Inactive Task Mgr doesn't work, but does if re-named

Status
Not open for further replies.
B

BreCalmor

Posts: 12   +0
Subject says it all. It seems I have a bug, but how do I get rid of it and why the heck did SEP let it through???

It wouldn't let me paste everything here so the the DDS files are attached.

Running Windows 7 64 bit, so no GMER information.

Thanks !!
----------------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4645

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/18/2010 10:20:39 AM
mbam-log-2010-09-18 (10-20-39).txt

Scan type: Full scan (E:\|)
Objects scanned: 157394
Time elapsed: 10 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----------------------------------------------------------------------------------------------
 

Attachments

  • Attach.txt
    9.1 KB · Views: 0
  • DDS.txt
    28.4 KB · Views: 2
Welcome aboard
yahooo.gif


There is no perfect security program.

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

==========================================================================

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

  • Close browsers before scanning.
    Scan for tracking cookies.
    Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.
Post SUPERAntiSpyware log.

======================================================================

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1545
Logical Drives Mask: 0x0000302c

Kernel Drivers (total 161):
0x02A5F000 \SystemRoot\system32\ntoskrnl.exe
0x02A16000 \SystemRoot\system32\hal.dll
0x00B96000 \SystemRoot\system32\kdcom.dll
0x00C44000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C88000 \SystemRoot\system32\PSHED.dll
0x00C9C000 \SystemRoot\system32\CLFS.SYS
0x00CFA000 \SystemRoot\system32\CI.dll
0x00E25000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EC9000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED8000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F2F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F38000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F42000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F75000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F82000 \SystemRoot\System32\drivers\partmgr.sys
0x00F97000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FA0000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FAC000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x01050000 \SystemRoot\System32\drivers\volmgrx.sys
0x010AC000 \SystemRoot\System32\drivers\mountmgr.sys
0x010C6000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x011E2000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
0x00FC1000 \SystemRoot\system32\drivers\fileinfo.sys
0x011ED000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01251000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01406000 \SystemRoot\System32\Drivers\msrpc.sys
0x01464000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0147E000 \SystemRoot\System32\Drivers\cng.sys
0x014F1000 \SystemRoot\System32\drivers\pcw.sys
0x01502000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0150C000 \SystemRoot\system32\drivers\ndis.sys
0x016C2000 \SystemRoot\system32\drivers\NETIO.SYS
0x01722000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x0174D000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01799000 \SystemRoot\System32\Drivers\spldr.sys
0x017A1000 \SystemRoot\System32\drivers\rdyboost.sys
0x017DB000 \SystemRoot\System32\Drivers\mup.sys
0x017ED000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0163A000 \SystemRoot\system32\DRIVERS\disk.sys
0x01650000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02B31000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02B5B000 \SystemRoot\System32\Drivers\SRTSP64.SYS
0x03834000 \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100917.003\EX64.SYS
0x01200000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x03800000 \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100917.003\ENG64.SYS
0x03820000 \SystemRoot\System32\Drivers\SRTSPX64.SYS
0x039EE000 \SystemRoot\System32\Drivers\Null.SYS
0x039F7000 \SystemRoot\System32\Drivers\Beep.SYS
0x02BCF000 \SystemRoot\System32\drivers\vga.sys
0x0168E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02BDD000 \SystemRoot\System32\drivers\watchdog.sys
0x02BED000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02BF6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x016B3000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01236000 \SystemRoot\System32\Drivers\Msfs.SYS
0x00FD5000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03A00000 \SystemRoot\System32\drivers\tcpip.sys
0x03C79000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x03CC3000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03CE1000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03CEE000 \??\C:\Windows\system32\drivers\wpsdrvnt.sys
0x03D01000 \SystemRoot\system32\drivers\afd.sys
0x03D8B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03DD0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03DD9000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03C00000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03C16000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03C25000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03C40000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03EBF000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03F10000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03F1C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03F27000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x03F9D000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x03FC2000 \SystemRoot\System32\drivers\discache.sys
0x03FD1000 \SystemRoot\System32\Drivers\dfsc.sys
0x03FEF000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03E00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04689000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x08828000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0891C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x08962000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x0896F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x089C5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x089D6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x054DD000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x05B8A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05B97000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x05400000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0541E000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x0545A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05469000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05478000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0547D000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x05486000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0549C000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x054AC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x08800000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x054C2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04D88000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04DB7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04DD2000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04600000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0461A000 \SystemRoot\system32\DRIVERS\teefer2.sys
0x054CE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04640000 \SystemRoot\system32\DRIVERS\ks.sys
0x03E26000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03E38000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x03E92000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x070E1000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x0715C000 \SystemRoot\system32\DRIVERS\portcls.sys
0x07199000 \SystemRoot\system32\DRIVERS\drmk.sys
0x071BB000 \SystemRoot\system32\drivers\ksthunk.sys
0x071C1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02A00000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x071CF000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x071FD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x07000000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0701D000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x07057000 \SystemRoot\System32\Drivers\usbvideo.sys
0x07085000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x000C0000 \SystemRoot\System32\win32k.sys
0x070B0000 \SystemRoot\System32\drivers\Dxapi.sys
0x070BC000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004B0000 \SystemRoot\System32\TSDDD.dll
0x00780000 \SystemRoot\System32\cdd.dll
0x03C54000 \SystemRoot\system32\drivers\luafv.sys
0x00E00000 \SystemRoot\system32\drivers\WudfPf.sys
0x070CA000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x0247A000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x024CD000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x024E0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x024F8000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x02502000 \SystemRoot\System32\Drivers\fastfat.SYS
0x02538000 \SystemRoot\system32\drivers\HTTP.sys
0x02400000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0241E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02436000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03297000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x032E5000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x03308000 \SystemRoot\system32\drivers\peauth.sys
0x033AE000 \SystemRoot\System32\Drivers\secdrv.SYS
0x033B9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x033E6000 \SystemRoot\System32\drivers\tcpipreg.sys
0x03200000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07253000 \SystemRoot\System32\DRIVERS\srv.sys
0x072E9000 \??\C:\Windows\system32\drivers\WpsHelper.sys
0x77AF0000 \WINDOWS\System32\ntdll.dll
0x47630000 \WINDOWS\System32\smss.exe
0xFFE10000 \WINDOWS\System32\apisetschema.dll
0xFF0A0000 \WINDOWS\System32\autochk.exe
0x779F0000 \WINDOWS\System32\user32.dll
0xFFDE0000 \WINDOWS\System32\sechost.dll
0xFFDB0000 \WINDOWS\System32\imm32.dll
0xFFD60000 \WINDOWS\System32\Wldap32.dll
0xFFC90000 \WINDOWS\System32\usp10.dll
0xFFB80000 \WINDOWS\System32\msctf.dll
0xFFA50000 \WINDOWS\System32\rpcrt4.dll
0xFF840000 \WINDOWS\System32\ole32.dll

