -- C:\WINDOWS\System32\dx7vb.dll
    File not found -- C:\WINDOWS\System32\dwwin.exe
    File not found -- C:\WINDOWS\System32\dvdupgrd.exe
    File not found -- C:\WINDOWS\System32\duser.dll
    File not found -- C:\WINDOWS\System32\dumprep.exe
    File not found -- C:\WINDOWS\System32\dswave.dll
    File not found -- C:\WINDOWS\System32\dsuiext.dll
    File not found -- C:\WINDOWS\System32\dssenh.dll
    File not found -- C:\WINDOWS\System32\dssec.dll
    File not found -- C:\WINDOWS\System32\dssec.dat
    File not found -- C:\WINDOWS\System32\dsprop.dll
    File not found -- C:\WINDOWS\System32\dsound3d.dll
    File not found -- C:\WINDOWS\System32\dsound.dll
    File not found -- C:\WINDOWS\System32\dskquoui.dll
    File not found -- C:\Documents and Settings\dolsen\Desktop\dmf_recreational_lobster_crab_guide.pdf
    File not found -- C:\WINDOWS\DLA.EXE
    File not found -- C:\WINDOWS\dell.bmp
    File not found -- C:\Documents and Settings\dolsen\My Documents\Default.rdp
    File not found -- C:\Documents and Settings\dolsen\Desktop\dds.scr
    File not found -- C:\Documents and Settings\dolsen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    File not found -- C:\WINDOWS\Ctregrun.exe
    File not found -- C:\WINDOWS\CtDrvIns.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\CSTO-A01-V01-SC1413-12.SLDASM
    File not found -- C:\WINDOWS\CSTBox.INI
    File not found -- C:\WINDOWS\System\COMMDLG.DLL
    File not found -- C:\Documents and Settings\dolsen\Desktop\ComboFix.exe
    File not found -- C:\WINDOWS\Coffee Bean.bmp
    File not found -- C:\WINDOWS\clock.avi
    File not found -- C:\Documents and Settings\dolsen\Desktop\clip_image002.gif
    File not found -- C:\Documents and Settings\dolsen\Desktop\ChargerReverseLightLocation.jpg
    File not found -- C:\Documents and Settings\dolsen\Desktop\Charger Tail Piece.jpg
    File not found -- C:\Documents and Settings\dolsen\Desktop\camper.jpg
    File not found -- C:\Documents and Settings\All Users\Desktop\Burn CDs & DVDs.lnk
    File not found -- C:\WINDOWS\bootstat.dat
    File not found -- C:\Documents and Settings\dolsen\Desktop\BoardingPass.pdf
    File not found -- C:\WINDOWS\Blue Lace 16.bmp
    File not found -- C:\Documents and Settings\dolsen\Desktop\BitTorrent-7.2.exe
    File not found -- C:\Documents and Settings\dolsen\My Documents\bike.pdf
    File not found -- C:\WINDOWS\System\AVIFILE.DLL
    File not found -- C:\WINDOWS\System\AVICAP.DLL
    File not found -- C:\Documents and Settings\All Users\Desktop\AutoCAD LT 2002.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\armagetronad-0.2.8.3.2.win32.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\Armagetron Advanced.lnk
    File not found -- C:\Documents and Settings\dolsen\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.6.lnk
    File not found -- C:\Documents and Settings\All Users\Desktop\American Greetings CreataCard Select 6.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\AirscrewPO.pdf
    File not found -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
    File not found -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 9 Standard.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\Add Remove Pro.lnk
    File not found -- C:\Documents and Settings\dolsen\Desktop\AdbeRdr930_en_US.exe
    File not found -- C:\Documents and Settings\dolsen\Desktop\acltstk.dmp
    File not found -- C:\Documents and Settings\dolsen\Desktop\aclt.err
    File not found -- C:\Documents and Settings\dolsen\Desktop\ACLDrive.ht
    File not found -- C:\Documents and Settings\dolsen\Desktop\4 speed.jpg
    File not found -- C:\Documents and Settings\dolsen\Desktop\2010 Olsen D Form 1040 Individual Tax Return.tax2010
    File not found -- C:\WINDOWS\_default.pif
    [2012/06/03 22:02:52 | 166,609,920 | ---- | M] () -- C:\archive.pst
    [2012/06/03 22:00:51 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/03 21:59:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
    [2012/06/03 18:03:23 | 000,102,190 | ---- | M] () -- C:\VETlog.dmp
    [2012/06/02 16:39:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
    [2012/06/02 16:39:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
    [2012/05/06 19:36:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini

    ========== Files Created - No Company Name ==========

    [2012/06/03 15:37:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/06/03 15:37:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/06/03 15:37:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/06/03 15:37:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/06/03 15:37:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/06/03 15:15:32 | 1063,378,944 | -HS- | C] () -- C:\hiberfil.sys
    [2012/05/28 20:08:14 | 000,036,919 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\camper.jpg
    [2012/05/28 14:59:48 | 000,154,969 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\4 speed.jpg
    [2012/05/27 08:02:47 | 000,045,497 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\Charger Tail Piece.jpg
    [2012/05/25 09:00:10 | 000,852,401 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\SecurityCheck.exe
    [2012/05/15 20:47:46 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\xp_scr_fix.zip
    [2012/05/15 20:33:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\xyd9mwlo.exe
    [2012/05/14 14:41:04 | 011,918,848 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\RE PRM.msg
    [2012/05/07 22:30:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/06 23:19:35 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\dolsen\Desktop\RE 97 Ford Probe - $1500 (Belmont).msg
    [2012/04/23 19:32:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\Iasv32(2).dll
    [2012/04/23 18:23:54 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
    [2012/04/23 18:23:54 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
    [2012/03/03 15:00:54 | 000,238,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2011/12/25 18:32:56 | 000,000,027 | ---- | C] () -- C:\WINDOWS\PHC705HD.ini
    [2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
    [2011/07/24 21:39:00 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
    [2010/09/23 11:05:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
    [2010/09/21 14:45:03 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
    [2010/07/15 07:29:26 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\dolsen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/07/02 05:40:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/06/24 17:40:30 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/06/14 12:53:02 | 001,785,416 | ---- | C] () -- C:\Program Files\GraphicsCardInfo.xml
    [2010/06/14 12:37:52 | 000,002,796 | ---- | C] () -- C:\Program Files\eDrawingsGraphicsCardClient.tlb
    [2010/06/14 11:55:10 | 000,004,072 | ---- | C] () -- C:\Program Files\emodelviewer.exe.config
    [2010/06/14 11:54:46 | 000,161,412 | ---- | C] () -- C:\Program Files\GTOL.SYM
    [2010/06/14 11:50:52 | 000,017,920 | ---- | C] () -- C:\Program Files\IMPLODE.DLL

    ========== LOP Check ==========

    [2011/11/11 17:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Armagetron
    [2010/07/17 12:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
    [2012/04/04 23:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F4D55EDB00052BCF000071D92830AC72
    [2010/10/04 10:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
    [2012/03/03 13:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
    [2012/06/02 13:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2007/04/24 10:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
    [2011/06/03 21:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2011/08/14 08:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\.minecraft
    [2011/11/11 17:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Armagetron
    [2010/04/12 14:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Autodesk
    [2010/11/22 12:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Canon
    [2010/09/23 11:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\EDrawings
    [2010/06/18 12:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Eltima Software
    [2010/07/15 08:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\FinalMediaPlayer
    [2011/01/21 19:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\Leadertech
    [2010/12/10 13:42:35 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\dolsen\Application Data\Microchip
    [2012/03/03 13:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dolsen\Application Data\TaxCut

    ========== Purity Check ==========


    < End of report >
     
  24. dolsen

    dolsen TS Enthusiast Topic Starter Posts: 102

    I never heard back from you on this?
     
  25. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I have been puzzling over the section in OTL for ========== Files - Modified Within 30 Days ==========

    There is a list of file not found entries which look to be about everything the OS shoud be running.
    For instance, one of the entries is for wupdmgr.exe. This is the Windows Update Manager.

    I'd like to check something out:
    Please run the MGA Diagnostics tool
    • You will be prompted to either “Run” or “Save” the tool. Choose to “Run” the tool and follow the on-screen prompts.
    • You will receive an Internet Explorer-Security Warning dialog box for the Windows Genuine Advantage Diagnostic Tool>
    • You must choose to Run this tool when prompted.
    • Once you are presented with the Diagnostics tool choose Continue to run the diagnostic report.
    • If the RESOLVE button is available after running the diagnostics, please click RESOLVE to allow the diagnostic tool to attempt a repair.
    • After running the MGA Diagnostic tool, click on the Windows tab and then click on Copy
    • Please return to this thread and Paste the results here for review.
    ------------------------------------------
    This tool will is to look on the computer itself, in the documentation you received with the computer or with your retail purchase of Windows to see if you have a Certificate of Authenticity (COA). If you have one, tell us about the COA. Tell us:

    1. What edition of Windows XP is it for, Home, Pro, or Media Center, or another version of Windows?
    2. Does it read "OEM Software" or "OEM Product" in black lettering?
    3. Or, does it have the computer manufacturer's name in black lettering?
    4. DO NOT post the Product Key.

    NOTE: The data collected with the Genuine Diagnostics Tool does NOT contain any information that can personally identify you and can be fully reviewed, by you, before being posted.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...