Inactive Search engine redirect and system tray icons not reappearing

Status
Not open for further replies.

msmall10

Posts: 44   +0
Last month I came on here with a search engine redirect problem, but i wasn't in front of the computer to fix it. After a week, Malwarebytes got rid of the search engine redirect problem, so i didn't investigate anymore once i returned home. Now the problem is back and another problem. When explorer.exe stops responding or i terminate it, certain icons do not return in the tray bar. Friends told me that its the individual programs, but I never had this problem when explorer.exe have closed before. Don't know if both problems are the same or not and thanks for any help in advance.
*BTW, I started getting a little blue screen of death yesterday*
Malwarebytes:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5429

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/31/2010 4:31:04 PM
mbam-log-2010-12-31 (16-31-04).txt

Scan type: Quick scan
Objects scanned: 181521
Time elapsed: 32 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER log to follow....
 
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-31 19:17:17
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdePort0 SAMSUNG_HD321KJ rev.CP100-11
Running: p5429gd1.exe; Driver: C:\Users\MATTSM~1\AppData\Local\Temp\fxldypow.sys


---- System - GMER 1.0.15 ----

SSDT 8701A498 ZwConnectPort
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0x8398C2D6]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0x8398C4C8]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateUserProcess [0x8398C6D0]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0x8398BF44]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 830839A9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830BD212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 2DC 830C4A6C 4 Bytes [98, A4, 01, 87]
.text ntkrnlpa.exe!RtlSidHashLookup + 32C 830C4ABC 3 Bytes [D6, C2, 98]
.text ntkrnlpa.exe!RtlSidHashLookup + 330 830C4AC0 3 Bytes [C8, C4, 98]
.text ntkrnlpa.exe!RtlSidHashLookup + 364 830C4AF4 3 Bytes [D0, C6, 98] {ROL DH, 0x1; CWDE }
.text ntkrnlpa.exe!RtlSidHashLookup + 7B8 830C4F48 3 Bytes [44, BF, 98]
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9A413000, 0x31BA76, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtProtectVirtualMemory 778D5380 5 Bytes JMP 0028000A
.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtWriteVirtualMemory 778D5F00 5 Bytes JMP 0029000A
.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!KiUserExceptionDispatcher 778D6448 5 Bytes JMP 0027000A
.text C:\Windows\system32\svchost.exe[1076] ole32.dll!CoCreateInstance 75F1590C 5 Bytes JMP 00C4000A
.text C:\Windows\system32\svchost.exe[1076] USER32.dll!GetCursorPos 76E2C198 5 Bytes JMP 00F8000A
.text C:\Windows\Explorer.EXE[2808] ntdll.dll!NtProtectVirtualMemory 778D5380 5 Bytes JMP 0018000A
.text C:\Windows\Explorer.EXE[2808] ntdll.dll!NtWriteVirtualMemory 778D5F00 5 Bytes JMP 001D000A
.text C:\Windows\Explorer.EXE[2808] ntdll.dll!KiUserExceptionDispatcher 778D6448 5 Bytes JMP 0017000A
.text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2812] ntdll.dll!NtProtectVirtualMemory 778D5380 5 Bytes JMP 007F000A
.text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2812] ntdll.dll!NtWriteVirtualMemory 778D5F00 5 Bytes JMP 0080000A
.text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2812] ntdll.dll!KiUserExceptionDispatcher 778D6448 5 Bytes JMP 007A000A

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1628] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[1840] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75935E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\pctsSvc.exe[2768] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] [0044BB58] C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsSvc.exe[2768] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [0044BD5C] C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsSvc.exe[2768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0044BB58] C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsSvc.exe[2768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [0044BD5C] C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsSvc.exe[2768] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] [0044BB58] C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74452494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74435624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744356E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7445250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74448573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74444D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [744450CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [744451A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [744466D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [744482CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74448819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7444907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7444E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2808] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74444C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Spyware Doctor\pctsTray.exe[5432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] [0044B82C] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools Tray Application/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsTray.exe[5432] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [0044BA30] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools Tray Application/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsTray.exe[5432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0044B82C] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools Tray Application/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsTray.exe[5432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [0044BA30] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools Tray Application/PC Tools)
IAT C:\Program Files\Spyware Doctor\pctsTray.exe[5432] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] [0044B82C] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools Tray Application/PC Tools)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\00000059 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \Device\Ide\IdeDeviceP0T0L0-0 -> \??\IDE#DiskSAMSUNG_HD321KJ_________________________CP100-11#5&30b50837&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0002760dafcb
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0002760dafcb@001fe32024e7 0xFE 0x44 0x3A 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0002760dafcb@001a452a2516 0x42 0xBB 0xF4 0xA5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0002760dafcb@00241c3f4e1f 0xCB 0xD6 0x1E 0x9B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004@BackupContext 0x02 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004@COD Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004@Identity 0x7B 0x00 0x39 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004@InstallComplete 1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0004@NodeID 0x8F 0x51 0x01 0xE4 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0002760dafcb (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0002760dafcb@001fe32024e7 0xFE 0x44 0x3A 0x1C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0002760dafcb@001a452a2516 0x42 0xBB 0xF4 0xA5 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0002760dafcb@00241c3f4e1f 0xCB 0xD6 0x1E 0x9B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004@BackupContext 0x02 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004@COD Type 1
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004@Identity 0x7B 0x00 0x39 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004@InstallComplete 1
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0004@NodeID 0x8F 0x51 0x01 0xE4 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0x50 0x93 0xE5 0xAB ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 00 (MBR): rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 10: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 32: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 33: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sectors 625142192 (+255): rootkit-like behavior;

---- EOF - GMER 1.0.15 ----
 
DDS (Ver_10-12-12.02) - NTFSx86
Run by matt small at 19:27:56.77 on Fri 12/31/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3070.962 [GMT -5:00]

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Winamp Remote\bin\OrbMediaService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\AnywhereTS\srv\srvstart.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\AnywhereTS\srv\tftpd32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Xobni\XobniService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\matt small\Program Files\DNA\btdna.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Users\matt small\Downloads\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = https://secure.logmein.com/login.asp
uWindow Title = Internet Explorer provided by Dell
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070927
uInternet Settings,ProxyOverride = <local>;*.local
uInternet Settings,ProxyServer = http=127.0.0.1:6522
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [BitTorrent DNA] "c:\users\matt small\program files\dna\btdna.exe"
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Orb] "c:\program files\winamp remote\bin\OrbTray.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [dscactivate] c:\dell\dsca.exe 3
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\mattsm~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\mattsm~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\mlbtvn~1.lnk - c:\users\matt small\appdata\local\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
Trusted Zone: webattend.com
Trusted Zone: webtrain.com
DPF: Justin.tv Publisher - hxxp://www.justin.tv/plugins/justintv_publisher.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {21C6245C-9408-11D7-BF3B-00E09876DF26} - hxxp://www.webattend.com/components/wt0523.cab
DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} - hxxp://www.seetoo.com/downloadAddon.php?platform=Win32&browser=ie&ref=justintv&c=cce877c8fbf127563&browserVersion=8.0
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\acaptuser32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\mattsm~1\appdata\roaming\mozilla\firefox\profiles\420w6fuk.default\
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\users\matt small\appdata\roaming\mozilla\firefox\profiles\420w6fuk.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\matt small\appdata\roaming\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\users\matt small\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\matt small\appdata\roaming\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\users\matt small\appdata\roaming\mozilla\firefox\profiles\420w6fuk.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\users\matt small\appdata\roaming\mozilla\firefox\profiles\420w6fuk.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\users\matt small\program files\dna\plugins\npbtdna.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Personas Interactive: btpersonas@brandthunder.com - %profile%\extensions\btpersonas@brandthunder.com
FF - Ext: Fast Youtube Downloader: fastYoutubeDownloader@yevgenyandrov.net - %profile%\extensions\fastYoutubeDownloader@yevgenyandrov.net
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: IE Tab 2 (FF 3.6+): {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} - %profile%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FoxyTunes: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374} - %profile%\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: MileWideBack: {dc0fa13c-3dae-73eb-e852-912722c852f9} - %profile%\extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Redirect Remover: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9} - %profile%\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\Firefox
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\users\matt small\appdata\roaming\Move Networks

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-24 218592]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2008-12-19 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-7-6 176128]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-11-24 112592]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-29 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-8-3 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-9-29 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-12-23 363344]
R2 MCEBuddy;MCEBuddy Service;c:\program files\tyrell\mcebuddy\MCEBuddySvc.exe [2010-1-24 20480]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-11-24 366840]
R2 sdcoreservice;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-11-24 1142224]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-11-28 1962136]
R2 TS_TFTP;TS TFTP;c:\program files\anywherets\srv\srvstart.exe [2007-10-29 36864]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-1-21 24652]
R2 XobniService;XobniService;c:\program files\xobni\XobniService.exe [2009-10-12 46824]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-7-6 5882368]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-7-6 210944]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
R3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2009-5-28 391296]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-23 20952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9e2c2e102d9f;Google Update Service (gupdate1c9e2c2e102d9f);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-6-19 45736]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-19 29472]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-11-10 20704]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2010-5-13 39048]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-1-29 30576]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SavRoam;SavRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-11 1343400]

=============== Created Last 30 ================

2010-12-31 02:21:40 81410 ----a-w- c:\progra~2\43XOi2ix.exe_
2010-12-26 23:30:39 -------- d-----w- c:\program files\Xilisoft
2010-12-26 19:25:05 -------- d-----w- c:\program files\CCleaner
2010-12-26 01:18:53 -------- d-----w- c:\program files\iPod
2010-12-26 01:18:48 -------- d-----w- c:\program files\iTunes
2010-12-26 01:18:48 -------- d-----w- c:\progra~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-23 22:38:36 -------- d-----w- c:\program files\Free Window Registry Repair
2010-12-23 19:53:55 737072 ----a-w- c:\progra~2\microsoft\ehome\packages\sportsv2\sportstemplatecore-7\Microsoft.MediaCenter.Sports.UI.dll
2010-12-15 20:01:06 516096 ----a-w- c:\program files\windows mail\wab.exe
2010-12-15 20:01:03 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-10 10:55:54 737072 ----a-w- c:\progra~2\microsoft\ehome\packages\sportsv2\sportstemplatecore-3\Microsoft.MediaCenter.Sports.UI.dll

==================== Find3M ====================

2010-12-08 18:12:02 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-12-08 18:11:52 53632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2010-12-08 18:11:46 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-12-08 18:11:44 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-12 23:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-10 07:49:26 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-11-10 07:49:02 543328 ----a-w- c:\windows\system32\LVUI2.dll
2010-11-10 07:47:28 195168 ----a-w- c:\windows\system32\lvci13101216.dll
2010-11-10 07:47:14 416352 ----a-w- c:\windows\system32\LVCodec2.dll
2010-11-10 07:45:32 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2010-11-10 07:45:30 10871128 ----a-w- c:\windows\system32\LogiDPP.dll
2010-11-10 07:45:20 316248 ----a-w- c:\windows\system32\DevManagerCore.dll
2010-11-10 07:32:16 38238 ----a-w- c:\windows\system32\Repository.reg
2010-11-08 06:20:24 89088 ----a-w- c:\windows\MBR.exe
2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll
2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 04:41:02 101760 ----a-w- c:\windows\system32\consent.exe
2010-10-16 04:36:10 314368 ----a-w- c:\windows\system32\webio.dll
2010-10-07 17:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 17:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 17:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: SAMSUNG_HD321KJ rev.CP100-11 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys halmacpi.dll
c:\windows\system32\drivers\PCTCore.sys PC Tools Kernel Driver Suite
1 ntkrnlpa!IofCallDriver[0x8307CAB6] -> \Device\Harddisk0\DR0[0x86B6A808]
3 CLASSPNP[0x8BB8F59E] -> ntkrnlpa!IofCallDriver[0x8307CAB6] -> [0x86B694B0]
5 PCTCore[0x8398EEAE] -> ntkrnlpa!IofCallDriver[0x8307CAB6] -> [0x866AE408]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; PUSHA ; MOV CX, 0x132; MOV BP, 0x62a; ROR BYTE [BP+0x0], CL; INC BP; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-0 -> \??\IDE#DiskSAMSUNG_HD321KJ_________________________CP100-11#5&30b50837&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user != kernel MBR !!!
sectors 625142446 (+255): user != kernel

============= FINISH: 19:28:50.96 ===============
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 1/6/2010 6:38:55 PM
System Uptime: 12/31/2010 6:16:17 PM (1 hours ago)

Motherboard: Dell Inc. | | 0RY007
Processor: Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz | Socket 775 | 2000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 273 GiB total, 97.444 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.71 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 334.127 GiB free.
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet 6500 E709n
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: adfs
Device ID: ROOT\LEGACY_ADFS\0000
Manufacturer:
Name: adfs
PNP Device ID: ROOT\LEGACY_ADFS\0000
Service: adfs

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: sptd
Device ID: ROOT\LEGACY_SPTD\0000
Manufacturer:
Name: sptd
PNP Device ID: ROOT\LEGACY_SPTD\0000
Service: sptd

==== System Restore Points ===================

RP232: 12/26/2010 12:11:50 AM - Windows Backup
RP234: 12/26/2010 6:47:02 PM - Removed WS_FTP
RP235: 12/31/2010 12:33:54 AM - Windows Update

==== Installed Programs ======================

"Nero SoundTrax Help
32 Bit HP CIO Components Installer
4Media Video Converter Ultimate
6500_E709_eDocs
6500_E709_Help
6500_E709n
7-Zip 4.57
Acrobat.com
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 Professional
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS4
Adobe Linguistics CS3
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop 6.0
Adobe Photoshop CS3
Adobe Reader 9.4.1
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advertising Center
AIM 6
AMD Drag and Drop Transcoding
AnswerWorks 5.0 English Runtime
AnywhereTS
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO Codecs
ATI Catalyst Install Manager
ATI Catalyst Registration
ATI Parental Control & Encoder
Audacity 1.3.4 (Unicode)
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
BitPim 1.0.7
BitTorrent
Bonjour
Boris Graffiti
bpd_scan
BPDSoftware
BPDSoftware_Ini
Browser Defender 2.0.6.15
BufferChm
CameraHelperMsi
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
Cinergy Script Editor
Combined Community Codec Pack 2007-07-22
Connect
Creative MediaSource 5
D3DX10
Data Lifeguard Diagnostic for Windows
Definition update for Microsoft Office 2010 (KB982726)
Dell Support Center
Dell System Customization Wizard
DellSupport
Destinations
DeviceDiscovery
Digital Cable Advisor
Digital Line Detect
Digital Voice Editor 3
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DNA
DocMgr
DocProc
DolbyFiles
EasyBCD 1.7.2
EasyFLV FLV Converter Ver 7 build 0.0.1
erLT
EVEREST Ultimate Edition v5.50
Fax
FoxyTunes for Firefox
Free Window Registry Repair
Games, Music, & Photos Launcher
GameSpy Arcade
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)
Google Chrome
Google Desktop
Google Earth
Google Gears
Google Update Helper
Google Video Uploader
GPBaseService2
Guitar Hero III
H.264 Encoder 1.5
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 6500 E709 Series
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
HPSSupply
ImagXpress
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
Intel(R) TV Wizard
Internet TV for Windows Media Center
Ipswitch WS_FTP Pro
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
kuler
LAME v3.98.2 for Audacity
LG USB Modem driver
LimeWire 5.6.2
LiveUpdate 3.2 (Symantec Corporation)
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
LogMeIn
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Magic Bullet Looks Studio
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
ManyCam 2.4 (remove only)
MarketResearch
MCEBuddy
Menu Templates - Starter Kit
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (English) 2010
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Facebook 32-bit
Microsoft Picture It! Photo Premium 9
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft Works 2004 Setup Launcher
Microsoft Xbox 360 Accessories 1.1
MKVtoolnix 4.2.0
MobileMe Control Panel
Motorola Driver Installation 3.2.0
Move Media Player
Movie Templates - Starter Kit
Mozilla Firefox (3.6.13)
Mozilla Thunderbird (3.1.4)
Mpeg2Decoder 1.3
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Lite 8.2.8.0
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
NetWaiting
Network
OCR Software by I.R.I.S. 13.0
OGA Notifier 2.0.0048.0
PDF Settings CS4
PHOTOfunSTUDIO 5.0
Photoshop Camera Raw
Pinnacle Studio 12
Pinnacle Studio 12 Ultimate Plugins
Pinnacle Video Driver
Pixel Bender Toolkit
PlayReady PC Runtime x86
proDAD Vitascene 1.0
Product Documentation Launcher
ProductContext
Quicken 2009
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Rhapsody Player Engine
Right PDF Printer 3.6 Server Edition
River Past Audio Converter Pro
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Shop for HP Supplies
Skype Toolbars
Skype™ 5.0
SmartWebPrinting
Snagit 9.1.3
SolutionCenter
Sonic Activation Module
SopCast 2.0.4
Sound Blaster Audigy ADVANCED MB
SoundTrax
Spyware Doctor 7.0
Status
Suite Shared Configuration CS4
SUPERAntiSpyware
Symantec AntiVirus
The Lord of the Rings FREE Trial
The Weather Channel Desktop 6
Tony Hawks Pro Skater 4
Toolbox
TrayApp
Trillian
TVT7Diag
Uniblue RegistryBooster 2010
University of Miami Desktop Communicator
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2433299)
Update for Microsoft Outlook Social Connector (KB2289116)
Update for Outlook 2007 Junk Email Filter (KB2466076)
URL Assistant
User's Guides
V CAST Music with Rhapsody
VC80CRTRedist - 8.0.50727.4053
Video Explosion 1.5
Viewpoint Media Player
Virtual Earth 3D (Beta)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 1.1.5
WD Diagnostics
WebReg
WebTrain Communicator
WIDCOMM Bluetooth Software
Winamp
Winamp Detector Plug-in
Winamp Remote
Windows 7 Upgrade Advisor
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Windows Mobile Device Center Driver Update
Windows Movie Maker 2.6
Windows Movie Maker 6.0
Xobni
Xobni Core
Xvid 1.2.2 final uninstall
Yahoo! Music Jukebox