Processes (total 84):
0 System Idle Process
4 System
308 C:\WINDOWS\System32\smss.exe
416 csrss.exe
476 csrss.exe
484 C:\WINDOWS\System32\wininit.exe
540 C:\WINDOWS\System32\winlogon.exe
580 C:\WINDOWS\System32\services.exe
588 C:\WINDOWS\System32\lsass.exe
600 C:\WINDOWS\System32\lsm.exe
708 C:\WINDOWS\System32\svchost.exe
788 C:\WINDOWS\System32\svchost.exe
876 C:\WINDOWS\System32\svchost.exe
912 C:\WINDOWS\System32\svchost.exe
960 C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
344 C:\WINDOWS\System32\svchost.exe
428 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
1036 C:\WINDOWS\System32\svchost.exe
1088 C:\Program Files\Dell\DellDock\DockLogin.exe
1224 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
1384 C:\WINDOWS\System32\svchost.exe
1484 C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
1696 C:\WINDOWS\System32\spoolsv.exe
1804 C:\WINDOWS\System32\svchost.exe
1920 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteService.exe
1272 C:\WINDOWS\System32\lxeecoms.exe
1328 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
1176 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1260 C:\WINDOWS\System32\svchost.exe
1672 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
2068 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2132 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2500 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3056 C:\WINDOWS\System32\svchost.exe
2444 C:\WINDOWS\System32\taskhost.exe
1976 C:\WINDOWS\System32\svchost.exe
3196 C:\WINDOWS\System32\dwm.exe
3204 C:\WINDOWS\explorer.exe
3220 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
3596 C:\Program Files\DellTPad\Apoint.exe
3676 C:\Program Files\IDT\WDM\sttray64.exe
3852 C:\WINDOWS\System32\igfxtray.exe
3892 C:\Program Files\DellTPad\ApMsgFwd.exe
3956 C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
3980 C:\WINDOWS\System32\hkcmd.exe
3996 C:\WINDOWS\System32\igfxsrvc.exe
4032 C:\Program Files\DellTPad\ApntEx.exe
4056 C:\WINDOWS\System32\conhost.exe
3120 C:\Program Files\DellTPad\hidfind.exe
3316 C:\WINDOWS\System32\igfxpers.exe
276 C:\Program Files\Dell\QuickSet\quickset.exe
1100 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2788 C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
3476 C:\WINDOWS\System32\SearchIndexer.exe
1480 WmiPrvSE.exe
1000 C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
940 C:\WINDOWS\WindowsMobile\wmdc.exe
2432 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3992 C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
4060 C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
2780 C:\Program Files\Windows Media Player\wmpnetwk.exe
2804 C:\WINDOWS\System32\svchost.exe
3812 C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
3464 C:\Program Files (x86)\Palm\Hotsync.exe
2956 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2816 C:\Program Files\Dell\DellDock\DellDock.exe
1192 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
868 C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
1096 C:\Program Files (x86)\SyncBack\SyncBack.exe
3924 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
4192 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
4332 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5024 C:\Program Files (x86)\Internet Explorer\iexplore.exe
888 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
2732 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
656 C:\WINDOWS\System32\svchost.exe
5244 C:\WINDOWS\System32\svchost.exe
5612 dllhost.exe
1928 C:\WINDOWS\System32\audiodg.exe
592 C:\WINDOWS\System32\SearchProtocolHost.exe
3748 C:\WINDOWS\System32\SearchFilterHost.exe
3244 C:\WINDOWS\System32\SearchProtocolHost.exe
324 C:\Users\Sheri\Desktop\MBRCheck.exe
5240 C:\WINDOWS\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545032B9A300, Rev: PB3OC60S