==== Event Viewer Messages From Past Week ========

12/31/2010 9:59:51 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
12/31/2010 9:59:51 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2010 9:58:51 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/31/2010 9:58:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/31/2010 9:58:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
12/31/2010 9:58:21 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2010 9:57:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Symantec AntiVirus service.
12/31/2010 9:57:21 AM, Error: Service Control Manager [7022] - The Server service hung on starting.
12/31/2010 9:57:21 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state.
12/31/2010 6:19:06 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
12/31/2010 6:18:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL sptd
12/31/2010 6:18:03 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
12/31/2010 6:17:49 PM, Error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
12/31/2010 6:16:20 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
12/31/2010 6:09:02 PM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
12/31/2010 5:25:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CertPropSvc service.
12/31/2010 5:25:57 AM, Error: Service Control Manager [7000] - The Certificate Propagation service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2010 5:21:45 AM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 4 time(s).
12/31/2010 5:21:45 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 5:21:45 AM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 5:06:55 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Themes service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The System Event Notification Service service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Secondary Logon service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The IP Helper service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Group Policy Client service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 5:04:55 AM, Error: Service Control Manager [7034] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 3 time(s).
12/31/2010 3:53:57 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7034] - The Windows Update service terminated unexpectedly. It has done this 2 time(s).
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:51:57 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:41:55 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 3:39:55 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 12:14:06 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x83288050, 0x8d91b774, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123110-39998-01.
12/31/2010 10:10:37 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/31/2010 10:02:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
12/31/2010 10:02:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/31/2010 10:01:57 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/31/2010 10:01:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/31/2010 10:01:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/31/2010 10:01:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/31/2010 10:01:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/31/2010 10:01:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache eeCtrl SABKUTIL spldr sptd SRTSP SRTSPX SYMTDI Wanarpv6
12/31/2010 10:01:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
12/30/2010 9:37:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/30/2010 9:27:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000016, 0x00000002, 0x00000000, 0x8244aa5b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-33275-01.
12/30/2010 9:16:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x9b3d8870, 0x00000002, 0x00000000, 0x8ac01fb6). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-49187-01.
12/30/2010 8:56:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000c, 0x00000002, 0x00000000, 0x83a0f131). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-37128-01.
12/30/2010 8:51:00 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000001, 0x00000002, 0x00000000, 0x824a9f95). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-45287-01.
12/30/2010 8:44:24 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000001, 0x00000002, 0x00000000, 0x8306af95). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-41168-01.
12/30/2010 8:12:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xb07d7a00, 0x00000002, 0x00000000, 0x83a01fb6). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123010-36457-01.
12/30/2010 7:41:20 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/30/2010 7:41:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
12/30/2010 6:42:09 PM, Error: Service Control Manager [7000] - The Diagnostic System Host service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance.
12/30/2010 5:29:35 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance.
12/30/2010 5:01:21 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance.
12/30/2010 3:01:00 PM, Error: Service Control Manager [7031] - The Windows Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/29/2010 12:48:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the W32Time service.
12/26/2010 12:10:32 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LiveUpdate service to connect.
12/26/2010 12:10:32 AM, Error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/26/2010 12:06:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
12/25/2010 8:36:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/25/2010 8:36:59 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/25/2010 8:36:38 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
12/25/2010 8:33:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
12/25/2010 8:33:42 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/25/2010 8:15:03 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
12/25/2010 8:14:03 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/25/2010 8:13:10 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/25/2010 11:47:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Center Scheduler Service service to connect.
12/25/2010 11:45:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service ehSched with arguments "-Service" in order to run the server: {4B635ECB-0887-4015-8CA6-D621362F98D1}

==== End Of File ===========================
 
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

===============

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
2011/01/01 10:58:07.0648 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/01 10:58:07.0648 ================================================================================
2011/01/01 10:58:07.0648 SystemInfo:
2011/01/01 10:58:07.0648
2011/01/01 10:58:07.0648 OS Version: 6.1.7600 ServicePack: 0.0
2011/01/01 10:58:07.0648 Product type: Workstation
2011/01/01 10:58:07.0648 ComputerName: MATT
2011/01/01 10:58:07.0653 UserName: matt small
2011/01/01 10:58:07.0653 Windows directory: C:\Windows
2011/01/01 10:58:07.0653 System windows directory: C:\Windows
2011/01/01 10:58:07.0653 Processor architecture: Intel x86
2011/01/01 10:58:07.0653 Number of processors: 2
2011/01/01 10:58:07.0653 Page size: 0x1000
2011/01/01 10:58:07.0653 Boot type: Normal boot
2011/01/01 10:58:07.0653 ================================================================================
2011/01/01 10:58:09.0033 Initialize success
2011/01/01 10:58:14.0423 ================================================================================
2011/01/01 10:58:14.0424 Scan started
2011/01/01 10:58:14.0424 Mode: Manual;
2011/01/01 10:58:14.0424 ================================================================================
2011/01/01 10:58:17.0138 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/01 10:58:17.0210 61883 (beb5e6a8c17c3c7485563281e0f9e77e) C:\Windows\system32\DRIVERS\61883.sys
2011/01/01 10:58:17.0257 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/01 10:58:17.0311 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/01 10:58:17.0419 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/01 10:58:17.0465 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/01 10:58:17.0508 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/01 10:58:17.0601 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/01/01 10:58:17.0644 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/01 10:58:17.0680 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/01/01 10:58:17.0732 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/01 10:58:17.0774 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/01/01 10:58:17.0805 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/01 10:58:17.0839 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/01 10:58:18.0074 amdkmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/01 10:58:18.0202 amdkmdap (41876830a043176f7902e781238f95ef) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/01/01 10:58:18.0244 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/01 10:58:18.0289 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/01 10:58:18.0325 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/01 10:58:18.0361 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/01 10:58:18.0411 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/01/01 10:58:18.0486 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/01/01 10:58:18.0521 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/01 10:58:18.0568 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/01 10:58:18.0627 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/01 10:58:18.0712 ATIAVPCI (0a03a17f15deae17abf0455cc9ffad59) C:\Windows\system32\DRIVERS\atinavrr.sys
2011/01/01 10:58:18.0793 AtiHdmiService (8df873d0587596c1d35a9cececc61da1) C:\Windows\system32\drivers\AtiHdmi.sys
2011/01/01 10:58:18.0977 atikmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/01 10:58:19.0093 Avc (c44bdd77e06053cf5afe046f3a47c16b) C:\Windows\system32\DRIVERS\avc.sys
2011/01/01 10:58:19.0176 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/01/01 10:58:19.0238 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/01/01 10:58:19.0330 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/01/01 10:58:19.0376 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/01 10:58:19.0420 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/01 10:58:19.0462 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/01 10:58:19.0492 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/01 10:58:19.0540 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/01/01 10:58:19.0575 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/01 10:58:19.0608 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/01 10:58:19.0638 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/01 10:58:19.0692 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/01/01 10:58:19.0728 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/01 10:58:19.0769 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/01/01 10:58:19.0826 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2011/01/01 10:58:19.0876 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2011/01/01 10:58:19.0936 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\Windows\system32\drivers\btusbflt.sys
2011/01/01 10:58:20.0023 btwaudio (f8b4f60768328faa2ffe2727f66809f8) C:\Windows\system32\drivers\btwaudio.sys
2011/01/01 10:58:20.0055 btwavdt (fa7446dd38de84d4988d1f2ebb854589) C:\Windows\system32\DRIVERS\btwavdt.sys
2011/01/01 10:58:20.0100 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/01/01 10:58:20.0158 btwrchid (d5862fbc1cbc0404614fd9d85c8d880e) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/01/01 10:58:20.0208 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/01 10:58:20.0260 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/01 10:58:20.0311 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/01 10:58:20.0373 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/01/01 10:58:20.0458 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/01 10:58:20.0495 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/01 10:58:20.0542 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/01/01 10:58:20.0577 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/01 10:58:20.0647 CompFilter (216f2c5cd4b5858d9a80a09a5479562b) C:\Windows\system32\DRIVERS\lvbusflt.sys
2011/01/01 10:58:20.0696 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/01 10:58:20.0737 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/01 10:58:20.0822 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/01/01 10:58:20.0869 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/01/01 10:58:20.0914 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/01/01 10:58:21.0000 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/01/01 10:58:21.0132 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/01/01 10:58:21.0184 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/01/01 10:58:21.0242 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/01 10:58:21.0300 e1express (cf0a6015f437161698c5b2a0a12cf052) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/01/01 10:58:21.0417 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/01/01 10:58:21.0550 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/01/01 10:58:21.0625 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/01 10:58:21.0697 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/01/01 10:58:21.0732 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/01 10:58:21.0793 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/01/01 10:58:21.0832 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/01/01 10:58:21.0884 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/01 10:58:21.0923 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/01/01 10:58:21.0962 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/01/01 10:58:22.0003 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/01 10:58:22.0043 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/01/01 10:58:22.0089 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/01/01 10:58:22.0117 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/01 10:58:22.0177 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/01 10:58:22.0224 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/01 10:58:22.0279 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/01 10:58:22.0365 hcw18bda (2edbcbf69f9a3512ddab978067be4d20) C:\Windows\system32\drivers\hcw18bda.sys
2011/01/01 10:58:22.0401 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/01 10:58:22.0501 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/01/01 10:58:22.0557 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/01 10:58:22.0621 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/01 10:58:22.0707 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/01 10:58:22.0748 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/01 10:58:22.0802 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/01 10:58:22.0872 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/01 10:58:22.0937 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/01/01 10:58:22.0976 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/01 10:58:23.0020 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/01 10:58:23.0070 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/01 10:58:23.0136 ICDUSB2 (60b044a221cf76cc6077b0c3e9136cff) C:\Windows\system32\Drivers\ICDUSB2.sys
2011/01/01 10:58:23.0300 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/01/01 10:58:23.0387 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/01 10:58:23.0548 IntcAzAudAddService (bdc429c7ebdac534a959bf179ff4c63e) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/01 10:58:23.0646 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/01 10:58:23.0686 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/01 10:58:23.0746 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/01 10:58:23.0802 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/01 10:58:23.0838 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/01/01 10:58:23.0896 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/01/01 10:58:23.0930 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/01 10:58:23.0996 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/01 10:58:24.0037 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/01 10:58:24.0070 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/01 10:58:24.0105 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/01 10:58:24.0173 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/01 10:58:24.0250 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/01 10:58:24.0431 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
2011/01/01 10:58:24.0519 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
2011/01/01 10:58:24.0572 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
2011/01/01 10:58:24.0629 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/01 10:58:24.0663 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/01 10:58:24.0692 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/01 10:58:24.0733 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/01 10:58:24.0784 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/01/01 10:58:24.0849 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/01/01 10:58:24.0884 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\Windows\system32\Drivers\LVPr2Mon.sys
2011/01/01 10:58:24.0960 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\Windows\system32\DRIVERS\lvrs.sys
2011/01/01 10:58:25.0089 LVUVC (3703406af0726badd24c5e552493e5b1) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/01/01 10:58:25.0206 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/01/01 10:58:25.0282 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
2011/01/01 10:58:25.0360 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\Windows\system32\drivers\mbam.sys
2011/01/01 10:58:25.0415 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/01/01 10:58:25.0505 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/01 10:58:25.0569 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/01 10:58:25.0634 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/01/01 10:58:25.0681 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/01 10:58:25.0730 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/01 10:58:25.0776 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/01 10:58:25.0808 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/01/01 10:58:25.0842 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/01 10:58:25.0880 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/01 10:58:25.0930 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/01/01 10:58:25.0978 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/01 10:58:26.0026 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/01 10:58:26.0059 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/01 10:58:26.0097 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/01 10:58:26.0151 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/01 10:58:26.0248 MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
2011/01/01 10:58:26.0293 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/01/01 10:58:26.0326 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/01 10:58:26.0399 MSHUSBVideo (5119ffc2a6b51089cdb0efdc75808c97) C:\Windows\system32\Drivers\nx6000.sys
2011/01/01 10:58:26.0431 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/01 10:58:26.0488 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/01 10:58:26.0518 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/01 10:58:26.0558 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/01/01 10:58:26.0618 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/01/01 10:58:26.0649 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/01 10:58:26.0704 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/01/01 10:58:26.0741 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/01 10:58:26.0776 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/01/01 10:58:26.0837 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/01 10:58:26.0969 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20101231.002\NAVENG.SYS
2011/01/01 10:58:27.0039 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20101231.002\NAVEX15.SYS
2011/01/01 10:58:27.0105 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/01/01 10:58:27.0151 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/01 10:58:27.0204 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/01 10:58:27.0243 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/01 10:58:27.0284 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/01 10:58:27.0356 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/01/01 10:58:27.0418 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/01 10:58:27.0454 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/01 10:58:27.0521 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/01 10:58:27.0572 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/01/01 10:58:27.0612 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/01 10:58:27.0671 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/01/01 10:58:27.0839 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/01/01 10:58:27.0883 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/01 10:58:27.0924 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/01 10:58:27.0966 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/01 10:58:28.0015 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/01 10:58:28.0096 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/01/01 10:58:28.0130 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/01/01 10:58:28.0168 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/01 10:58:28.0208 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/01/01 10:58:28.0242 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/01/01 10:58:28.0297 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/01 10:58:28.0378 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\Windows\system32\drivers\PCTCore.sys
2011/01/01 10:58:28.0414 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/01/01 10:58:28.0455 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/01/01 10:58:28.0571 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/01 10:58:28.0612 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/01/01 10:58:28.0676 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/01 10:58:28.0725 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/01/01 10:58:28.0794 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/01 10:58:28.0853 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/01 10:58:28.0900 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/01 10:58:28.0930 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/01 10:58:28.0991 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/01 10:58:29.0029 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/01 10:58:29.0072 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/01 10:58:29.0101 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/01 10:58:29.0138 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/01 10:58:29.0179 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/01 10:58:29.0213 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/01 10:58:29.0268 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/01 10:58:29.0304 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/01 10:58:29.0352 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/01/01 10:58:29.0398 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/01/01 10:58:29.0473 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/01/01 10:58:29.0538 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/01 10:58:29.0645 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/01 10:58:29.0688 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/01 10:58:29.0765 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/01 10:58:29.0820 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/01 10:58:29.0862 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/01/01 10:58:29.0907 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/01 10:58:29.0993 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/01 10:58:30.0042 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/01 10:58:30.0082 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/01 10:58:30.0118 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/01 10:58:30.0248 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/01/01 10:58:30.0292 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/01 10:58:30.0330 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/01 10:58:30.0386 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/01/01 10:58:30.0606 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2011/01/01 10:58:30.0650 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/01/01 10:58:30.0743 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
2011/01/01 10:58:30.0827 SRTSP (1b2a1c6bc76e1ebe8bc2f4a4f3d43e23) C:\Windows\system32\Drivers\SRTSP.SYS
2011/01/01 10:58:30.0870 SRTSPL (f01a7f6e60e95fe83345cf92728a32d4) C:\Windows\system32\Drivers\SRTSPL.SYS
2011/01/01 10:58:30.0924 SRTSPX (d02812f89e18c6fb32f901be1e10bc17) C:\Windows\system32\Drivers\SRTSPX.SYS
2011/01/01 10:58:30.0983 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/01 10:58:31.0063 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/01 10:58:31.0106 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/01 10:58:31.0165 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/01 10:58:31.0214 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
2011/01/01 10:58:31.0291 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/01 10:58:31.0368 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
2011/01/01 10:58:31.0433 SYMREDRV (7f4011a719bf30e3dbd84d3a0a45c91c) C:\Windows\System32\Drivers\SYMREDRV.SYS
2011/01/01 10:58:31.0507 SYMTDI (2f03cbdb0f22278d05d5d616c993ab58) C:\Windows\System32\Drivers\SYMTDI.SYS
2011/01/01 10:58:31.0626 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/01/01 10:58:31.0700 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/01 10:58:31.0739 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/01 10:58:31.0777 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/01/01 10:58:31.0809 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/01/01 10:58:31.0848 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/01 10:58:31.0877 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/01 10:58:31.0951 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/01 10:58:32.0011 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/01 10:58:32.0048 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/01 10:58:32.0087 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/01 10:58:32.0140 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/01 10:58:32.0197 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/01 10:58:32.0247 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/01 10:58:32.0321 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/01/01 10:58:32.0383 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/01/01 10:58:32.0445 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/01/01 10:58:32.0481 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/01 10:58:32.0530 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/01 10:58:32.0592 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/01/01 10:58:32.0624 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/01 10:58:32.0660 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/01 10:58:32.0729 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/01/01 10:58:32.0765 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/01 10:58:32.0801 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/01 10:58:32.0848 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/01 10:58:32.0886 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/01 10:58:32.0947 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/01/01 10:58:32.0995 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/01 10:58:33.0038 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/01 10:58:33.0076 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/01/01 10:58:33.0115 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/01 10:58:33.0158 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/01/01 10:58:33.0194 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/01/01 10:58:33.0233 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/01 10:58:33.0262 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/01 10:58:33.0307 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/01/01 10:58:33.0348 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/01 10:58:33.0401 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/01 10:58:33.0482 VSTHWBS2 (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS
2011/01/01 10:58:33.0552 VST_DPV (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/01/01 10:58:33.0615 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/01/01 10:58:33.0703 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/01 10:58:33.0755 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/01 10:58:33.0778 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/01 10:58:33.0860 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/01/01 10:58:33.0903 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/01 10:58:33.0998 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/01 10:58:34.0030 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/01/01 10:58:34.0083 winachsf (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/01/01 10:58:34.0207 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/01/01 10:58:34.0278 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/01 10:58:34.0379 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/01 10:58:34.0436 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/01/01 10:58:34.0554 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/01 10:58:34.0760 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/01/01 10:58:34.0769 ================================================================================
2011/01/01 10:58:34.0769 Scan finished
2011/01/01 10:58:34.0769 ================================================================================
2011/01/01 10:58:34.0794 Detected object count: 1
2011/01/01 10:58:40.0898 \HardDisk1 - will be cured after reboot
2011/01/01 10:58:40.0901 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure
2011/01/01 10:59:46.0631 Deinitialize success
 