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/19/2010 at 02:24 AM

Application Version : 4.43.1000

Core Rules Database Version : 5530
Trace Rules Database Version: 3342

Scan type : Complete Scan
Total Scan Time : 01:56:37

Memory items scanned : 335
Memory threats detected : 0
Registry items scanned : 15283
Registry threats detected : 0
File items scanned : 172050
File threats detected : 231

Adware.Tracking Cookie
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@a1.interclick[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.windowsmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@l1.qsstats[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.lucidmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.entrepreneur[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@atlas.entrepreneur[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.foodbuzz[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@windowsmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@chitika[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@swissknivesexpress[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.realtor[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.findstone[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tribalfusion[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@specificmedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@bizrate[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@findstone[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@interclick[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adinterax[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@samsclubus.pnimedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.lockedonmedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media6degrees[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@qnsr[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@collective-media[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@centralmediaserver[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.ak.facebook[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.shutterfly[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@traffic.prod.cobaltgroup[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@eas.apm.emediate[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ad1.clickhype[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@uk.sitestat[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@clicksor[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@liveperson[3].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ecnext.advertserve[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@euroclick[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@sitestats.ets[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.palminfocenter[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@trackalyzer[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@insightcruises[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@stats.townnews[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@track.bestbuy[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@invitemedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.discounttiredirect[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@myaccount.verizonwireless[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.backcountry[3].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.backcountry[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@eyewonder[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@mmstat[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@youporn[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@findagrave[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.associatedcontent[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@uk.sitestat[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.clickmanage[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@rinckadvertising[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.rinckadvertising[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.us.e-planning[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discounttire[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@backcountry[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@petfinder[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.foxnews[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@dc.tremormedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discounttiredirect[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.discountschoolsupply[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@v7.stats.load[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@stats.amnh[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@t.bbtrack[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discountschoolsupply[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.reason[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@findarticles[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.widgetbucks[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.foundry42[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@thefind[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.collegeconfidential[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@bannerads.wedalert[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.dsmmadvantage[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.lucidmedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@1.sharkadnetwork[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.toseeka[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@mediawebmonster[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.tnt[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@couponmountain[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@myaccounts.navyfcu[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.backcountry[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@clickaider[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.ez-tracks[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@kronos.bravenetmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media.mtvnservices[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@richmedia.yahoo[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wjlyqgcjwkq.stats.esomniture[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@pointroll[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.arbookfind[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.epitrack[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.undertone[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@intermundomedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@toseeka[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.gmodules[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@goodstats1[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ez-tracks[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.somd[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.foundry42[3].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discount-all-inclusive[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media.causes[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@sex-and-the-city[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.socialtrack[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ez-tracks.demdex[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discountofficeitems[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.freefoto[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@lucidmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adserver.onlinegames[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@nakedscience[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wgkyopd5mdp.stats.esomniture[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.nakedscience[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.decorati[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.stackoverflow[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@kanoodle[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.findgift[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@videos.mediaite[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads-dev.youporn[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.4shared[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.songlyrics[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@countryliving[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wmlowiczmeo.stats.esomniture[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@discountrubberstamps[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@find.t-mobile[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@zanox[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@urlb--collective-media--net.reachlocal[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@linksynergy.walmart[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.cnn[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@123stat[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.ourstage[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adxpose[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@liveperson[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media.expedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@revsci[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@precisionclick[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@trafficmp[3].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ad.wsod[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ad.yieldmanager[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ad.wikinvest[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media.adfrontiers[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@advertising[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@doubleclick[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@pro-market[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@find.hamptonroads[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@fr.sitestat[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.raasnet[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@gotquestions[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.jartrack[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.petfinder[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@sales.liveperson[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@imrworldwide[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@advertise[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.incentaclick[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@burstnet[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@in.getclicky[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@a2zwordfinder[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@atdmt[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adserving.autotrader[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.pointroll[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adv.dmv[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.williamsburgmarketplace[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@statcounter[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wjl4olazeep.stats.esomniture[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@steelhousemedia[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.telegraph.co[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@hornymatches[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.burstbeacon[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@stats.townnews[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@urlcdn--at--atwola--com.reachlocal[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@burstbeacon[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@apmebf[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.questionhub[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@mediabrandsww[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adserving.contextualmarketplace[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@zedomax[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@myaccountsaws.navyfcu[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.intergi[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.backcountry[4].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@advertising.sheknows[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adserver.cjrwbeta[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wfkialdjihp.stats.esomniture[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@bs.serving-sys[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@media.legacy[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@beacon.dmsinsights[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@adbrite[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@stats.paypal[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.index-stats[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@incentaclick[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wfmyqgdzaao.stats.esomniture[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@sftrack.searchforce[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@zedo[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.like[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@lockedonmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@urlleadback--advertising--com.reachlocal[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@digimetrix.advertserve[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[10].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@pluckit.demandmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6wjkycpazwko.stats.esomniture[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[6].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.neudesicmediagroup[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@track.prize-wave[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@mediaplex[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@questionmarket[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.meredithads[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@r.unicornmedia[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@metroleap.rotator.hadj7.adjuggler[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@multimedialearning[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[3].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.roiserver[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[11].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@cozi.adbureau[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ad.adlantis[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@legolas-media[2].txt
 