OTL logs:

OTL logfile created on: 1/1/2011 11:16:44 AM - Run 1
OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\matt small\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.04 Gb Total Space | 102.85 Gb Free Space | 37.67% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.71 Gb Free Space | 57.10% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 314.96 Gb Free Space | 33.81% Space Free | Partition Type: NTFS

Computer Name: MATT | User Name: matt small | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/12/20 18:08:56 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/25 00:13:13 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/11/24 21:45:32 | 000,397,176 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe
PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/10/15 07:05:05 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/01 01:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/06 20:51:10 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/07/06 20:50:42 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/07/01 15:49:15 | 002,397,424 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/06/13 19:59:20 | 000,800,032 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010/03/01 19:37:28 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/01/24 10:03:50 | 000,020,480 | ---- | M] () -- C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/11/07 07:54:54 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\matt small\Program Files\DNA\btdna.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/12 11:33:26 | 000,046,824 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008/12/11 18:07:40 | 006,703,648 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2008/09/29 04:09:20 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/09/25 16:49:22 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/01/29 21:19:34 | 000,041,472 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe
PRC - [2007/10/29 12:21:20 | 000,118,784 | ---- | M] () -- C:\Program Files\AnywhereTS\srv\tftpd32.exe
PRC - [2007/10/29 12:21:20 | 000,036,864 | ---- | M] (Nick Rozanski (Nick@Rozanski.com)) -- C:\Program Files\AnywhereTS\srv\srvstart.exe
PRC - [2007/09/27 04:36:58 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/09/26 20:05:56 | 000,734,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2007/09/12 17:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/08/03 15:09:34 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/28 05:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe


========== Modules (SafeList) ==========

MOD - [2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/06 20:50:42 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdcoreservice)
SRV - [2010/03/11 18:02:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/03/01 19:37:28 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/01/24 10:03:50 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe -- (MCEBuddy)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/10/12 11:33:26 | 000,046,824 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009/07/27 21:32:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008/09/29 04:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/09/25 16:49:22 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2008/01/29 21:19:34 | 000,041,472 | ---- | M] (Orb Networks) [Auto | Running] -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe -- (OrbMediaService)
SRV - [2007/10/29 12:21:20 | 000,036,864 | ---- | M] (Nick Rozanski (Nick@Rozanski.com)) [Auto | Running] -- C:\Program Files\AnywhereTS\srv\srvstart.exe -- (TS_TFTP)
SRV - [2007/09/27 04:55:38 | 001,862,144 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007/09/27 04:36:58 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2007/09/12 17:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 17:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/28 05:34:26 | 000,122,008 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/17 04:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101231.002\navex15.sys -- (NAVEX15)
DRV - [2010/12/17 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101231.002\naveng.sys -- (NAVENG)
DRV - [2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/11/25 00:11:25 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/10 02:49:50 | 004,323,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUVC.sys -- (LVUVC) Logitech HD Pro Webcam C910(UVC)
DRV - [2010/11/10 02:48:12 | 000,283,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/11/10 02:46:28 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/07/06 21:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/07/06 21:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/07/06 20:15:24 | 000,210,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/06/19 17:04:56 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2010/06/19 17:04:56 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2010/06/19 17:04:56 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010/06/19 17:04:56 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2010/06/19 17:04:56 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2010/05/28 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/28 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/06 04:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/01/29 01:03:58 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/04 09:11:04 | 001,084,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2009/09/23 18:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/09/16 15:55:25 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:27 | 000,046,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2009/07/13 18:51:27 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2009/07/13 18:51:25 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2009/07/13 18:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 17:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2009/07/13 17:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2009/07/13 17:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/28 14:46:18 | 000,391,296 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/01/05 19:11:04 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/12/11 17:23:08 | 002,250,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/18 06:13:45 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/02/29 09:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/28 14:31:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/01/14 05:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/04/09 08:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 08:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 08:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/03 18:26:32 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/12/03 18:26:32 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/12/03 18:26:22 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/22 15:17:06 | 000,274,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2006/11/22 15:17:06 | 000,247,144 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2006/11/22 15:17:06 | 000,025,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/11/28 20:23:24 | 000,039,048 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IcdUsb2.sys -- (ICDUSB2) Sony IC Recorder (P)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070927

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://secure.logmein.com/login.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://facebook.com"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.586
FF - prefs.js..extensions.enabledItems: {dc0fa13c-3dae-73eb-e852-912722c852f9}:0.3
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: fastYoutubeDownloader@yevgenyandrov.net:1.2.2
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: btpersonas@brandthunder.com:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/01 19:08:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 21:43:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/25 20:10:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 20:10:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/25 20:10:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/12/25 20:10:57 | 000,000,000 | ---D | M]

[2010/09/18 13:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions
[2010/09/18 13:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/03/06 00:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/01/01 01:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (NY Yankees) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{0502c898-4754-11dc-8314-0800200c9a66}
[2010/09/24 07:49:17 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/12/21 22:07:42 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/05/17 14:22:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (Unofficial Google Translate Firefox extension) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{3eaacb33-878f-44fa-b4cd-6e67cbaf828b}
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (Tar Heels) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{43eb9f3e-3d32-11dc-8314-0800200c9a66}
[2010/09/17 22:00:34 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010/01/06 17:57:43 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/01/06 17:57:43 | 000,000,000 | ---D | M] (Blue Ice 2 lite) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{c5b48c50-0394-11dd-95ff-0800200c9a66}
[2010/10/08 13:22:14 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/04/01 07:56:46 | 000,000,000 | ---D | M] (MileWideBack) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}
[2010/06/17 15:42:48 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/08/12 12:52:20 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/11/25 12:31:05 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/06/11 22:25:16 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/11/25 12:31:07 | 000,000,000 | ---D | M] ("Personas Interactive") -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\btpersonas@brandthunder.com
[2010/06/11 22:25:16 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\fastYoutubeDownloader@yevgenyandrov.net
[2010/05/05 11:32:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\LogMeInClient@logmein.com
[2010/09/13 15:16:45 | 000,000,000 | ---D | M] (Personas) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\personas@christopher.beard
[2010/11/10 21:26:35 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\smarterwiki@wikiatic.com
[2010/08/25 11:01:48 | 000,002,273 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\searchplugins\ask.xml
[2010/10/21 07:25:58 | 000,000,908 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\searchplugins\bing.xml
[2010/12/23 12:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/15 13:03:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/08/13 18:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 20:10:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 23:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/23 12:36:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/05 21:43:41 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/01/06 17:57:40 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\MATT SMALL\APPDATA\ROAMING\MOVE NETWORKS
[2011/01/01 11:13:34 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\MATT SMALL\PROGRAM FILES\DNA
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/06/28 23:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/12/30 19:15:17 | 000,001,919 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing-zugo.xml
 
Hosts file not found
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\matt small\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MLB.TV NexDef Plug-in.lnk = C:\Users\matt small\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: webattend.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: webtrain.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {21C6245C-9408-11D7-BF3B-00E09876DF26} http://www.webattend.com/components/wt0523.cab (WebTrain.ctlWebTrain)
O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} http://www.seetoo.com/downloadAddon...stintv&c=cce877c8fbf127563&browserVersion=8.0 (SeeTooControl Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab (Reg Error: Key error.)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Justin.tv Publisher http://www.justin.tv/plugins/justintv_publisher.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop BackupWallPaper: C:\Users\matt small\AppData\Local\Microsoft\Wallpaper1.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a89fb1b1-fb10-11de-a113-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a89fb1b1-fb10-11de-a113-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


========== Files/Folders - Created Within 30 Days ==========

[2011/01/01 11:12:29 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
[2010/12/30 21:14:30 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/12/29 17:19:52 | 000,000,000 | ---D | C] -- C:\Users\matt small\Documents\Nero Collections
[2010/12/26 18:30:54 | 000,000,000 | ---D | C] -- C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2010/12/26 18:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010/12/26 14:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/12/25 20:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2010/12/25 20:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/25 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/25 20:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/25 20:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2010/12/25 20:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 17:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2010/12/23 17:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/12/18 12:56:21 | 000,000,000 | ---D | C] -- C:\Users\matt small\AppData\Roaming\vlc
[2010/12/18 11:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2010/12/16 09:47:52 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\matt small\Desktop\TDSSKiller.exe

========== Files - Modified Within 30 Days ==========

[2011/01/01 11:13:06 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/01 11:13:06 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
[2011/01/01 11:10:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/01 11:02:52 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/01 11:02:41 | 000,000,320 | -HS- | M] () -- C:\Windows\tasks\Fvfouxnb.job
[2011/01/01 11:02:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/01 11:02:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/01/01 11:02:11 | 2414,481,408 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/01 01:38:51 | 647,450,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/31 18:04:32 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/12/31 10:17:12 | 000,000,044 | ---- | M] () -- C:\Windows\fWUvRxp2cg
[2010/12/31 10:17:12 | 000,000,040 | ---- | M] () -- C:\Windows\HvNAoYB
[2010/12/31 10:17:12 | 000,000,039 | ---- | M] () -- C:\Windows\1OLMhRDn3y
[2010/12/31 10:17:12 | 000,000,038 | ---- | M] () -- C:\Windows\PgNmh
[2010/12/31 10:17:12 | 000,000,038 | ---- | M] () -- C:\Windows\bOljP6a
[2010/12/31 10:17:12 | 000,000,037 | ---- | M] () -- C:\Windows\MkxTP
[2010/12/31 10:17:12 | 000,000,034 | ---- | M] () -- C:\Windows\YLjdu
[2010/12/31 10:17:11 | 000,000,047 | ---- | M] () -- C:\Windows\barSpv
[2010/12/31 10:17:11 | 000,000,046 | ---- | M] () -- C:\Windows\vQYeKvcTJ
[2010/12/31 10:17:11 | 000,000,046 | ---- | M] () -- C:\Windows\jEOVv7j
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\WxRDxhb
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\E7XYuH
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\8bACfHV2
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\3TpxMDn
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\KpQXh
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\kawxBoK
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\85laC
[2010/12/31 10:17:11 | 000,000,040 | ---- | M] () -- C:\Windows\vj6gvqs33S
[2010/12/31 10:17:11 | 000,000,040 | ---- | M] () -- C:\Windows\JJCQj1FmH
[2010/12/31 10:17:11 | 000,000,039 | ---- | M] () -- C:\Windows\nMVm8r6o
[2010/12/31 10:17:11 | 000,000,039 | ---- | M] () -- C:\Windows\5m41mFM
[2010/12/31 10:17:11 | 000,000,038 | ---- | M] () -- C:\Windows\UvlmrA2ola
[2010/12/31 10:17:11 | 000,000,037 | ---- | M] () -- C:\Windows\iRJNwHtECY
[2010/12/31 10:17:11 | 000,000,036 | ---- | M] () -- C:\Windows\pYNAj4
[2010/12/31 10:17:11 | 000,000,033 | ---- | M] () -- C:\Windows\OT3bqteG4t
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\Yg3iiJAi
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\r13H1
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\NGXAcns
[2010/12/31 10:17:11 | 000,000,031 | ---- | M] () -- C:\Windows\wilGbJ
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\NBxYe
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\NBxM25pb6
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\CxkxwNkl
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\83s1Ja
[2010/12/31 10:17:11 | 000,000,028 | ---- | M] () -- C:\Windows\YVcEmCWHJ
[2010/12/31 10:17:11 | 000,000,028 | ---- | M] () -- C:\Windows\EnRvpsGXl
[2010/12/31 10:17:11 | 000,000,027 | ---- | M] () -- C:\Windows\kYFJJM
[2010/12/31 10:17:11 | 000,000,026 | ---- | M] () -- C:\Windows\JDQqAopPbx
[2010/12/31 10:17:10 | 000,000,049 | ---- | M] () -- C:\Windows\6BuURPM3
[2010/12/31 10:17:10 | 000,000,047 | ---- | M] () -- C:\Windows\sVYIGbx
[2010/12/31 10:17:10 | 000,000,046 | ---- | M] () -- C:\Windows\IKDFk1Bqm5
[2010/12/31 10:17:10 | 000,000,042 | ---- | M] () -- C:\Windows\4fBLU
[2010/12/31 10:17:10 | 000,000,041 | ---- | M] () -- C:\Windows\I7P6J
[2010/12/31 10:17:10 | 000,000,039 | ---- | M] () -- C:\Windows\6jIuPMc52
[2010/12/31 10:17:10 | 000,000,039 | ---- | M] () -- C:\Windows\1glFrPN
[2010/12/31 10:17:10 | 000,000,038 | ---- | M] () -- C:\Windows\YsCtBEDlRQ
[2010/12/31 10:17:10 | 000,000,038 | ---- | M] () -- C:\Windows\KigOuxgJH6
[2010/12/31 10:17:10 | 000,000,035 | ---- | M] () -- C:\Windows\RYQlGJY
[2010/12/31 10:17:10 | 000,000,035 | ---- | M] () -- C:\Windows\K2mx685E
[2010/12/31 10:17:10 | 000,000,034 | ---- | M] () -- C:\Windows\yJOAWI
[2010/12/31 10:17:10 | 000,000,033 | ---- | M] () -- C:\Windows\p3nTg
[2010/12/31 10:17:10 | 000,000,032 | ---- | M] () -- C:\Windows\afd8Sb
[2010/12/31 10:17:10 | 000,000,031 | ---- | M] () -- C:\Windows\OXHEq
[2010/12/31 10:17:10 | 000,000,031 | ---- | M] () -- C:\Windows\c4ex56ADv
[2010/12/31 10:17:10 | 000,000,028 | ---- | M] () -- C:\Windows\O1lfT
[2010/12/31 10:17:10 | 000,000,028 | ---- | M] () -- C:\Windows\CM7esEYs
[2010/12/31 10:17:10 | 000,000,027 | ---- | M] () -- C:\Windows\NycIN
[2010/12/31 10:17:10 | 000,000,026 | ---- | M] () -- C:\Windows\V7NlaT6Ru
[2010/12/31 10:17:10 | 000,000,024 | ---- | M] () -- C:\Windows\AgdRtKVja
[2010/12/31 10:17:09 | 000,000,048 | ---- | M] () -- C:\Windows\isAoO2VgbB
[2010/12/31 10:17:09 | 000,000,047 | ---- | M] () -- C:\Windows\edsJS7
[2010/12/31 10:17:09 | 000,000,046 | ---- | M] () -- C:\Windows\kK6DbQNE
[2010/12/31 10:17:09 | 000,000,040 | ---- | M] () -- C:\Windows\OLHGO
[2010/12/31 10:17:09 | 000,000,038 | ---- | M] () -- C:\Windows\l8CjEByRl
[2010/12/31 10:17:09 | 000,000,037 | ---- | M] () -- C:\Windows\Hhrq2xl
[2010/12/31 10:17:09 | 000,000,032 | ---- | M] () -- C:\Windows\mrTx7n
[2010/12/31 10:17:09 | 000,000,030 | ---- | M] () -- C:\Windows\gfQXFJs2T4
[2010/12/31 10:17:09 | 000,000,029 | ---- | M] () -- C:\Windows\2qSFUGj
[2010/12/31 10:17:09 | 000,000,028 | ---- | M] () -- C:\Windows\75rjFy
[2010/12/31 10:17:09 | 000,000,026 | ---- | M] () -- C:\Windows\emr7v
[2010/12/31 10:17:08 | 000,000,037 | ---- | M] () -- C:\Windows\Fg8CxnqsW
[2010/12/31 10:17:08 | 000,000,036 | ---- | M] () -- C:\Windows\8EyyTVJ
[2010/12/31 10:17:08 | 000,000,035 | ---- | M] () -- C:\Windows\3JNHKvN
[2010/12/31 10:17:08 | 000,000,034 | ---- | M] () -- C:\Windows\gtf7k77cD
[2010/12/31 10:17:08 | 000,000,032 | ---- | M] () -- C:\Windows\olkmGq3T
[2010/12/31 10:17:08 | 000,000,030 | ---- | M] () -- C:\Windows\qsijfwGf1
[2010/12/31 10:17:08 | 000,000,026 | ---- | M] () -- C:\Windows\ImsaYbSth2
[2010/12/31 10:17:07 | 000,000,038 | ---- | M] () -- C:\Windows\FDYCYdA
[2010/12/31 10:17:07 | 000,000,038 | ---- | M] () -- C:\Windows\6Myk2cOdi
[2010/12/31 10:17:07 | 000,000,036 | ---- | M] () -- C:\Windows\TFJXH
[2010/12/31 10:17:07 | 000,000,035 | ---- | M] () -- C:\Windows\Kg4AHHaJT
[2010/12/31 10:17:07 | 000,000,034 | ---- | M] () -- C:\Windows\UhdTFg
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\WVTQYW
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\oG6bwr8
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\bHdc7B
[2010/12/31 10:17:07 | 000,000,031 | ---- | M] () -- C:\Windows\jDq13M24
[2010/12/31 10:17:07 | 000,000,028 | ---- | M] () -- C:\Windows\eTUPgK1E
[2010/12/31 10:17:07 | 000,000,026 | ---- | M] () -- C:\Windows\5y6AbV
[2010/12/31 10:17:06 | 000,000,049 | ---- | M] () -- C:\Windows\yjW3C7
[2010/12/31 10:17:06 | 000,000,045 | ---- | M] () -- C:\Windows\VTYjhMX
[2010/12/31 10:17:06 | 000,000,043 | ---- | M] () -- C:\Windows\PUyVE
[2010/12/31 10:17:06 | 000,000,041 | ---- | M] () -- C:\Windows\eaHyr8
[2010/12/31 10:17:06 | 000,000,036 | ---- | M] () -- C:\Windows\SEGqplv
[2010/12/31 10:17:06 | 000,000,036 | ---- | M] () -- C:\Windows\AQaRnS
[2010/12/31 10:17:06 | 000,000,035 | ---- | M] () -- C:\Windows\ndqLdox
[2010/12/31 10:17:06 | 000,000,032 | ---- | M] () -- C:\Windows\kSSdatQgG
[2010/12/31 10:17:06 | 000,000,031 | ---- | M] () -- C:\Windows\SJSVKUKSkx
[2010/12/31 10:17:06 | 000,000,025 | ---- | M] () -- C:\Windows\T61NCh
[2010/12/31 00:30:46 | 000,013,834 | ---- | M] () -- C:\Users\matt small\Documents\cc_20101231_003040.reg
[2010/12/30 21:21:29 | 000,000,112 | ---- | M] () -- C:\ProgramData\EdC4677J4.dat
[2010/12/29 17:20:11 | 000,000,029 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\default.rss
[2010/12/29 17:19:52 | 000,000,000 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\downloads.m3u
[2010/12/26 14:29:40 | 000,067,148 | ---- | M] () -- C:\Users\matt small\Documents\cc_20101226_142836.reg
[2010/12/26 14:25:09 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/25 21:07:07 | 000,673,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/25 21:07:07 | 000,124,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/25 20:20:31 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/23 14:05:31 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/21 17:04:14 | 000,024,981 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/12/21 11:02:00 | 005,474,848 | ---- | M] () -- C:\Users\matt small\Documents\GraduationInvitation.png
[2010/12/20 19:14:36 | 000,001,937 | ---- | M] () -- C:\Users\matt small\Desktop\On-Screen Keyboard.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/20 15:36:57 | 014,029,420 | ---- | M] () -- C:\Users\matt small\Documents\GraduationInvitation.psd
[2010/12/18 11:00:06 | 019,985,265 | ---- | M] () -- C:\Users\matt small\Documents\vlc-1.1.5-win32.exe
[2010/12/16 09:47:52 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\matt small\Desktop\TDSSKiller.exe
[2010/12/16 03:32:41 | 002,712,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2010/12/08 13:11:44 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll

========== Files Created - No Company Name ==========

[2010/12/31 10:17:12 | 000,000,044 | ---- | C] () -- C:\Windows\fWUvRxp2cg
[2010/12/31 10:17:12 | 000,000,040 | ---- | C] () -- C:\Windows\HvNAoYB
[2010/12/31 10:17:12 | 000,000,039 | ---- | C] () -- C:\Windows\1OLMhRDn3y
[2010/12/31 10:17:12 | 000,000,038 | ---- | C] () -- C:\Windows\bOljP6a
[2010/12/31 10:17:12 | 000,000,037 | ---- | C] () -- C:\Windows\MkxTP
[2010/12/31 10:17:12 | 000,000,034 | ---- | C] () -- C:\Windows\YLjdu
[2010/12/31 10:17:11 | 000,000,047 | ---- | C] () -- C:\Windows\barSpv
[2010/12/31 10:17:11 | 000,000,046 | ---- | C] () -- C:\Windows\vQYeKvcTJ
[2010/12/31 10:17:11 | 000,000,046 | ---- | C] () -- C:\Windows\jEOVv7j
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\WxRDxhb
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\E7XYuH
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\8bACfHV2
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\3TpxMDn
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\KpQXh
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\kawxBoK
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\85laC
[2010/12/31 10:17:11 | 000,000,040 | ---- | C] () -- C:\Windows\vj6gvqs33S
[2010/12/31 10:17:11 | 000,000,040 | ---- | C] () -- C:\Windows\JJCQj1FmH
[2010/12/31 10:17:11 | 000,000,039 | ---- | C] () -- C:\Windows\nMVm8r6o
[2010/12/31 10:17:11 | 000,000,039 | ---- | C] () -- C:\Windows\5m41mFM
[2010/12/31 10:17:11 | 000,000,038 | ---- | C] () -- C:\Windows\UvlmrA2ola
[2010/12/31 10:17:11 | 000,000,038 | ---- | C] () -- C:\Windows\PgNmh
[2010/12/31 10:17:11 | 000,000,037 | ---- | C] () -- C:\Windows\iRJNwHtECY
[2010/12/31 10:17:11 | 000,000,036 | ---- | C] () -- C:\Windows\pYNAj4
[2010/12/31 10:17:11 | 000,000,033 | ---- | C] () -- C:\Windows\OT3bqteG4t
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\Yg3iiJAi
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\r13H1
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\NGXAcns
[2010/12/31 10:17:11 | 000,000,031 | ---- | C] () -- C:\Windows\wilGbJ
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\NBxYe
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\NBxM25pb6
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\CxkxwNkl
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\83s1Ja
[2010/12/31 10:17:11 | 000,000,028 | ---- | C] () -- C:\Windows\YVcEmCWHJ
[2010/12/31 10:17:11 | 000,000,028 | ---- | C] () -- C:\Windows\EnRvpsGXl
[2010/12/31 10:17:11 | 000,000,027 | ---- | C] () -- C:\Windows\kYFJJM
[2010/12/31 10:17:11 | 000,000,026 | ---- | C] () -- C:\Windows\JDQqAopPbx
[2010/12/31 10:17:10 | 000,000,049 | ---- | C] () -- C:\Windows\6BuURPM3
[2010/12/31 10:17:10 | 000,000,047 | ---- | C] () -- C:\Windows\sVYIGbx
[2010/12/31 10:17:10 | 000,000,046 | ---- | C] () -- C:\Windows\IKDFk1Bqm5
[2010/12/31 10:17:10 | 000,000,042 | ---- | C] () -- C:\Windows\4fBLU
[2010/12/31 10:17:10 | 000,000,041 | ---- | C] () -- C:\Windows\I7P6J
[2010/12/31 10:17:10 | 000,000,039 | ---- | C] () -- C:\Windows\6jIuPMc52
[2010/12/31 10:17:10 | 000,000,039 | ---- | C] () -- C:\Windows\1glFrPN
[2010/12/31 10:17:10 | 000,000,038 | ---- | C] () -- C:\Windows\YsCtBEDlRQ
[2010/12/31 10:17:10 | 000,000,038 | ---- | C] () -- C:\Windows\KigOuxgJH6
[2010/12/31 10:17:10 | 000,000,035 | ---- | C] () -- C:\Windows\RYQlGJY
[2010/12/31 10:17:10 | 000,000,035 | ---- | C] () -- C:\Windows\K2mx685E
[2010/12/31 10:17:10 | 000,000,034 | ---- | C] () -- C:\Windows\yJOAWI
[2010/12/31 10:17:10 | 000,000,033 | ---- | C] () -- C:\Windows\p3nTg
[2010/12/31 10:17:10 | 000,000,032 | ---- | C] () -- C:\Windows\afd8Sb
[2010/12/31 10:17:10 | 000,000,031 | ---- | C] () -- C:\Windows\OXHEq
[2010/12/31 10:17:10 | 000,000,031 | ---- | C] () -- C:\Windows\c4ex56ADv
[2010/12/31 10:17:10 | 000,000,028 | ---- | C] () -- C:\Windows\O1lfT
[2010/12/31 10:17:10 | 000,000,028 | ---- | C] () -- C:\Windows\CM7esEYs
[2010/12/31 10:17:10 | 000,000,027 | ---- | C] () -- C:\Windows\NycIN
[2010/12/31 10:17:10 | 000,000,026 | ---- | C] () -- C:\Windows\V7NlaT6Ru
[2010/12/31 10:17:10 | 000,000,024 | ---- | C] () -- C:\Windows\AgdRtKVja
[2010/12/31 10:17:09 | 000,000,048 | ---- | C] () -- C:\Windows\isAoO2VgbB
[2010/12/31 10:17:09 | 000,000,047 | ---- | C] () -- C:\Windows\edsJS7
[2010/12/31 10:17:09 | 000,000,046 | ---- | C] () -- C:\Windows\kK6DbQNE
[2010/12/31 10:17:09 | 000,000,040 | ---- | C] () -- C:\Windows\OLHGO
[2010/12/31 10:17:09 | 000,000,038 | ---- | C] () -- C:\Windows\l8CjEByRl
[2010/12/31 10:17:09 | 000,000,037 | ---- | C] () -- C:\Windows\Hhrq2xl
[2010/12/31 10:17:09 | 000,000,032 | ---- | C] () -- C:\Windows\mrTx7n
[2010/12/31 10:17:09 | 000,000,030 | ---- | C] () -- C:\Windows\gfQXFJs2T4
[2010/12/31 10:17:09 | 000,000,029 | ---- | C] () -- C:\Windows\2qSFUGj
[2010/12/31 10:17:09 | 000,000,028 | ---- | C] () -- C:\Windows\75rjFy
[2010/12/31 10:17:09 | 000,000,026 | ---- | C] () -- C:\Windows\emr7v
[2010/12/31 10:17:08 | 000,000,037 | ---- | C] () -- C:\Windows\Fg8CxnqsW
[2010/12/31 10:17:08 | 000,000,036 | ---- | C] () -- C:\Windows\8EyyTVJ
[2010/12/31 10:17:08 | 000,000,035 | ---- | C] () -- C:\Windows\3JNHKvN
[2010/12/31 10:17:08 | 000,000,034 | ---- | C] () -- C:\Windows\gtf7k77cD
[2010/12/31 10:17:08 | 000,000,032 | ---- | C] () -- C:\Windows\olkmGq3T
[2010/12/31 10:17:08 | 000,000,030 | ---- | C] () -- C:\Windows\qsijfwGf1
[2010/12/31 10:17:08 | 000,000,026 | ---- | C] () -- C:\Windows\ImsaYbSth2
[2010/12/31 10:17:07 | 000,000,038 | ---- | C] () -- C:\Windows\FDYCYdA
[2010/12/31 10:17:07 | 000,000,038 | ---- | C] () -- C:\Windows\6Myk2cOdi
[2010/12/31 10:17:07 | 000,000,036 | ---- | C] () -- C:\Windows\TFJXH
[2010/12/31 10:17:07 | 000,000,035 | ---- | C] () -- C:\Windows\Kg4AHHaJT
[2010/12/31 10:17:07 | 000,000,034 | ---- | C] () -- C:\Windows\UhdTFg
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\WVTQYW
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\oG6bwr8
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\bHdc7B
[2010/12/31 10:17:07 | 000,000,031 | ---- | C] () -- C:\Windows\jDq13M24
[2010/12/31 10:17:07 | 000,000,028 | ---- | C] () -- C:\Windows\eTUPgK1E
[2010/12/31 10:17:07 | 000,000,026 | ---- | C] () -- C:\Windows\5y6AbV
[2010/12/31 10:17:06 | 000,000,049 | ---- | C] () -- C:\Windows\yjW3C7
[2010/12/31 10:17:06 | 000,000,045 | ---- | C] () -- C:\Windows\VTYjhMX
[2010/12/31 10:17:06 | 000,000,043 | ---- | C] () -- C:\Windows\PUyVE
[2010/12/31 10:17:06 | 000,000,041 | ---- | C] () -- C:\Windows\eaHyr8
[2010/12/31 10:17:06 | 000,000,036 | ---- | C] () -- C:\Windows\SEGqplv
[2010/12/31 10:17:06 | 000,000,036 | ---- | C] () -- C:\Windows\AQaRnS
[2010/12/31 10:17:06 | 000,000,035 | ---- | C] () -- C:\Windows\ndqLdox
[2010/12/31 10:17:06 | 000,000,032 | ---- | C] () -- C:\Windows\kSSdatQgG
[2010/12/31 10:17:06 | 000,000,031 | ---- | C] () -- C:\Windows\SJSVKUKSkx
[2010/12/31 10:17:06 | 000,000,025 | ---- | C] () -- C:\Windows\T61NCh
[2010/12/31 00:30:44 | 000,013,834 | ---- | C] () -- C:\Users\matt small\Documents\cc_20101231_003040.reg
[2010/12/30 21:21:29 | 000,000,112 | ---- | C] () -- C:\ProgramData\EdC4677J4.dat
[2010/12/29 17:19:52 | 000,000,000 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\downloads.m3u
[2010/12/26 18:29:56 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/12/26 14:28:44 | 000,067,148 | ---- | C] () -- C:\Users\matt small\Documents\cc_20101226_142836.reg
[2010/12/26 14:25:09 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/25 20:20:31 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/21 17:04:13 | 000,024,981 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/12/21 11:01:55 | 005,474,848 | ---- | C] () -- C:\Users\matt small\Documents\GraduationInvitation.png
[2010/12/20 15:36:54 | 014,029,420 | ---- | C] () -- C:\Users\matt small\Documents\GraduationInvitation.psd
[2010/12/18 10:59:32 | 019,985,265 | ---- | C] () -- C:\Users\matt small\Documents\vlc-1.1.5-win32.exe
[2010/11/24 23:56:31 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/11/10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/11/10 02:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/06/18 12:15:59 | 000,237,568 | R--- | C] () -- C:\Windows\System32\qtmlClient.dll
[2010/06/18 12:15:59 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010/05/17 15:25:17 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/05/13 23:03:29 | 000,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2010/05/13 23:03:06 | 000,010,600 | R--- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2010/05/13 23:03:05 | 000,124,264 | R--- | C] () -- C:\Windows\System32\mp3dec.dll
[2010/05/13 23:03:05 | 000,081,920 | R--- | C] () -- C:\Windows\System32\dsp_trc.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2010/01/18 11:17:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/17 13:08:24 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/01/12 14:50:26 | 000,002,380 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/01/06 18:39:00 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/05 15:20:52 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/01/04 18:59:20 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/01/03 13:19:32 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/03 13:18:59 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/24 10:32:25 | 000,010,056 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).CAL
[2009/09/23 17:17:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/18 22:55:36 | 000,000,029 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\default.rss
[2009/08/11 16:46:33 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/20 13:00:21 | 000,000,004 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\7FE408
[2009/05/20 13:00:20 | 000,870,128 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\mcs.rma
[2008/12/04 17:18:28 | 000,036,581 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (Windows).ADR
[2008/10/12 15:25:29 | 000,684,032 | ---- | C] () -- C:\Windows\System32\ltmm_n.dll
[2008/08/27 10:06:25 | 000,009,884 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (Windows).CAL
[2008/08/12 14:38:43 | 000,009,913 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.bk!
[2008/08/12 14:37:28 | 000,009,817 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.bak
[2008/08/09 14:15:29 | 000,009,595 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.ini
[2008/06/10 19:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/02/08 16:13:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
[2007/09/29 23:26:33 | 000,000,000 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\wklnhst.dat
[2007/09/27 04:37:35 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2007/09/27 04:37:34 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2007/09/27 04:37:34 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/21 18:50:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll

========== LOP Check ==========

[2010/09/28 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\4Media Software Studio
[2010/01/06 17:56:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\acccore
[2010/01/06 17:56:52 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Any Video Converter
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Audacity
[2010/01/06 17:56:52 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\AVSMedia
[2011/01/01 11:23:52 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\BitTorrent
[2010/01/06 17:56:53 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Bytescout SWF To Video Scout
[2009/09/16 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\DAEMON Tools Lite
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\DNA
[2010/01/06 17:56:54 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\FileZilla
[2010/11/11 21:20:28 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\FixCleaner
[2010/01/06 17:56:54 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\GetRightToGo
[2010/01/06 17:56:58 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Leadertech
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\LimeWire
[2010/02/25 14:54:10 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\ManyCam
[2010/07/09 21:49:13 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\mkvtoolnix
[2010/01/06 17:57:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\MusicNet
[2008/05/23 11:39:37 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\NetMedia Providers
[2010/01/06 17:57:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\New Tier
[2010/06/18 12:16:41 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\proDAD
[2008/05/23 11:39:37 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Publish Providers
[2010/09/14 10:31:50 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\River Past G5
[2008/03/14 22:56:07 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Template
[2010/09/18 13:37:45 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Thunderbird
[2010/01/06 17:58:02 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Trillian
[2010/01/22 10:23:43 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Uniblue
[2008/06/15 20:00:30 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Video DVD Maker FREE
[2010/12/31 18:04:32 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/01/01 11:02:41 | 000,000,320 | -HS- | M] () -- C:\Windows\Tasks\Fvfouxnb.job
[2010/12/31 05:04:54 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2009/12/02 16:12:14 | 000,044,032 | ---- | M] (Panasonic Corporation) MD5=C69C760478573085FA11243AE15E8A28 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.0\Core\EventLog\EventLog.dll

< MD5 for: IASTOR.SYS >
[2007/04/26 05:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Drivers\storage\R154092\iastor.sys
[2007/04/26 05:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_854e9851bc5e0ffb\iaStor.sys
[2007/04/26 05:41:38 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_3926b8183d8240e3\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\matt small\Documents\OT.dmsd:Roxio EMC Stream
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\loiscard.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\housing.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\Copy of loiscard.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasv.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasv.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasthankyou.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasjricks.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasjricks.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasfront08.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasfront08.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmascousinapril.png:Updt_SummaryInformation
@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
 
OTL Extras logfile created on: 1/1/2011 11:16:44 AM - Run 1
OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\matt small\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.04 Gb Total Space | 102.85 Gb Free Space | 37.67% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.71 Gb Free Space | 57.10% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 314.96 Gb Free Space | 33.81% Space Free | Partition Type: NTFS

Computer Name: MATT | User Name: matt small | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}" = Guitar Hero III
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0FEA9A38-B993-0969-3A78-4D5CDDACEFEE}" = ATI Catalyst Install Manager
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{262BF2CD-601D-4F43-919C-4B00B1D1F338}" = Boris Graffiti
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}" = HP Officejet 6500 E709 Series
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{31ECA0DA-4EE0-8C1E-484A-C304BAA9179A}" = Catalyst Control Center Graphics Previews Common
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3878A9A3-2448-7607-01EA-0DB9E31B7242}" = Catalyst Control Center Graphics Previews Vista
"{3888fa7d-8ea9-461f-bb13-7e2e530a082c}" = Nero 9
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FEC3A5B-60FF-4626-B425-08E09B121A15}" = LogMeIn
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A5E0EE-432A-40D3-BB56-858B998EA8BB}" = AnywhereTS
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}" = AMD Drag and Drop Transcoding
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72C5B9DA-F3B1-45E2-96EF-AA6C3F42D1BB}" = Video Explosion 1.5
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{75670A63-A18E-5066-0A78-93F6865BA3AA}" = ccc-core-static
"{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}" = Data Lifeguard Diagnostic for Windows
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}" = Symantec AntiVirus
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}" = LogMeIn
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{845FDC75-F31E-A75A-4300-593CAB195847}" = ccc-utility
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1AB809-F821-4F41-8431-44A11ED1EDBA}" = TVT7Diag
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{91410E47-BB57-FF5D-8C8D-A45D22742A71}" = ATI AVIVO Codecs
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93A038DC-5F4C-4463-9847-E184E74951B6}" = Digital Cable Advisor
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94FB5B63-A65F-7E5D-560D-A79FB29EA52F}" = Catalyst Control Center InstallProxy
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007C-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Facebook 32-bit
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9699C9AA-8990-904D-FD1B-D931E437434D}" = CCC Help English
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{AF833083-331F-4EC2-8FAA-FE0B8BF12C0E}" = WebTrain Communicator
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1" = H.264 Encoder 1.5
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEEC0AD1-588C-4DD1-AD56-839120A39B06}" = MCEBuddy
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6A1E429-CCE1-4140-A615-710B806D12BA}" = Motorola Driver Installation 3.2.0
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DCF60B7D-5830-4AF6-998F-1CD79E1A4BF6}" = Microsoft LifeCam
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"4Media Video Converter Ultimate" = 4Media Video Converter Ultimate
"745D2949D37D22B578F30B5527277D1FB8BB0709" = Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417)
"7-Zip" = 7-Zip 4.57
"9B930C353B70A8D589052B35FD6D22DF019FA7A4" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419)
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"AIM_6" = AIM 6
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"Audio Converter Pro" = River Past Audio Converter Pro
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"Cinergy Script Editor" = Cinergy Script Editor
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2007-07-22
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"EasyBCD" = EasyBCD 1.7.2
"EFLVFLVCN_is1" = EasyFLV FLV Converter Ver 7 build 0.0.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free Window Registry Repair" = Free Window Registry Repair
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Video Uploader" = Google Video Uploader
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LimeWire" = LimeWire 5.6.2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKVtoolnix" = MKVtoolnix 4.2.0
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"Mpeg2Decoder_is1" = Mpeg2Decoder 1.3
"Nero8Lite_is1" = Nero 8 Lite 8.2.8.0
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Orb" = Winamp Remote
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"RealPlayer 12.0" = RealPlayer
"Right PDF Printer Server Edition_is1" = Right PDF Printer 3.6 Server Edition
"Shop for HP Supplies" = Shop for HP Supplies
"SopCast" = SopCast 2.0.4
"Spyware Doctor" = Spyware Doctor 7.0
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Trillian" = Trillian
"TVWiz" = Intel(R) TV Wizard
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Movie Maker 6.0" = Windows Movie Maker 6.0
"WinLiveSuite" = Windows Live Essentials
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"XobniMain" = Xobni
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"MIAMIFLA" = University of Miami Desktop Communicator
"Move Media Player" = Move Media Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/1/2011 2:50:08 AM | Computer Name = Matt | Source = MCEBuddy | ID = 0
Description = Error scanning commercials using ComSkip. Activity failed at 8% Time
taken: 00:10:32.4678364

Error - 1/1/2011 3:03:08 AM | Computer Name = Matt | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Risk: Trojan.ADH in File: C:\ProgramData\43XOi2ix.exe_
by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description:

Error - 1/1/2011 3:03:08 AM | Computer Name = Matt | Source = Symantec AntiVirus | ID = 16711685
Description = Risk Found!Risk: Trojan.ADH in File: C:\ProgramData\43XOi2ix.exe_
by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description:

Error - 1/1/2011 3:03:18 AM | Computer Name = Matt | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Risk: Trojan.ADH in File: C:\ProgramData\43XOi2ix.exe_
by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description:

Error - 1/1/2011 11:34:15 AM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 1/1/2011 12:06:58 PM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 1/1/2011 1:09:18 PM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 1/1/2011 2:09:47 PM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 1/1/2011 3:00:33 PM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 1/1/2011 4:05:48 PM | Computer Name = Matt | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ Media Center Events ]
Error - 12/20/2010 8:34:55 PM | Computer Name = Matt | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc004050b) ATI AVStream Analog Tuner

Error - 12/20/2010 8:35:04 PM | Computer Name = Matt | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc004050b) ATI AVStream Analog Tuner

Error - 12/20/2010 8:35:12 PM | Computer Name = Matt | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc004050b) ATI AVStream Analog Tuner

Error - 12/22/2010 3:21:31 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:21:31 AM - Failed to retrieve SportsV2 (Error: The operation has
timed out)

Error - 12/22/2010 3:21:56 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:21:56 AM - Failed to retrieve NetTV (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)

Error - 12/22/2010 3:22:30 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:22:13 AM - Failed to retrieve MCEClientUX (Error: The underlying
connection was closed: An unexpected error occurred on a receive.)

Error - 12/22/2010 3:23:01 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:22:45 AM - Failed to retrieve Broadband (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)

Error - 12/22/2010 3:24:58 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:24:41 AM - Failed to retrieve EpgListings (Error: The operation
has timed out)

Error - 12/22/2010 3:26:10 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:25:55 AM - Failed to retrieve EpgListings (Error: The underlying
connection was closed: An unexpected error occurred on a receive.)

Error - 12/22/2010 3:27:01 AM | Computer Name = Matt | Source = MCUpdate | ID = 0
Description = 2:26:23 AM - Failed to retrieve EpgListings (Error: The underlying
connection was closed: An unexpected error occurred on a receive.)

[ OSession Events ]
Error - 1/23/2010 6:18:23 PM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 66110
seconds with 1560 seconds of active time. This session ended with a crash.

Error - 1/25/2010 5:24:30 PM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 72582
seconds with 2160 seconds of active time. This session ended with a crash.

Error - 1/26/2010 8:44:31 AM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 55173
seconds with 3600 seconds of active time. This session ended with a crash.

Error - 1/27/2010 5:00:23 AM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 72927
seconds with 1860 seconds of active time. This session ended with a crash.

Error - 1/27/2010 7:22:18 PM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 51689
seconds with 1680 seconds of active time. This session ended with a crash.

Error - 1/29/2010 10:21:06 AM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52035
seconds with 480 seconds of active time. This session ended with a crash.

Error - 4/4/2010 1:22:25 AM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52792
seconds with 180 seconds of active time. This session ended with a crash.

Error - 4/15/2010 4:39:39 PM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 401 seconds with 120 seconds of active time. This session ended with a crash.

Error - 5/3/2010 11:18:50 AM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 160866
seconds with 840 seconds of active time. This session ended with a crash.

Error - 5/14/2010 5:28:01 PM | Computer Name = Matt | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/1/2011 11:27:15 AM | Computer Name = Matt | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 1/1/2011 11:27:41 AM | Computer Name = Matt | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL sptd

Error - 1/1/2011 11:27:45 AM | Computer Name = Matt | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/1/2011 11:27:45 AM | Computer Name = Matt | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/1/2011 12:01:36 PM | Computer Name = Matt | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 1/1/2011 12:02:40 PM | Computer Name = Matt | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2

Error - 1/1/2011 12:02:44 PM | Computer Name = Matt | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/1/2011 12:02:45 PM | Computer Name = Matt | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 1/1/2011 12:04:11 PM | Computer Name = Matt | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL sptd

Error - 1/1/2011 12:05:19 PM | Computer Name = Matt | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.


< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
    :Commands
    [purity]
    [emptyflash]
    [emptytemp]
    [resethosts]
    [Reboot]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post log from this run.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

====

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
  • You will need to use Internet Explorer to complete this scan.
  • You will need to temporarily Disable your current Anti-virus program.
  • Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
  • When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

NOTE: If you are unable to complete the ESET scan, please try another from the list below:


====

How are things now?
 
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: matt small
->Flash cache emptied: 5664 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: matt small
->Temp folder emptied: 4957547 bytes
->Temporary Internet Files folder emptied: 8296510 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95733490 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36589 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 18899179594 bytes

Total Files Cleaned = 18,128.00 mb

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.20.0 log created on 01012011_193620

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
OTL logfile created on: 1/1/2011 8:10:35 PM - Run 2
OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\matt small\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.04 Gb Total Space | 102.88 Gb Free Space | 37.68% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.71 Gb Free Space | 57.10% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 330.72 Gb Free Space | 35.50% Space Free | Partition Type: NTFS

Computer Name: MATT | User Name: matt small | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/12/20 18:08:56 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/12/10 12:23:11 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 12:23:10 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/25 00:13:13 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/10/15 07:05:05 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/01 01:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/06 20:51:10 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/07/06 20:50:42 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/07/01 15:49:15 | 002,397,424 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/06/13 19:59:20 | 000,800,032 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010/03/01 19:37:28 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/01/24 10:03:50 | 000,020,480 | ---- | M] () -- C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/11/07 07:54:54 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\matt small\Program Files\DNA\btdna.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/12 11:33:26 | 000,046,824 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2008/12/11 18:07:40 | 006,703,648 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2008/09/29 04:09:20 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/09/25 16:49:22 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2008/06/12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/01/29 21:19:34 | 000,041,472 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe
PRC - [2007/10/29 12:21:20 | 000,118,784 | ---- | M] () -- C:\Program Files\AnywhereTS\srv\tftpd32.exe
PRC - [2007/10/29 12:21:20 | 000,036,864 | ---- | M] (Nick Rozanski (Nick@Rozanski.com)) -- C:\Program Files\AnywhereTS\srv\srvstart.exe
PRC - [2007/09/27 04:36:58 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/09/26 20:05:56 | 000,734,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2007/09/12 17:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/08/03 15:09:34 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/28 05:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/11/28 05:34:28 | 000,075,416 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\SavUI.exe
PRC - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/11/28 05:34:02 | 000,024,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DoScan.exe
PRC - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/11/27 08:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe


========== Modules (SafeList) ==========

MOD - [2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/06 20:50:42 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdcoreservice)
SRV - [2010/03/11 18:02:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/03/01 19:37:28 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/01/24 10:03:50 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe -- (MCEBuddy)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/10/12 11:33:26 | 000,046,824 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009/07/27 21:32:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008/09/29 04:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/09/25 16:49:22 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2008/01/29 21:19:34 | 000,041,472 | ---- | M] (Orb Networks) [Auto | Running] -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe -- (OrbMediaService)
SRV - [2007/10/29 12:21:20 | 000,036,864 | ---- | M] (Nick Rozanski (Nick@Rozanski.com)) [Auto | Running] -- C:\Program Files\AnywhereTS\srv\srvstart.exe -- (TS_TFTP)
SRV - [2007/09/27 04:55:38 | 001,862,144 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007/09/27 04:36:58 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2007/09/12 17:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 17:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/28 05:34:26 | 000,122,008 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/17 04:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101231.002\navex15.sys -- (NAVEX15)
DRV - [2010/12/17 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101231.002\naveng.sys -- (NAVENG)
DRV - [2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/11/25 00:11:25 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/10 02:49:50 | 004,323,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUVC.sys -- (LVUVC) Logitech HD Pro Webcam C910(UVC)
DRV - [2010/11/10 02:48:12 | 000,283,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/11/10 02:46:28 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/07/06 21:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/07/06 21:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/07/06 20:15:24 | 000,210,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/06/19 17:04:56 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2010/06/19 17:04:56 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2010/06/19 17:04:56 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010/06/19 17:04:56 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2010/06/19 17:04:56 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2010/05/28 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/28 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/06 04:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/01/29 01:03:58 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/04 09:11:04 | 001,084,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2009/09/23 18:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/09/16 15:55:25 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:27 | 000,046,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2009/07/13 18:51:27 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2009/07/13 18:51:25 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2009/07/13 18:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 17:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2009/07/13 17:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2009/07/13 17:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/28 14:46:18 | 000,391,296 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/01/05 19:11:04 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/12/11 17:23:08 | 002,250,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/18 06:13:45 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/02/29 09:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/28 14:31:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/01/14 05:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/04/09 08:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 08:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 08:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/03 18:26:32 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/12/03 18:26:32 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/12/03 18:26:22 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/22 15:17:06 | 000,274,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2006/11/22 15:17:06 | 000,247,144 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2006/11/22 15:17:06 | 000,025,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/11/28 20:23:24 | 000,039,048 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IcdUsb2.sys -- (ICDUSB2) Sony IC Recorder (P)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070927

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://secure.logmein.com/login.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://facebook.com"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.586
FF - prefs.js..extensions.enabledItems: {dc0fa13c-3dae-73eb-e852-912722c852f9}:0.3
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: fastYoutubeDownloader@yevgenyandrov.net:1.2.2
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: btpersonas@brandthunder.com:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/01 19:08:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 21:43:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/25 20:10:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 20:10:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/25 20:10:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/12/25 20:10:57 | 000,000,000 | ---D | M]
 