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@w3counter[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@flightstats[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e1.cdn.qnsr[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@e-2dj6aekiwldjofp.stats.esomniture[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.googleadservices[9].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.simonandschuster[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.burstnet[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@tracking.admarketplace[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.gotquestions[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@ads.pubmatic[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@serving-sys[2].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@hippocounter[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@specificclick[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@edgeadx[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@snapfish.112.2o7[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@www.countryliving[1].txt
C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Cookies\sheri@fastclick[1].txt
 
OTL logfile created on: 9/18/2010 6:26:05 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Sheri\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 184.16 Gb Free Space | 64.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1863.01 Gb Total Space | 52.06 Gb Free Space | 2.79% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 931.51 Gb Total Space | 44.23 Gb Free Space | 4.75% Space Free | Partition Type: NTFS
Drive N: | 931.51 Gb Total Space | 44.23 Gb Free Space | 4.75% Space Free | Partition Type: NTFS

Computer Name: SHERI-PC
Current User Name: Sheri
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/18 18:24:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\OTL.exe
PRC - [2010/05/14 18:45:40 | 003,016,960 | ---- | M] (2BrightSparks) -- C:\Program Files (x86)\SyncBack\SyncBack.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/26 20:23:24 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/04/03 16:44:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/01/18 10:51:22 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
PRC - [2010/01/18 10:51:20 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
PRC - [2009/12/03 16:52:32 | 001,980,560 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2009/12/03 16:52:32 | 000,670,864 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2009/09/17 18:56:58 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/09/17 18:55:12 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2009/07/08 20:14:40 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/07/08 20:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/06/24 22:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/24 18:31:44 | 001,942,792 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2009/06/24 18:31:44 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2009/06/24 18:31:22 | 002,368,776 | ---- | M] (Sensible Vision ) -- c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2009/06/18 23:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/09 12:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 10:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 10:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/01/03 18:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc) -- C:\Program Files (x86)\Palm\Hotsync.exe
PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe


========== Modules (SafeList) ==========

MOD - [2010/09/18 18:24:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\OTL.exe
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/04/14 19:01:38 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV:64bit: - [2010/01/07 15:20:39 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeecoms.exe -- (lxee_device)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/06/09 12:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/31 16:04:13 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 09:45:27 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/01/07 15:20:28 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeecoms.exe -- (lxee_device)
SRV - [2009/12/03 16:52:32 | 001,980,560 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files (x86)\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2009/09/17 18:56:58 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/09/17 18:37:56 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/09/17 17:22:16 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2009/07/13 12:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/07/08 20:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/07/08 20:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/06/26 13:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/24 18:31:22 | 002,368,776 | ---- | M] (Sensible Vision ) [Auto | Running] -- c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/05/21 10:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [File_System | System | Stopped] -- C:\Windows\SysNative\DRIVERS\RxFilter.sys -- (RxFilter)
DRV:64bit: - [2010/06/02 21:21:20 | 000,219,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\wpshelper.sys -- (WpsHelper)
DRV:64bit: - [2010/03/21 03:15:13 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/10/22 15:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009/10/22 15:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/09/17 18:37:52 | 000,052,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\WPSDRVnt.sys -- (WPS)
DRV:64bit: - [2009/09/15 00:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/08/25 20:05:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/08/25 20:05:46 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2009/08/25 20:05:44 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 15:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 23:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/27 14:31:34 | 000,062,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Teefer2.sys -- (Teefer2)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 07:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/15 04:00:00 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100918.003\EX64.SYS -- (NAVEX15)
DRV - [2010/07/15 04:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/07/15 04:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100918.003\ENG64.SYS -- (NAVENG)
DRV - [2010/05/27 04:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 20:05:48 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009/08/25 20:05:46 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2009/08/25 20:05:44 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2009/06/26 12:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\SysWOW64\drivers\RxFilter.sys -- (RxFilter)


========== Standard Registry (SafeList) ==========
 
========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/05/02 14:09:33 | 000,000,842 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.2.2 tivo
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxeemon.exe] C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\WINDOWS\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [HotSync] C:\Program Files\PalmSource\Desktop\HotSync.exe File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBack.lnk = C:\Program Files (x86)\SyncBack\SyncBack.exe (2BrightSparks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: portaportal.com ([my] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/63.18/uploader2.cab (UploadListView Class)
O16 - DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} https://secure.logmeinrescue.com/Customer/x86/RescueDownloader.cab (LogMeIn Rescue Applet Downloader)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - "®œ?" File not found
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 90 Days ==========