[2010/09/18 13:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions
[2010/09/18 13:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/03/06 00:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/01/01 01:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (NY Yankees) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{0502c898-4754-11dc-8314-0800200c9a66}
[2010/09/24 07:49:17 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/12/21 22:07:42 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/05/17 14:22:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (Unofficial Google Translate Firefox extension) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{3eaacb33-878f-44fa-b4cd-6e67cbaf828b}
[2010/01/06 17:57:42 | 000,000,000 | ---D | M] (Tar Heels) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{43eb9f3e-3d32-11dc-8314-0800200c9a66}
[2010/09/17 22:00:34 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010/01/06 17:57:43 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/01/06 17:57:43 | 000,000,000 | ---D | M] (Blue Ice 2 lite) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{c5b48c50-0394-11dd-95ff-0800200c9a66}
[2010/10/08 13:22:14 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/04/01 07:56:46 | 000,000,000 | ---D | M] (MileWideBack) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}
[2010/06/17 15:42:48 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/08/12 12:52:20 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/11/25 12:31:05 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/06/11 22:25:16 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/11/25 12:31:07 | 000,000,000 | ---D | M] ("Personas Interactive") -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\btpersonas@brandthunder.com
[2010/06/11 22:25:16 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\fastYoutubeDownloader@yevgenyandrov.net
[2010/05/05 11:32:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\LogMeInClient@logmein.com
[2010/09/13 15:16:45 | 000,000,000 | ---D | M] (Personas) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\personas@christopher.beard
[2010/11/10 21:26:35 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\extensions\smarterwiki@wikiatic.com
[2010/08/25 11:01:48 | 000,002,273 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\searchplugins\ask.xml
[2010/10/21 07:25:58 | 000,000,908 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\searchplugins\bing.xml
[2010/12/23 12:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/15 13:03:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/08/13 18:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 20:10:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 23:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/23 12:36:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/05 21:43:41 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/01/06 17:57:40 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\MATT SMALL\APPDATA\ROAMING\MOVE NETWORKS
[2011/01/01 19:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\MATT SMALL\PROGRAM FILES\DNA
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/06/28 23:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/12/30 19:15:17 | 000,001,919 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing-zugo.xml

O1 HOSTS File: ([2011/01/01 19:36:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\matt small\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MLB.TV NexDef Plug-in.lnk = C:\Users\matt small\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: webattend.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: webtrain.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {21C6245C-9408-11D7-BF3B-00E09876DF26} http://www.webattend.com/components/wt0523.cab (WebTrain.ctlWebTrain)
O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} http://www.seetoo.com/downloadAddon...stintv&c=cce877c8fbf127563&browserVersion=8.0 (SeeTooControl Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab (Reg Error: Key error.)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Justin.tv Publisher http://www.justin.tv/plugins/justintv_publisher.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop BackupWallPaper: C:\Users\matt small\AppData\Local\Microsoft\Wallpaper1.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a89fb1b1-fb10-11de-a113-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a89fb1b1-fb10-11de-a113-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/01 19:36:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/01 11:12:29 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
[2010/12/30 21:14:30 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/12/29 17:19:52 | 000,000,000 | ---D | C] -- C:\Users\matt small\Documents\Nero Collections
[2010/12/26 18:30:54 | 000,000,000 | ---D | C] -- C:\Users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2010/12/26 18:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010/12/26 14:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/12/25 20:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2010/12/25 20:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/25 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/25 20:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/25 20:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2010/12/25 20:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 17:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2010/12/23 17:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/12/18 12:56:21 | 000,000,000 | ---D | C] -- C:\Users\matt small\AppData\Roaming\vlc
[2010/12/18 11:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2010/12/16 09:47:52 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\matt small\Desktop\TDSSKiller.exe

========== Files - Modified Within 30 Days ==========

[2011/01/01 20:13:40 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/01 20:13:39 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/01 20:10:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/01 20:03:12 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/01 20:03:04 | 000,000,320 | -HS- | M] () -- C:\Windows\tasks\Fvfouxnb.job
[2011/01/01 20:02:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/01 20:02:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/01/01 20:02:38 | 2414,481,408 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/01 19:36:52 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/01/01 17:00:00 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/01/01 11:12:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\matt small\Desktop\OTL.exe
[2011/01/01 01:38:51 | 647,450,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/31 10:17:12 | 000,000,044 | ---- | M] () -- C:\Windows\fWUvRxp2cg
[2010/12/31 10:17:12 | 000,000,040 | ---- | M] () -- C:\Windows\HvNAoYB
[2010/12/31 10:17:12 | 000,000,039 | ---- | M] () -- C:\Windows\1OLMhRDn3y
[2010/12/31 10:17:12 | 000,000,038 | ---- | M] () -- C:\Windows\PgNmh
[2010/12/31 10:17:12 | 000,000,038 | ---- | M] () -- C:\Windows\bOljP6a
[2010/12/31 10:17:12 | 000,000,037 | ---- | M] () -- C:\Windows\MkxTP
[2010/12/31 10:17:12 | 000,000,034 | ---- | M] () -- C:\Windows\YLjdu
[2010/12/31 10:17:11 | 000,000,047 | ---- | M] () -- C:\Windows\barSpv
[2010/12/31 10:17:11 | 000,000,046 | ---- | M] () -- C:\Windows\vQYeKvcTJ
[2010/12/31 10:17:11 | 000,000,046 | ---- | M] () -- C:\Windows\jEOVv7j
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\WxRDxhb
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\E7XYuH
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\8bACfHV2
[2010/12/31 10:17:11 | 000,000,044 | ---- | M] () -- C:\Windows\3TpxMDn
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\KpQXh
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\kawxBoK
[2010/12/31 10:17:11 | 000,000,042 | ---- | M] () -- C:\Windows\85laC
[2010/12/31 10:17:11 | 000,000,040 | ---- | M] () -- C:\Windows\vj6gvqs33S
[2010/12/31 10:17:11 | 000,000,040 | ---- | M] () -- C:\Windows\JJCQj1FmH
[2010/12/31 10:17:11 | 000,000,039 | ---- | M] () -- C:\Windows\nMVm8r6o
[2010/12/31 10:17:11 | 000,000,039 | ---- | M] () -- C:\Windows\5m41mFM
[2010/12/31 10:17:11 | 000,000,038 | ---- | M] () -- C:\Windows\UvlmrA2ola
[2010/12/31 10:17:11 | 000,000,037 | ---- | M] () -- C:\Windows\iRJNwHtECY
[2010/12/31 10:17:11 | 000,000,036 | ---- | M] () -- C:\Windows\pYNAj4
[2010/12/31 10:17:11 | 000,000,033 | ---- | M] () -- C:\Windows\OT3bqteG4t
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\Yg3iiJAi
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\r13H1
[2010/12/31 10:17:11 | 000,000,032 | ---- | M] () -- C:\Windows\NGXAcns
[2010/12/31 10:17:11 | 000,000,031 | ---- | M] () -- C:\Windows\wilGbJ
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\NBxYe
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\NBxM25pb6
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\CxkxwNkl
[2010/12/31 10:17:11 | 000,000,029 | ---- | M] () -- C:\Windows\83s1Ja
[2010/12/31 10:17:11 | 000,000,028 | ---- | M] () -- C:\Windows\YVcEmCWHJ
[2010/12/31 10:17:11 | 000,000,028 | ---- | M] () -- C:\Windows\EnRvpsGXl
[2010/12/31 10:17:11 | 000,000,027 | ---- | M] () -- C:\Windows\kYFJJM
[2010/12/31 10:17:11 | 000,000,026 | ---- | M] () -- C:\Windows\JDQqAopPbx
[2010/12/31 10:17:10 | 000,000,049 | ---- | M] () -- C:\Windows\6BuURPM3
[2010/12/31 10:17:10 | 000,000,047 | ---- | M] () -- C:\Windows\sVYIGbx
[2010/12/31 10:17:10 | 000,000,046 | ---- | M] () -- C:\Windows\IKDFk1Bqm5
[2010/12/31 10:17:10 | 000,000,042 | ---- | M] () -- C:\Windows\4fBLU
[2010/12/31 10:17:10 | 000,000,041 | ---- | M] () -- C:\Windows\I7P6J
[2010/12/31 10:17:10 | 000,000,039 | ---- | M] () -- C:\Windows\6jIuPMc52
[2010/12/31 10:17:10 | 000,000,039 | ---- | M] () -- C:\Windows\1glFrPN
[2010/12/31 10:17:10 | 000,000,038 | ---- | M] () -- C:\Windows\YsCtBEDlRQ
[2010/12/31 10:17:10 | 000,000,038 | ---- | M] () -- C:\Windows\KigOuxgJH6
[2010/12/31 10:17:10 | 000,000,035 | ---- | M] () -- C:\Windows\RYQlGJY
[2010/12/31 10:17:10 | 000,000,035 | ---- | M] () -- C:\Windows\K2mx685E
[2010/12/31 10:17:10 | 000,000,034 | ---- | M] () -- C:\Windows\yJOAWI
[2010/12/31 10:17:10 | 000,000,033 | ---- | M] () -- C:\Windows\p3nTg
[2010/12/31 10:17:10 | 000,000,032 | ---- | M] () -- C:\Windows\afd8Sb
[2010/12/31 10:17:10 | 000,000,031 | ---- | M] () -- C:\Windows\OXHEq
[2010/12/31 10:17:10 | 000,000,031 | ---- | M] () -- C:\Windows\c4ex56ADv
[2010/12/31 10:17:10 | 000,000,028 | ---- | M] () -- C:\Windows\O1lfT
[2010/12/31 10:17:10 | 000,000,028 | ---- | M] () -- C:\Windows\CM7esEYs
[2010/12/31 10:17:10 | 000,000,027 | ---- | M] () -- C:\Windows\NycIN
[2010/12/31 10:17:10 | 000,000,026 | ---- | M] () -- C:\Windows\V7NlaT6Ru
[2010/12/31 10:17:10 | 000,000,024 | ---- | M] () -- C:\Windows\AgdRtKVja
[2010/12/31 10:17:09 | 000,000,048 | ---- | M] () -- C:\Windows\isAoO2VgbB
[2010/12/31 10:17:09 | 000,000,047 | ---- | M] () -- C:\Windows\edsJS7
[2010/12/31 10:17:09 | 000,000,046 | ---- | M] () -- C:\Windows\kK6DbQNE
[2010/12/31 10:17:09 | 000,000,040 | ---- | M] () -- C:\Windows\OLHGO
[2010/12/31 10:17:09 | 000,000,038 | ---- | M] () -- C:\Windows\l8CjEByRl
[2010/12/31 10:17:09 | 000,000,037 | ---- | M] () -- C:\Windows\Hhrq2xl
[2010/12/31 10:17:09 | 000,000,032 | ---- | M] () -- C:\Windows\mrTx7n
[2010/12/31 10:17:09 | 000,000,030 | ---- | M] () -- C:\Windows\gfQXFJs2T4
[2010/12/31 10:17:09 | 000,000,029 | ---- | M] () -- C:\Windows\2qSFUGj
[2010/12/31 10:17:09 | 000,000,028 | ---- | M] () -- C:\Windows\75rjFy
[2010/12/31 10:17:09 | 000,000,026 | ---- | M] () -- C:\Windows\emr7v
[2010/12/31 10:17:08 | 000,000,037 | ---- | M] () -- C:\Windows\Fg8CxnqsW
[2010/12/31 10:17:08 | 000,000,036 | ---- | M] () -- C:\Windows\8EyyTVJ
[2010/12/31 10:17:08 | 000,000,035 | ---- | M] () -- C:\Windows\3JNHKvN
[2010/12/31 10:17:08 | 000,000,034 | ---- | M] () -- C:\Windows\gtf7k77cD
[2010/12/31 10:17:08 | 000,000,032 | ---- | M] () -- C:\Windows\olkmGq3T
[2010/12/31 10:17:08 | 000,000,030 | ---- | M] () -- C:\Windows\qsijfwGf1
[2010/12/31 10:17:08 | 000,000,026 | ---- | M] () -- C:\Windows\ImsaYbSth2
[2010/12/31 10:17:07 | 000,000,038 | ---- | M] () -- C:\Windows\FDYCYdA
[2010/12/31 10:17:07 | 000,000,038 | ---- | M] () -- C:\Windows\6Myk2cOdi
[2010/12/31 10:17:07 | 000,000,036 | ---- | M] () -- C:\Windows\TFJXH
[2010/12/31 10:17:07 | 000,000,035 | ---- | M] () -- C:\Windows\Kg4AHHaJT
[2010/12/31 10:17:07 | 000,000,034 | ---- | M] () -- C:\Windows\UhdTFg
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\WVTQYW
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\oG6bwr8
[2010/12/31 10:17:07 | 000,000,032 | ---- | M] () -- C:\Windows\bHdc7B
[2010/12/31 10:17:07 | 000,000,031 | ---- | M] () -- C:\Windows\jDq13M24
[2010/12/31 10:17:07 | 000,000,028 | ---- | M] () -- C:\Windows\eTUPgK1E
[2010/12/31 10:17:07 | 000,000,026 | ---- | M] () -- C:\Windows\5y6AbV
[2010/12/31 10:17:06 | 000,000,049 | ---- | M] () -- C:\Windows\yjW3C7
[2010/12/31 10:17:06 | 000,000,045 | ---- | M] () -- C:\Windows\VTYjhMX
[2010/12/31 10:17:06 | 000,000,043 | ---- | M] () -- C:\Windows\PUyVE
[2010/12/31 10:17:06 | 000,000,041 | ---- | M] () -- C:\Windows\eaHyr8
[2010/12/31 10:17:06 | 000,000,036 | ---- | M] () -- C:\Windows\SEGqplv
[2010/12/31 10:17:06 | 000,000,036 | ---- | M] () -- C:\Windows\AQaRnS
[2010/12/31 10:17:06 | 000,000,035 | ---- | M] () -- C:\Windows\ndqLdox
[2010/12/31 10:17:06 | 000,000,032 | ---- | M] () -- C:\Windows\kSSdatQgG
[2010/12/31 10:17:06 | 000,000,031 | ---- | M] () -- C:\Windows\SJSVKUKSkx
[2010/12/31 10:17:06 | 000,000,025 | ---- | M] () -- C:\Windows\T61NCh
[2010/12/31 00:30:46 | 000,013,834 | ---- | M] () -- C:\Users\matt small\Documents\cc_20101231_003040.reg
[2010/12/30 21:21:29 | 000,000,112 | ---- | M] () -- C:\ProgramData\EdC4677J4.dat
[2010/12/29 17:20:11 | 000,000,029 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\default.rss
[2010/12/29 17:19:52 | 000,000,000 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\downloads.m3u
[2010/12/26 14:29:40 | 000,067,148 | ---- | M] () -- C:\Users\matt small\Documents\cc_20101226_142836.reg
[2010/12/26 14:25:09 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/25 21:07:07 | 000,673,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/25 21:07:07 | 000,124,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/25 20:20:31 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/23 14:05:31 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/21 17:04:14 | 000,024,981 | ---- | M] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/12/21 11:02:00 | 005,474,848 | ---- | M] () -- C:\Users\matt small\Documents\GraduationInvitation.png
[2010/12/20 19:14:36 | 000,001,937 | ---- | M] () -- C:\Users\matt small\Desktop\On-Screen Keyboard.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/20 15:36:57 | 014,029,420 | ---- | M] () -- C:\Users\matt small\Documents\GraduationInvitation.psd
[2010/12/18 11:00:06 | 019,985,265 | ---- | M] () -- C:\Users\matt small\Documents\vlc-1.1.5-win32.exe
[2010/12/16 09:47:52 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\matt small\Desktop\TDSSKiller.exe
[2010/12/16 03:32:41 | 002,712,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2010/12/08 13:11:44 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll

========== Files Created - No Company Name ==========

[2010/12/31 10:17:12 | 000,000,044 | ---- | C] () -- C:\Windows\fWUvRxp2cg
[2010/12/31 10:17:12 | 000,000,040 | ---- | C] () -- C:\Windows\HvNAoYB
[2010/12/31 10:17:12 | 000,000,039 | ---- | C] () -- C:\Windows\1OLMhRDn3y
[2010/12/31 10:17:12 | 000,000,038 | ---- | C] () -- C:\Windows\bOljP6a
[2010/12/31 10:17:12 | 000,000,037 | ---- | C] () -- C:\Windows\MkxTP
[2010/12/31 10:17:12 | 000,000,034 | ---- | C] () -- C:\Windows\YLjdu
[2010/12/31 10:17:11 | 000,000,047 | ---- | C] () -- C:\Windows\barSpv
[2010/12/31 10:17:11 | 000,000,046 | ---- | C] () -- C:\Windows\vQYeKvcTJ
[2010/12/31 10:17:11 | 000,000,046 | ---- | C] () -- C:\Windows\jEOVv7j
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\WxRDxhb
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\E7XYuH
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\8bACfHV2
[2010/12/31 10:17:11 | 000,000,044 | ---- | C] () -- C:\Windows\3TpxMDn
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\KpQXh
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\kawxBoK
[2010/12/31 10:17:11 | 000,000,042 | ---- | C] () -- C:\Windows\85laC
[2010/12/31 10:17:11 | 000,000,040 | ---- | C] () -- C:\Windows\vj6gvqs33S
[2010/12/31 10:17:11 | 000,000,040 | ---- | C] () -- C:\Windows\JJCQj1FmH
[2010/12/31 10:17:11 | 000,000,039 | ---- | C] () -- C:\Windows\nMVm8r6o
[2010/12/31 10:17:11 | 000,000,039 | ---- | C] () -- C:\Windows\5m41mFM
[2010/12/31 10:17:11 | 000,000,038 | ---- | C] () -- C:\Windows\UvlmrA2ola
[2010/12/31 10:17:11 | 000,000,038 | ---- | C] () -- C:\Windows\PgNmh
[2010/12/31 10:17:11 | 000,000,037 | ---- | C] () -- C:\Windows\iRJNwHtECY
[2010/12/31 10:17:11 | 000,000,036 | ---- | C] () -- C:\Windows\pYNAj4
[2010/12/31 10:17:11 | 000,000,033 | ---- | C] () -- C:\Windows\OT3bqteG4t
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\Yg3iiJAi
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\r13H1
[2010/12/31 10:17:11 | 000,000,032 | ---- | C] () -- C:\Windows\NGXAcns
[2010/12/31 10:17:11 | 000,000,031 | ---- | C] () -- C:\Windows\wilGbJ
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\NBxYe
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\NBxM25pb6
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\CxkxwNkl
[2010/12/31 10:17:11 | 000,000,029 | ---- | C] () -- C:\Windows\83s1Ja
[2010/12/31 10:17:11 | 000,000,028 | ---- | C] () -- C:\Windows\YVcEmCWHJ
[2010/12/31 10:17:11 | 000,000,028 | ---- | C] () -- C:\Windows\EnRvpsGXl
[2010/12/31 10:17:11 | 000,000,027 | ---- | C] () -- C:\Windows\kYFJJM
[2010/12/31 10:17:11 | 000,000,026 | ---- | C] () -- C:\Windows\JDQqAopPbx
[2010/12/31 10:17:10 | 000,000,049 | ---- | C] () -- C:\Windows\6BuURPM3
[2010/12/31 10:17:10 | 000,000,047 | ---- | C] () -- C:\Windows\sVYIGbx
[2010/12/31 10:17:10 | 000,000,046 | ---- | C] () -- C:\Windows\IKDFk1Bqm5
[2010/12/31 10:17:10 | 000,000,042 | ---- | C] () -- C:\Windows\4fBLU
[2010/12/31 10:17:10 | 000,000,041 | ---- | C] () -- C:\Windows\I7P6J
[2010/12/31 10:17:10 | 000,000,039 | ---- | C] () -- C:\Windows\6jIuPMc52
[2010/12/31 10:17:10 | 000,000,039 | ---- | C] () -- C:\Windows\1glFrPN
[2010/12/31 10:17:10 | 000,000,038 | ---- | C] () -- C:\Windows\YsCtBEDlRQ
[2010/12/31 10:17:10 | 000,000,038 | ---- | C] () -- C:\Windows\KigOuxgJH6
[2010/12/31 10:17:10 | 000,000,035 | ---- | C] () -- C:\Windows\RYQlGJY
[2010/12/31 10:17:10 | 000,000,035 | ---- | C] () -- C:\Windows\K2mx685E
[2010/12/31 10:17:10 | 000,000,034 | ---- | C] () -- C:\Windows\yJOAWI
[2010/12/31 10:17:10 | 000,000,033 | ---- | C] () -- C:\Windows\p3nTg
[2010/12/31 10:17:10 | 000,000,032 | ---- | C] () -- C:\Windows\afd8Sb
[2010/12/31 10:17:10 | 000,000,031 | ---- | C] () -- C:\Windows\OXHEq
[2010/12/31 10:17:10 | 000,000,031 | ---- | C] () -- C:\Windows\c4ex56ADv
[2010/12/31 10:17:10 | 000,000,028 | ---- | C] () -- C:\Windows\O1lfT
[2010/12/31 10:17:10 | 000,000,028 | ---- | C] () -- C:\Windows\CM7esEYs
[2010/12/31 10:17:10 | 000,000,027 | ---- | C] () -- C:\Windows\NycIN
[2010/12/31 10:17:10 | 000,000,026 | ---- | C] () -- C:\Windows\V7NlaT6Ru
[2010/12/31 10:17:10 | 000,000,024 | ---- | C] () -- C:\Windows\AgdRtKVja
[2010/12/31 10:17:09 | 000,000,048 | ---- | C] () -- C:\Windows\isAoO2VgbB
[2010/12/31 10:17:09 | 000,000,047 | ---- | C] () -- C:\Windows\edsJS7
[2010/12/31 10:17:09 | 000,000,046 | ---- | C] () -- C:\Windows\kK6DbQNE
[2010/12/31 10:17:09 | 000,000,040 | ---- | C] () -- C:\Windows\OLHGO
[2010/12/31 10:17:09 | 000,000,038 | ---- | C] () -- C:\Windows\l8CjEByRl
[2010/12/31 10:17:09 | 000,000,037 | ---- | C] () -- C:\Windows\Hhrq2xl
[2010/12/31 10:17:09 | 000,000,032 | ---- | C] () -- C:\Windows\mrTx7n
[2010/12/31 10:17:09 | 000,000,030 | ---- | C] () -- C:\Windows\gfQXFJs2T4
[2010/12/31 10:17:09 | 000,000,029 | ---- | C] () -- C:\Windows\2qSFUGj
[2010/12/31 10:17:09 | 000,000,028 | ---- | C] () -- C:\Windows\75rjFy
[2010/12/31 10:17:09 | 000,000,026 | ---- | C] () -- C:\Windows\emr7v
[2010/12/31 10:17:08 | 000,000,037 | ---- | C] () -- C:\Windows\Fg8CxnqsW
[2010/12/31 10:17:08 | 000,000,036 | ---- | C] () -- C:\Windows\8EyyTVJ
[2010/12/31 10:17:08 | 000,000,035 | ---- | C] () -- C:\Windows\3JNHKvN
[2010/12/31 10:17:08 | 000,000,034 | ---- | C] () -- C:\Windows\gtf7k77cD
[2010/12/31 10:17:08 | 000,000,032 | ---- | C] () -- C:\Windows\olkmGq3T
[2010/12/31 10:17:08 | 000,000,030 | ---- | C] () -- C:\Windows\qsijfwGf1
[2010/12/31 10:17:08 | 000,000,026 | ---- | C] () -- C:\Windows\ImsaYbSth2
[2010/12/31 10:17:07 | 000,000,038 | ---- | C] () -- C:\Windows\FDYCYdA
[2010/12/31 10:17:07 | 000,000,038 | ---- | C] () -- C:\Windows\6Myk2cOdi
[2010/12/31 10:17:07 | 000,000,036 | ---- | C] () -- C:\Windows\TFJXH
[2010/12/31 10:17:07 | 000,000,035 | ---- | C] () -- C:\Windows\Kg4AHHaJT
[2010/12/31 10:17:07 | 000,000,034 | ---- | C] () -- C:\Windows\UhdTFg
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\WVTQYW
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\oG6bwr8
[2010/12/31 10:17:07 | 000,000,032 | ---- | C] () -- C:\Windows\bHdc7B
[2010/12/31 10:17:07 | 000,000,031 | ---- | C] () -- C:\Windows\jDq13M24
[2010/12/31 10:17:07 | 000,000,028 | ---- | C] () -- C:\Windows\eTUPgK1E
[2010/12/31 10:17:07 | 000,000,026 | ---- | C] () -- C:\Windows\5y6AbV
[2010/12/31 10:17:06 | 000,000,049 | ---- | C] () -- C:\Windows\yjW3C7
[2010/12/31 10:17:06 | 000,000,045 | ---- | C] () -- C:\Windows\VTYjhMX
[2010/12/31 10:17:06 | 000,000,043 | ---- | C] () -- C:\Windows\PUyVE
[2010/12/31 10:17:06 | 000,000,041 | ---- | C] () -- C:\Windows\eaHyr8
[2010/12/31 10:17:06 | 000,000,036 | ---- | C] () -- C:\Windows\SEGqplv
[2010/12/31 10:17:06 | 000,000,036 | ---- | C] () -- C:\Windows\AQaRnS
[2010/12/31 10:17:06 | 000,000,035 | ---- | C] () -- C:\Windows\ndqLdox
[2010/12/31 10:17:06 | 000,000,032 | ---- | C] () -- C:\Windows\kSSdatQgG
[2010/12/31 10:17:06 | 000,000,031 | ---- | C] () -- C:\Windows\SJSVKUKSkx
[2010/12/31 10:17:06 | 000,000,025 | ---- | C] () -- C:\Windows\T61NCh
[2010/12/31 00:30:44 | 000,013,834 | ---- | C] () -- C:\Users\matt small\Documents\cc_20101231_003040.reg
[2010/12/30 21:21:29 | 000,000,112 | ---- | C] () -- C:\ProgramData\EdC4677J4.dat
[2010/12/29 17:19:52 | 000,000,000 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\downloads.m3u
[2010/12/26 18:29:56 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/12/26 14:28:44 | 000,067,148 | ---- | C] () -- C:\Users\matt small\Documents\cc_20101226_142836.reg
[2010/12/26 14:25:09 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/12/25 20:20:31 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/21 17:04:13 | 000,024,981 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/12/21 11:01:55 | 005,474,848 | ---- | C] () -- C:\Users\matt small\Documents\GraduationInvitation.png
[2010/12/20 15:36:54 | 014,029,420 | ---- | C] () -- C:\Users\matt small\Documents\GraduationInvitation.psd
[2010/12/18 10:59:32 | 019,985,265 | ---- | C] () -- C:\Users\matt small\Documents\vlc-1.1.5-win32.exe
[2010/11/24 23:56:31 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/11/10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/11/10 02:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/06/18 12:15:59 | 000,237,568 | R--- | C] () -- C:\Windows\System32\qtmlClient.dll
[2010/06/18 12:15:59 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010/05/17 15:25:17 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/05/13 23:03:29 | 000,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2010/05/13 23:03:06 | 000,010,600 | R--- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2010/05/13 23:03:05 | 000,124,264 | R--- | C] () -- C:\Windows\System32\mp3dec.dll
[2010/05/13 23:03:05 | 000,081,920 | R--- | C] () -- C:\Windows\System32\dsp_trc.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2010/01/18 11:17:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/17 13:08:24 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/01/12 14:50:26 | 000,002,380 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/01/06 18:39:00 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/05 15:20:52 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/01/04 18:59:20 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/01/03 13:19:32 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/03 13:18:59 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/24 10:32:25 | 000,010,056 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (DOS).CAL
[2009/09/23 17:17:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/18 22:55:36 | 000,000,029 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\default.rss
[2009/08/11 16:46:33 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/20 13:00:21 | 000,000,004 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\7FE408
[2009/05/20 13:00:20 | 000,870,128 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\mcs.rma
[2008/12/04 17:18:28 | 000,036,581 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (Windows).ADR
[2008/10/12 15:25:29 | 000,684,032 | ---- | C] () -- C:\Windows\System32\ltmm_n.dll
[2008/08/27 10:06:25 | 000,009,884 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\Comma Separated Values (Windows).CAL
[2008/08/12 14:38:43 | 000,009,913 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.bk!
[2008/08/12 14:37:28 | 000,009,817 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.bak
[2008/08/09 14:15:29 | 000,009,595 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\PStrip.ini
[2008/06/10 19:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/02/08 16:13:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
[2007/09/29 23:26:33 | 000,000,000 | ---- | C] () -- C:\Users\matt small\AppData\Roaming\wklnhst.dat
[2007/09/27 04:37:35 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2007/09/27 04:37:34 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2007/09/27 04:37:34 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/21 18:50:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll

========== LOP Check ==========

[2010/09/28 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\4Media Software Studio
[2010/01/06 17:56:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\acccore
[2010/01/06 17:56:52 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Any Video Converter
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Audacity
[2010/01/06 17:56:52 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\AVSMedia
[2011/01/01 19:36:09 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\BitTorrent
[2010/01/06 17:56:53 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Bytescout SWF To Video Scout
[2009/09/16 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\DAEMON Tools Lite
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\DNA
[2010/01/06 17:56:54 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\FileZilla
[2010/11/11 21:20:28 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\FixCleaner
[2010/01/06 17:56:54 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\GetRightToGo
[2010/01/06 17:56:58 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Leadertech
[2010/12/30 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\LimeWire
[2010/02/25 14:54:10 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\ManyCam
[2010/07/09 21:49:13 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\mkvtoolnix
[2010/01/06 17:57:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\MusicNet
[2008/05/23 11:39:37 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\NetMedia Providers
[2010/01/06 17:57:46 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\New Tier
[2010/06/18 12:16:41 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\proDAD
[2008/05/23 11:39:37 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Publish Providers
[2010/09/14 10:31:50 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\River Past G5
[2008/03/14 22:56:07 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Template
[2010/09/18 13:37:45 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Thunderbird
[2010/01/06 17:58:02 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Trillian
[2010/01/22 10:23:43 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Uniblue
[2008/06/15 20:00:30 | 000,000,000 | ---D | M] -- C:\Users\matt small\AppData\Roaming\Video DVD Maker FREE
[2011/01/01 17:00:00 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/01/01 20:03:04 | 000,000,320 | -HS- | M] () -- C:\Windows\Tasks\Fvfouxnb.job
[2010/12/31 05:04:54 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========
 
========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\matt small\Documents\OT.dmsd:Roxio EMC Stream
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\loiscard.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\housing.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\Copy of loiscard.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasv.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasv.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasthankyou.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasjricks.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasjricks.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasfront08.png:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmasfront08.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\matt small\Documents\christmascousinapril.png:Updt_SummaryInformation
@Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
 
the ESET scanner is at 3 hrs 10 mins and going. there's about 100,000 files left to be scanned (says 99% but that's not right).
 
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

C:\Documents and Settings\....\Downloads\registrybooster(2).exe Win32/RegistryBooster application
C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application
DELEDTED:
C:\Programs&Games\WSFTP_ProT128_Install.exe NSIS/TrojanDownloader.FakeAlert.DK.Gen trojan
DELETED:
C:\Programs&Games\Microsoft Office 2010 Activator [KMS Activator] - www.GuruFuel.com\mini-KMS_Activator_v1.053.exe a variant of Win32/HackKMS.A application
DELETED:
C:\Programs&Games\Xilisoft iPhone Software Suite 2.1.39.1103\x-iphone-software-suite.exe NSIS/TrojanDownloader.FakeAlert.DK.Gen trojan

C:\Users\....\Downloads\registrybooster(2).exe Win32/RegistryBooster application


I didn't touch the other files yet.
 
Ok. How did you delete them? My instructions were to not delete anything:
Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time),
.
Looks to me like the first two entries were left alone, the next three were deleted and the remainder left alone.
Please confirm.

Also, can you please answer my earlier question as to how the PC is now?
 
I deleted those 3 files on my own, because i didn't need them anymore. I left the other ones.

PC is running alright. the search engines are working and the computer hasn't shut down yet.
 
explorer.exe shut down once and most of the system tray icons reappeared. There were one or two that did not reappear. Everything else is good so far.
 
Please download ComboFix by sUBs from HERE or HERE
  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply.
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!
 
ComboFix 11-01-02.04 - matt small 01/03/2011 10:03:54.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3070.1241 [GMT -5:00]
Running from: c:\users\matt small\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\delfile.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\eb.drv
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\energy.drv
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\fan.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\FW.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\FW.drv
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\gid.tmp
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\grid.tmp
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\PE.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\PE.exe
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\ppal.exe
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\std.dll
c:\users\matt small\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv
c:\windows\jestertb.dll
c:\windows\system32\Ijl11.dll

.
((((((((((((((((((((((((( Files Created from 2010-12-03 to 2011-01-03 )))))))))))))))))))))))))))))))
.