[2010/09/18 18:24:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Sheri\Desktop\OTL.exe
[2010/09/18 12:27:51 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/18 12:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/18 12:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/18 12:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/18 12:23:59 | 009,458,552 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Sheri\Desktop\SUPERAntiSpyware.exe
[2010/09/18 10:44:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Sheri\Desktop\TFC.exe
[2010/08/29 19:33:11 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Roaming\Malwarebytes
[2010/08/29 19:33:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/29 19:33:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/29 19:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/29 19:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/26 21:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SyncBack
[2010/08/07 11:20:31 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Local\ICS
[2010/08/07 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HotSync
[2010/08/07 09:40:42 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Roaming\HotSync
[2010/08/07 09:17:21 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Roaming\Arcsoft
[2010/08/07 09:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Palm
[2010/08/05 16:16:06 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2010/08/05 16:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010/07/23 10:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cozi Express
[2010/07/19 20:06:30 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Local\PhotoChannel
[2010/07/03 16:45:52 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Local\PowerDVD DX
[2010/07/03 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/07/03 10:31:40 | 000,000,000 | ---D | C] -- C:\Users\Sheri\Desktop\Jamestown
[2010/07/01 08:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cricut Software
[2010/06/27 13:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paint Shop Pro 5
[2010/06/24 18:53:59 | 000,000,000 | ---D | C] -- C:\Users\Sheri\Desktop\Digital Picture Frame
[2010/06/22 23:48:32 | 000,000,000 | ---D | C] -- C:\Users\Sheri\AppData\Local\Microsoft Games
[2010/06/21 22:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexmark Pro700 Series
[2010/03/21 05:31:04 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeeinpa.dll
[2010/03/21 05:31:03 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeeserv.dll
[2010/03/21 05:31:03 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeeusb1.dll
[2010/03/21 05:31:03 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeecomc.dll
[2010/03/21 05:31:03 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeehbn3.dll
[2010/03/21 05:31:03 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeepmui.dll
[2010/03/21 05:31:03 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeelmpm.dll
[2010/03/21 05:31:03 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeecomm.dll
[2010/03/21 05:31:03 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeeiesc.dll
[6 C:\Users\Sheri\*.tmp files -> C:\Users\Sheri\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/18 18:29:02 | 004,718,592 | -HS- | M] () -- C:\Users\Sheri\NTUSER.DAT
[2010/09/18 18:28:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/18 18:24:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\OTL.exe
[2010/09/18 18:14:33 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 18:14:33 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 18:03:51 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/18 18:03:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/18 18:03:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/18 18:03:03 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/18 12:30:40 | 006,893,954 | -H-- | M] () -- C:\Users\Sheri\AppData\Local\IconCache.db
[2010/09/18 12:27:48 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/18 12:24:12 | 009,458,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Sheri\Desktop\SUPERAntiSpyware.exe
[2010/09/18 12:21:33 | 000,080,384 | ---- | M] () -- C:\Users\Sheri\Desktop\MBRCheck.exe
[2010/09/18 11:20:11 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/18 11:20:11 | 000,627,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/18 11:20:11 | 000,107,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/18 10:44:30 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\TFC.exe
[2010/09/18 09:57:06 | 000,525,824 | ---- | M] () -- C:\Users\Sheri\Desktop\dds.scr
[2010/09/16 22:06:19 | 000,011,580 | ---- | M] () -- C:\Users\Sheri\Documents\Classes.xlsx
[2010/09/16 22:05:04 | 000,000,016 | ---- | M] () -- C:\Windows\popcinfo.dat
[2010/09/16 19:50:06 | 000,010,552 | ---- | M] () -- C:\Users\Sheri\Desktop\5.6 Vocab Sort.xlsx
[2010/09/15 19:30:31 | 000,000,170 | ---- | M] () -- C:\Users\Sheri\Desktop\QuizStar - Create Online Quizzes.url
[2010/09/04 10:39:23 | 000,006,656 | ---- | M] () -- C:\palm.grf
[2010/08/30 21:22:43 | 000,003,584 | ---- | M] () -- C:\Users\Sheri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/27 23:13:30 | 000,036,150 | ---- | M] () -- C:\Users\Sheri\Desktop\BETTA FISH VASE.docx
[2010/08/27 23:06:53 | 000,025,860 | ---- | M] () -- C:\Users\Sheri\Desktop\Creating a Closed Aquatic Ecosystem.docx
[2010/08/26 22:06:13 | 000,001,112 | ---- | M] () -- C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBack.lnk
[2010/08/19 10:58:55 | 000,000,016 | ---- | M] () -- C:\Users\Sheri\persistent_state
[2010/08/11 19:20:20 | 000,469,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/07 10:46:41 | 000,001,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
[2010/08/07 09:40:42 | 000,000,094 | ---- | M] () -- C:\Windows\family.ini
[2010/08/06 22:11:00 | 000,179,464 | ---- | M] () -- C:\Users\Sheri\Desktop\Reaching the Reluctant Writer_ Fast ... - Google Books.pdf
[2010/07/25 16:39:44 | 000,002,243 | ---- | M] () -- C:\Users\Sheri\Desktop\1small.gif
[2010/07/23 14:15:59 | 000,026,656 | ---- | M] () -- C:\Users\Sheri\Documents\5.3 Experiment Opaque, tansparent, trasnslucent.docx
[2010/07/18 22:28:23 | 000,014,768 | ---- | M] () -- C:\Users\Sheri\Desktop\science Links.docx
[2010/07/06 23:05:16 | 191,369,160 | ---- | M] () -- C:\Users\Sheri\Desktop\Nortwest Arkansas Visitor Guide 30448.pdf
[2010/07/01 20:22:44 | 002,719,744 | ---- | M] () -- C:\Users\Sheri\Desktop\Timmy TODO Database.accdb
[2010/07/01 11:21:36 | 000,001,321 | ---- | M] () -- C:\Users\Public\Desktop\Cricut DesignStudio.lnk
[2010/06/28 18:17:57 | 007,551,351 | ---- | M] () -- C:\Users\Sheri\Desktop\2742_CompiledTeacherInstitute_2010.pdf
[6 C:\Users\Sheri\*.tmp files -> C:\Users\Sheri\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/18 12:27:48 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/18 12:21:32 | 000,080,384 | ---- | C] () -- C:\Users\Sheri\Desktop\MBRCheck.exe
[2010/09/18 09:57:04 | 000,525,824 | ---- | C] () -- C:\Users\Sheri\Desktop\dds.scr
[2010/09/16 22:06:19 | 000,011,580 | ---- | C] () -- C:\Users\Sheri\Documents\Classes.xlsx
[2010/09/16 19:47:33 | 000,010,552 | ---- | C] () -- C:\Users\Sheri\Desktop\5.6 Vocab Sort.xlsx
[2010/09/15 19:30:31 | 000,000,170 | ---- | C] () -- C:\Users\Sheri\Desktop\QuizStar - Create Online Quizzes.url
[2010/08/30 21:22:45 | 000,006,656 | ---- | C] () -- C:\palm.grf
[2010/08/30 21:22:43 | 000,003,584 | ---- | C] () -- C:\Users\Sheri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/27 23:13:29 | 000,036,150 | ---- | C] () -- C:\Users\Sheri\Desktop\BETTA FISH VASE.docx
[2010/08/27 23:06:53 | 000,025,860 | ---- | C] () -- C:\Users\Sheri\Desktop\Creating a Closed Aquatic Ecosystem.docx
[2010/08/26 22:06:13 | 000,001,112 | ---- | C] () -- C:\Users\Sheri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBack.lnk
[2010/08/07 10:46:41 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
[2010/08/07 09:40:42 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2010/08/06 22:10:46 | 000,179,464 | ---- | C] () -- C:\Users\Sheri\Desktop\Reaching the Reluctant Writer_ Fast ... - Google Books.pdf
[2010/07/25 16:53:51 | 000,002,243 | ---- | C] () -- C:\Users\Sheri\Desktop\1small.gif
[2010/07/23 14:15:58 | 000,026,656 | ---- | C] () -- C:\Users\Sheri\Documents\5.3 Experiment Opaque, tansparent, trasnslucent.docx
[2010/07/18 22:28:22 | 000,014,768 | ---- | C] () -- C:\Users\Sheri\Desktop\science Links.docx
[2010/07/06 23:05:14 | 191,369,160 | ---- | C] () -- C:\Users\Sheri\Desktop\Nortwest Arkansas Visitor Guide 30448.pdf
[2010/07/01 20:53:17 | 000,000,723 | ---- | C] () -- C:\Users\Sheri\Sti_Trace.log
[2010/07/01 08:49:32 | 000,001,321 | ---- | C] () -- C:\Users\Public\Desktop\Cricut DesignStudio.lnk
[2010/06/28 18:17:57 | 007,551,351 | ---- | C] () -- C:\Users\Sheri\Desktop\2742_CompiledTeacherInstitute_2010.pdf
[2010/04/02 16:12:00 | 000,000,712 | ---- | C] () -- C:\ProgramData\lxee.log
[2010/03/27 01:13:30 | 000,000,774 | ---- | C] () -- C:\Users\Sheri\AppData\Roaming\wklnhst.dat
[2010/03/26 06:45:45 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/21 05:43:25 | 000,271,420 | ---- | C] () -- C:\ProgramData\lxeeJSW.log
[2010/03/21 05:43:16 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log
[2010/03/21 05:32:33 | 000,027,071 | ---- | C] () -- C:\ProgramData\lxeescan.log
[2010/03/21 05:31:07 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEEinst.dll
[2010/03/21 05:31:04 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeecomx.dll
[2010/03/21 05:31:03 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxeeins.dll
[2010/03/21 05:31:03 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxeeinsb.dll
[2010/03/21 05:31:03 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeecu.dll
[2010/03/21 05:31:03 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxeeinsr.dll
[2010/03/21 05:31:03 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeecub.dll
[2010/03/21 05:31:03 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxeejswr.dll
[2010/03/21 05:31:03 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeecur.dll
[2010/03/21 05:16:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\cmn_upld.log
[2010/03/21 05:16:15 | 000,000,000 | ---- | C] () -- C:\ProgramData\LxWbGwLog.log
[2010/03/21 05:15:58 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt
[2010/03/21 05:15:29 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEEsmr.dll
[2010/03/21 05:15:28 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEEsm.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/24 18:32:34 | 000,089,352 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/06/24 18:31:46 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/06/24 18:31:00 | 000,234,760 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2010/08/07 09:40:42 | 000,000,000 | ---D | M] -- C:\Users\Sheri\AppData\Roaming\HotSync
[2010/03/19 00:49:27 | 000,000,000 | ---D | M] -- C:\Users\Sheri\AppData\Roaming\Template
[2010/03/21 06:14:23 | 000,000,000 | ---D | M] -- C:\Users\Sheri\AppData\Roaming\Windows Live Writer
[2009/07/14 01:08:49 | 000,021,166 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========
 
========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/02/16 23:54:28 | 000,004,323 | RH-- | M] () -- C:\dell (1).sdr
[2010/02/25 11:26:12 | 000,003,563 | RH-- | M] () -- C:\dell.sdr
[2010/09/18 18:03:03 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/26 11:45:52 | 000,000,086 | ---- | M] () -- C:\lxeePpx.log
[2010/03/21 12:12:45 | 000,000,546 | ---- | M] () -- C:\Media (TIVO) (N) - Shortcut.lnk
[2010/09/18 18:03:07 | 4253,405,184 | -HS- | M] () -- C:\pagefile.sys
[2010/09/04 10:39:23 | 000,006,656 | ---- | M] () -- C:\palm.grf
[2009/07/13 21:39:47 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\taskmgr_back.exe

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 14:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/11 17:41:55 | 000,000,286 | -HS- | M] () -- C:\Users\Sheri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2010/03/19 15:39:55 | 000,000,221 | -HS- | M] () -- C:\Users\Sheri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/09/18 12:21:33 | 000,080,384 | ---- | M] () -- C:\Users\Sheri\Desktop\MBRCheck.exe
[2010/09/18 18:24:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\OTL.exe
[2010/09/18 12:24:12 | 009,458,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Sheri\Desktop\SUPERAntiSpyware.exe
[2010/09/18 10:44:30 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sheri\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2010/01/11 19:34:27 | 000,061,224 | ---- | M] () -- C:\Users\Sheri\GoToAssistDownloadHelper.exe
[6 C:\Users\Sheri\*.tmp files -> C:\Users\Sheri\*.tmp -> ]

< %systemroot%\ADDINS\*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\WINDOWS\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/08/07 10:41:51 | 000,008,192 | ---- | M] () -- C:\WINDOWS\security\database\edb.chk
[2010/08/07 10:41:51 | 001,048,576 | ---- | M] () -- C:\WINDOWS\security\database\edb.log
[2010/08/07 10:41:50 | 001,048,576 | ---- | M] () -- C:\WINDOWS\security\database\edbres00001.jrs
[2010/08/07 10:41:51 | 001,048,576 | ---- | M] () -- C:\WINDOWS\security\database\edbres00002.jrs
[2010/08/07 10:41:50 | 000,786,432 | ---- | M] () -- C:\WINDOWS\security\database\edbtmp.log
[2010/08/07 10:41:51 | 001,056,768 | ---- | M] () -- C:\WINDOWS\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/03 08:19:13 | 000,000,402 | -HS- | M] () -- C:\Users\Sheri\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/03/21 05:16:18 | 000,000,000 | ---- | M] () -- C:\ProgramData\cmn_upld.log
[2010/03/21 05:43:16 | 000,000,252 | ---- | M] () -- C:\ProgramData\FastPics.log
[2010/04/02 16:50:41 | 000,000,712 | ---- | M] () -- C:\ProgramData\lxee.log
[2010/06/21 22:23:04 | 000,271,420 | ---- | M] () -- C:\ProgramData\lxeeJSW.log
[2010/09/18 18:04:39 | 000,027,071 | ---- | M] () -- C:\ProgramData\lxeescan.log
[2010/03/21 05:16:15 | 000,000,000 | ---- | M] () -- C:\ProgramData\LxWbGwLog.log
[2010/03/21 05:15:58 | 000,000,000 | ---- | M] () -- C:\ProgramData\UpdaterLog.txt
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >
 
OTL Extras logfile created on: 9/18/2010 6:26:06 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Sheri\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 184.16 Gb Free Space | 64.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1863.01 Gb Total Space | 52.06 Gb Free Space | 2.79% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 931.51 Gb Total Space | 44.23 Gb Free Space | 4.75% Space Free | Partition Type: NTFS
Drive N: | 931.51 Gb Total Space | 44.23 Gb Free Space | 4.75% Space Free | Partition Type: NTFS

Computer Name: SHERI-PC
Current User Name: Sheri
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{530992D4-DDBA-4F68-8B0D-FF50AC57531B}" = Symantec Endpoint Protection
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B4735ADA-2C32-4DB1-809C-D3D424343ED9}" = FastAccess
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"doPDF 6 printer_is1" = doPDF 6.2 printer
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Lexmark Pro700 Series" = Lexmark Pro700 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{194D0B58-ED34-444F-A1D1-C1CACFC3B7EE}" = Cozi Outlook Toolbar
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67635FB6-2F63-4FFB-830B-D4C01597EBA4}" = Microsoft Office Suite Activation Assistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81F1C6DE-C053-4C6C-9DE8-ED23D28FA9AB}" = Cozi
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro
"{AC76BA86-1033-0000-7760-000000000004}_934" = Adobe Acrobat 9.3.4 - CPSID_83708
"{AC76BA86-1033-0000-7760-000000000004}{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Bejeweled 2 Deluxe 1.0" = Bejeweled 2 Deluxe 1.0
"Carbonite Backup" = Carbonite
"Chuzzle Deluxe 1.0" = Chuzzle Deluxe 1.0
"Cricut DesignStudio" = Cricut DesignStudio
"Dell Webcam Central" = Dell Webcam Central
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Paint Shop Pro 5.0 Evaluation" = Paint Shop Pro 5.0 Evaluation
"Pegasus Mail" = Pegasus Mail
"PROR" = Microsoft Office Professional 2007
"SyncBack_is1" = SyncBack
"Timez Attack 3.15" = Timez Attack
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sound" = Sound
 
========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/9/2010 11:57:19 PM | Computer Name = Sheri-PC | Source = VSS | ID = 22
Description =

Error - 9/9/2010 11:57:19 PM | Computer Name = Sheri-PC | Source = VSS | ID = 8193
Description =

Error - 9/10/2010 1:04:42 AM | Computer Name = Sheri-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.

Error - 9/10/2010 2:10:41 AM | Computer Name = Sheri-PC | Source = VSS | ID = 22
Description =

Error - 9/10/2010 2:10:41 AM | Computer Name = Sheri-PC | Source = VSS | ID = 8193
Description =

Error - 9/10/2010 2:11:43 AM | Computer Name = Sheri-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 9/10/2010 2:18:24 AM | Computer Name = Sheri-PC | Source = VSS | ID = 22
Description =

Error - 9/10/2010 2:18:24 AM | Computer Name = Sheri-PC | Source = VSS | ID = 8193
Description =

Error - 9/10/2010 2:56:58 PM | Computer Name = Sheri-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 9/11/2010 1:06:02 AM | Computer Name = Sheri-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.

[ Media Center Events ]
Error - 8/12/2010 8:29:08 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 8:29:08 AM - Error connecting to the internet. 8:29:08 AM - Unable
to contact server..

Error - 8/12/2010 8:29:18 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 8:29:14 AM - Error connecting to the internet. 8:29:14 AM - Unable
to contact server..

Error - 8/12/2010 9:29:23 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 9:29:23 AM - Error connecting to the internet. 9:29:23 AM - Unable
to contact server..

Error - 8/12/2010 9:29:29 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 9:29:28 AM - Error connecting to the internet. 9:29:28 AM - Unable
to contact server..

Error - 8/12/2010 2:07:03 PM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 2:07:03 PM - Error connecting to the internet. 2:07:03 PM - Unable
to contact server..

Error - 8/12/2010 2:07:09 PM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 2:07:08 PM - Error connecting to the internet. 2:07:08 PM - Unable
to contact server..

Error - 9/18/2010 2:38:33 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 2:38:27 AM - Error connecting to the internet. 2:38:27 AM - Unable
to contact server..

Error - 9/18/2010 3:39:14 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 3:39:05 AM - Error connecting to the internet. 3:39:05 AM - Unable
to contact server..

Error - 9/18/2010 4:39:27 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 4:39:22 AM - Error connecting to the internet. 4:39:22 AM - Unable
to contact server..

Error - 9/18/2010 5:39:33 AM | Computer Name = Sheri-PC | Source = MCUpdate | ID = 0
Description = 5:39:32 AM - Error connecting to the internet. 5:39:32 AM - Unable
to contact server..

[ OSession Events ]
Error - 8/28/2010 9:29:04 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/31/2010 10:40:01 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/31/2010 10:40:30 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/31/2010 10:40:41 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/6/2010 3:07:23 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/6/2010 9:51:14 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/12/2010 10:52:51 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 8645
seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/13/2010 7:28:49 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 202
seconds with 180 seconds of active time. This session ended with a crash.

Error - 9/13/2010 10:42:59 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 49
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/15/2010 9:58:06 PM | Computer Name = Sheri-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 9/17/2010 4:31:29 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 5:35:33 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 6:11:33 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 9:30:20 AM | Computer Name = Sheri-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the IPBusEnum service.

Error - 9/17/2010 9:42:44 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 10:30:50 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 11:12:48 AM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 12:48:49 PM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 1:24:50 PM | Computer Name = Sheri-PC | Source = bowser | ID = 8003
Description =

Error - 9/17/2010 2:27:42 PM | Computer Name = Sheri-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.


< End of report >
 
Please, don't wrap any logs in codes, because they're harder to read.
I need to edit them. Hold on...
 
Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

========================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [FAStartup] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - "®œ?" File not found
[6 C:\Users\Sheri\*.tmp files -> C:\Users\Sheri\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]


:Services

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" =-

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

========================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Go to Kaspersky website and perform an online antivirus scan.

  • Disable your active antivirus program.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
 
Status
Not open for further replies.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
C
Solved Malware \ProductData + possibly more, on two devices
Replies
4
Views
7K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni

Latest posts

Back