2011-01-03 15:31 . 2011-01-03 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-02 22:48 . 2011-01-02 22:48 -------- d-----w- c:\program files\ZSoft
2011-01-02 01:23 . 2011-01-02 01:23 -------- d-----w- c:\program files\ESET
2011-01-02 00:36 . 2011-01-02 00:36 -------- d-----w- C:\_OTL
2010-12-26 23:30 . 2010-12-31 02:55 -------- d-----w- c:\program files\Xilisoft
2010-12-26 19:25 . 2010-12-31 02:42 -------- d-----w- c:\program files\CCleaner
2010-12-26 01:18 . 2010-12-26 01:18 -------- d-----w- c:\program files\iPod
2010-12-26 01:18 . 2010-12-31 02:44 -------- d-----w- c:\program files\iTunes
2010-12-26 01:18 . 2010-12-26 01:20 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-23 22:38 . 2010-12-31 02:42 -------- d-----w- c:\program files\Free Window Registry Repair
2010-12-23 19:53 . 2010-12-23 19:53 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-7\Microsoft.MediaCenter.Sports.UI.dll
2010-12-18 17:56 . 2011-01-03 02:52 -------- d-----w- c:\users\matt small\AppData\Roaming\vlc
2010-12-15 20:01 . 2010-10-12 04:25 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-15 20:01 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-10 10:55 . 2010-12-10 10:55 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-3\Microsoft.MediaCenter.Sports.UI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 19:54 . 2010-01-07 00:50 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-12-23 19:53 . 2010-05-19 07:53 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-12-23 07:42 . 2010-05-01 18:37 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-23 07:41 . 2010-05-20 08:04 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-20 23:09 . 2010-11-24 03:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2010-11-24 03:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-09 07:13 . 2010-01-07 00:50 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-08 18:12 . 2007-09-30 03:33 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-12-08 18:11 . 2007-09-30 03:33 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-12-08 18:11 . 2007-09-30 03:33 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-12-08 18:11 . 2007-09-30 03:33 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-11-29 22:38 . 2010-11-29 22:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38 . 2010-11-29 22:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-25 05:11 . 2010-11-25 04:51 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-11-25 05:11 . 2010-11-25 04:52 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-11-12 23:53 . 2010-05-23 14:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-10 07:49 . 2010-07-07 18:55 4323040 ----a-w- c:\windows\system32\drivers\LVUVC.sys
2010-11-10 07:49 . 2010-07-07 18:54 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-11-10 07:49 . 2010-07-07 18:54 543328 ----a-w- c:\windows\system32\LVUI2.dll
2010-11-10 07:48 . 2010-11-10 07:48 283744 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-11-10 07:47 . 2010-11-10 07:47 195168 ----a-w- c:\windows\system32\lvci13101216.dll
2010-11-10 07:47 . 2010-07-07 18:50 416352 ----a-w- c:\windows\system32\LVCodec2.dll
2010-11-10 07:46 . 2010-11-10 07:46 20704 ----a-w- c:\windows\system32\drivers\lvbusflt.sys
2010-11-10 07:45 . 2010-11-10 07:45 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2010-11-10 07:45 . 2010-11-10 07:45 10871128 ----a-w- c:\windows\system32\LogiDPP.dll
2010-11-10 07:45 . 2010-11-10 07:45 316248 ----a-w- c:\windows\system32\DevManagerCore.dll
2010-11-10 07:32 . 2010-11-10 07:32 38238 ----a-w- c:\windows\system32\Repository.reg
2010-10-19 15:41 . 2009-10-03 05:57 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-07 23:21 . 2010-11-12 08:40 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B1A8904-F55D-4A1E-8E5B-6F028F1E69F6}\mpengine.dll
2010-10-07 17:23 . 2010-10-07 17:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 17:23 . 2010-10-07 17:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 17:23 . 2010-10-07 17:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
.

------- Sigcheck -------

[7] 2009-07-14 . A01E50A04D7B1960B33E92B9080E6A94 . 543232 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_8e7597ebb597acd3\termsrv.dll
[-] 2009-07-14 . C468ADABA2040F6585FE04EA4C81984A . 543232 . . [6.1.7600.16385] . . c:\windows\System32\termsrv.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\matt small\Program Files\DNA\btdna.exe" [2009-11-07 323392]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-07-01 2397424]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-11 6703648]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-06-08 611712]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-27 1862144]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 63048]
"VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 734264]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-03-02 119152]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-11-25 1287120]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

c:\users\matt small\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-7-18 576000]
MLB.TV NexDef Plug-in.lnk - c:\users\matt small\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe [2010-5-13 802960]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-6-5 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-13 800032]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-9-27 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
PHOTOfunSTUDIO 5.0.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2010-5-17 172544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-09-16 721904]
R1 SABKUTIL;SABKUTIL; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9e2c2e102d9f;Google Update Service (gupdate1c9e2c2e102d9f);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 133104]
R2 MCEBuddy;MCEBuddy Service;c:\program files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
R2 TS_TFTP;TS TFTP;c:\program files\AnywhereTS\srv\srvstart.exe [2007-10-29 36864]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-06-19 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-19 29472]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbusflt.sys [2010-11-10 20704]
R3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\Drivers\ICDUSB2.sys [2002-11-29 39048]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-01-29 30576]
R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-11 1343400]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-25 218592]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2008-09-25 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 176128]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [2009-10-12 46824]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-28 102448]
S3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2009-05-28 391296]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
.
Contents of the 'Scheduled Tasks' folder

2011-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 14:05]

2011-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 14:05]
.
.
------- Supplementary Scan -------
.
uStart Page = https://secure.logmein.com/login.asp
uInternet Settings,ProxyOverride = <local>;*.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
Trusted Zone: webattend.com
Trusted Zone: webtrain.com
DPF: Justin.tv Publisher - hxxp://www.justin.tv/plugins/justintv_publisher.CAB
DPF: {21C6245C-9408-11D7-BF3B-00E09876DF26} - hxxp://www.webattend.com/components/wt0523.cab
DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} - hxxp://www.seetoo.com/downloadAddon.php?platform=Win32&browser=ie&ref=justintv&c=cce877c8fbf127563&browserVersion=8.0
FF - ProfilePath - c:\users\matt small\AppData\Roaming\Mozilla\Firefox\Profiles\420w6fuk.default\
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Personas Interactive: btpersonas@brandthunder.com - %profile%\extensions\btpersonas@brandthunder.com
FF - Ext: Fast Youtube Downloader: fastYoutubeDownloader@yevgenyandrov.net - %profile%\extensions\fastYoutubeDownloader@yevgenyandrov.net
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: IE Tab 2 (FF 3.6+): {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} - %profile%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FoxyTunes: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374} - %profile%\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: MileWideBack: {dc0fa13c-3dae-73eb-e852-912722c852f9} - %profile%\extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Redirect Remover: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9} - %profile%\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\Google\Google Gears\Firefox
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\users\matt small\AppData\Roaming\Move Networks
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"{258E4CF1-8035-474F-AF1B-30D6B9E4F55B}"="{3D8D3047-FF84-4703-A918-351E3745C966}"
"{6EEEC0B2-3418-4583-BD12-01AD3A35ED15}"="{68380BAF-A48A-4B14-876B-A54EE40DE840}"
"{7647BDA1-EF1E-489F-88CC-67B09631C987}"="{724A4FD9-1DF6-4668-A6E3-836C77B2B8E9}"
"{8152B3EB-E728-47A8-9388-EC9264F0CD75}"="{3D8D3047-FF84-4703-A918-351E3745C966}"
"{CDE9F31D-F3BF-4697-862E-A7330FA5DEE4}"="{724A4FD9-1DF6-4668-A6E3-836C77B2B8E9}"
"{E610EE94-FB92-45EF-8C2D-6805C31F608D}"="{83EBB44C-C727-47EB-9963-083878E71FF0}"
"{5A10FD38-3275-4C4B-97BF-283CA5AEA699}"="{255B818E-671E-4987-84AC-22116EBE364A}"
"{1D60D9F8-6F51-4145-B818-8C8A504856C4}"="{14201159-DCB9-4CEB-9F28-717E0DB9DC07}"
"{0F28522A-0EEC-4B08-9B45-EB0AF900DA18}"="{14201159-DCB9-4CEB-9F28-717E0DB9DC07}"
"{B28AFF3F-2F8C-41FD-B125-FAD0C4A36AE9}"="{94D09C89-5E35-46BC-85E5-46D078CA2E46}"
"{9F6440D7-CA1F-43A0-AEA7-8B285B8D0128}"="{D3A604EA-19C9-4651-9852-C3005A5BA0F3}"
"{2C72071F-3563-4275-A161-2CD94B2B098F}"="{7062E343-DF18-445B-84A8-E641B45055F3}"
"{8A3070D2-FD93-4680-96DA-19A55FBB51F5}"="{7062E343-DF18-445B-84A8-E641B45055F3}"
"{451830F4-B220-4A2F-A310-5D7B486F3E36}"="{9B0D58BF-26AF-4913-B662-DAF0992ECD2E}"
"{F7521315-7B2C-44E3-A702-69056D3FDE6B}"="{437F4045-78B3-4AF6-B167-A54D2F848D0F}"
"{D6D59B50-97E0-4FDE-8760-9D585206C638}"="{437F4045-78B3-4AF6-B167-A54D2F848D0F}"
"{59717720-12DC-451C-8768-76303490E3B3}"="{DAFF7E5F-B7E0-4000-9287-64B774811443}"
"{FB500B33-0A2D-4C92-93DF-DE87BB96DEE5}"="{3711A508-755F-4C50-9178-A9579CEF77D8}"
"{A1B08C8F-BE3C-48FE-B2D7-41D21C6F4512}"="{3711A508-755F-4C50-9178-A9579CEF77D8}"
"{683536F0-317E-47FE-A1C9-6615372F040C}"="{DCEFEE93-4F8A-4B2E-8639-11287478C279}"
"{251B70D5-DA3F-4013-B7A9-37F08ECDCCBE}"="{1EF9216C-A16E-4D81-B2EC-B26A80248DF5}"
"{F5A62E4F-9385-4725-90A0-C532BAF1E5E7}"="{56036F8C-374E-47EE-9060-3BA1DB1F5473}"
"{C7EDA060-AABF-433F-A11B-D24499D2B328}"="{D908C5B3-BBE8-49DA-9723-B8E18D3D9178}"
"{F898FFF5-E5DC-45DC-8C67-C02D8436BD6F}"="{D908C5B3-BBE8-49DA-9723-B8E18D3D9178}"
"{5BAE098A-BA52-4F3F-ADA5-17A7F72F90B8}"="{56036F8C-374E-47EE-9060-3BA1DB1F5473}"
"{9A6031F4-7877-424E-8AA5-77BEA4AC3147}"="{00550BDC-792F-41A0-A408-F8FF89A51394}"
"{1D7E1748-62E1-48FD-B730-03A2FA97EC2F}"="{2F3F005F-D523-45C2-9B11-3A025B45EDE5}"
"{7ED437EB-9BCC-446C-9846-5FEAFACFDCC5}"="{CCB7D5E0-414A-43AE-9565-E837FA831098}"
"{C9B500EB-2510-4A63-8587-BA89E32CE066}"="{81F91242-E942-46CB-A731-F96D950C77A0}"
"{C5D938E8-22FF-47EE-8BCE-6D79E7D4B9FD}"="{81F91242-E942-46CB-A731-F96D950C77A0}"
"{CD2DFC60-EDC1-4618-9218-34AE12741D1A}"="{20B47F36-7B4C-4FD1-A2FE-F317202EC6E6}"
"{C5EA4095-B6FE-4EB5-99B0-F44B7217AB2A}"="{FD3F4311-0717-4254-B267-F67D9DDCC870}"
"{9F6F6FEA-F117-4245-BB10-851383676056}"="{FD3F4311-0717-4254-B267-F67D9DDCC870}"
"{FCAA19F0-1B86-4C62-AB94-4436979F5385}"="{C526BF9F-F73F-4633-A454-E7B0A7837964}"
"{5F1875E4-D7AE-420F-AA87-C1E79553FB0D}"="{78137BD4-B9BA-434E-88AD-0C8BA91EC282}"
"{C51A1A6F-A2D6-458A-B126-1BFC01C2F4ED}"="{78137BD4-B9BA-434E-88AD-0C8BA91EC282}"
"{E49D6033-1C73-444D-8412-B92DAC0F5CF2}"="{A429E9FD-BF02-45C4-A8BB-274488692C7C}"
"{0D9BB854-373C-4E44-80DD-82D9D07A47EC}"="{F0985EEB-2B0F-477A-B00B-3E748361F847}"
"{B65720CC-1E32-4CA1-95C6-F35E03D13DF3}"="{1472A385-C849-456F-949F-5E421558F02D}"
"{C3984182-071B-4C42-9EAB-03B0C44F9B97}"="{CAAF4C9D-5509-45AF-A656-32B7C20BE82F}"
"{7DADC287-F8AF-4E0A-8D4D-17199150C72D}"="{CAAF4C9D-5509-45AF-A656-32B7C20BE82F}"
"{B5D40B69-6415-4849-A169-9471E9805CD5}"="{07B89D75-59C8-42A7-B741-E7999B1C3065}"
"{E4E9DF46-6BA0-44E6-82E1-B2A69851C3E9}"="{EF6F37BF-6C9B-484F-AA7B-680B594CB016}"
"{2703F341-C77B-455C-BA72-5530902DBDE5}"="{EF6F37BF-6C9B-484F-AA7B-680B594CB016}"
"{1278A7DC-D927-4A17-8FF0-7A2DA459E719}"="{86890D00-1186-488C-923A-36943771E9C1}"
"{FEC9EA5F-D2F8-420A-A957-70781AFFD1C1}"="{86890D00-1186-488C-923A-36943771E9C1}"
"{3B3133BF-DEBC-4EEE-863A-E868E25189E1}"="{58E7A825-6828-4AB1-BA4A-E350D8E056DA}"
"{93E1082A-C53C-46C1-B137-1F86F3179AE2}"="{58E7A825-6828-4AB1-BA4A-E350D8E056DA}"
"{837A30D3-F8FC-4B08-9F70-CB5702613C1B}"="{F7AD1465-8071-48EC-990D-CFC2233C0078}"
"{6EC8B00E-DDD4-4EDD-9567-C52075D8D5AC}"="{4FB41A77-C5EC-4F1A-A34A-D1B6513FA65B}"
"{04EDC334-004B-47D2-B4A0-4F75361B52B6}"="{4FB41A77-C5EC-4F1A-A34A-D1B6513FA65B}"
"{A38E6936-AB16-43F1-9F1F-0D7B3EB199D5}"="{F0F21A32-BD1D-4415-A04F-49478413BC8D}"
"{B7B30845-0926-4489-8A16-F5C71FE91DFC}"="{F0F21A32-BD1D-4415-A04F-49478413BC8D}"
"{C2390DA8-41AE-46B2-A5E6-3CD64C10E1BF}"="{3FA99524-34A0-4262-8116-F515CEE79BF1}"
"{B5CAF68E-630A-4E90-97AA-05813232220E}"="{15E7FCBC-9ABA-4275-953B-152D3EEC45A8}"
"{C53FB0FE-7B0F-40AF-85BD-4F4F5AA4C4D3}"="{530DD3BA-CCCB-458C-80AD-D7EE32F89628}"
"{632E6357-958D-491F-980F-184CAB0C7426}"="{530DD3BA-CCCB-458C-80AD-D7EE32F89628}"
"{8470AB1E-8907-4F5A-943E-93A769504504}"="{70F991BD-264E-4F86-95D2-CD5D4C228B83}"
"{9B3C6960-55A4-48BD-B0C3-ABD075908B6E}"="{7F078DCF-CD8F-451A-9BCE-FADA41FA7A6D}"
"{57F4F6E0-ACBA-4541-8E93-423514564F60}"="{7F078DCF-CD8F-451A-9BCE-FADA41FA7A6D}"
"{19A6C8CE-85E5-423A-93A2-00EFB09ABBBA}"="{B7C6C05C-10C4-47AD-AD3F-074B481E3953}"
"{4F787445-CF68-454D-B541-6FABC9DCEBF2}"="{74EB45F7-62BE-4EC8-B452-D0126175D2AD}"
"{FB65F464-A4DC-4A4D-A5E9-B65D13EA2870}"="{74EB45F7-62BE-4EC8-B452-D0126175D2AD}"
"{B4EBEE3F-CBFA-4C4B-873D-82FCCF6AE2C3}"="{EA64EF25-E470-4722-8866-8C1783724D08}"
"{D9788DC5-BE8E-43C3-9C66-BE713FAF03E6}"="{DB554A0D-8CA5-4329-BE68-16309911E9A9}"
"{354FAF73-B0F1-49FB-A2C5-78246C4F43CA}"="{08185047-17BF-4348-AAA2-486A34BCF393}"
"{96E5D08D-2CB5-42E6-9E1A-EBA425A5780A}"="{08185047-17BF-4348-AAA2-486A34BCF393}"
"{1C50A936-4CE1-4BE7-BBB5-28BB268CBA9A}"="{53BEBD27-F224-457C-A022-DB59FF21E281}"
"{940D08E0-521D-4206-B05F-C8B2E12F8937}"="{16F76879-BBF8-46B0-8FE0-BF43FEAAC16A}"
"{A3B50ED7-534C-4D8F-8A76-681DE3E7381F}"="{16F76879-BBF8-46B0-8FE0-BF43FEAAC16A}"
"{A46BB227-C246-4010-82FC-642E6FB3F10F}"="{DFA1D955-9DBC-4751-ACFB-FD4D1853DE8F}"
"{E39926E5-64C0-40F2-B762-C0389DCD0B9A}"="{6F892C6A-F705-44D8-A5CB-F2EFFC10DC70}"
"{A5AA1692-43C2-482F-B7A5-93229AE0704F}"="{6F892C6A-F705-44D8-A5CB-F2EFFC10DC70}"
"{4018A635-2BD5-4FED-96E5-4C53E2A3AD32}"="{DFD21436-3CC4-40EA-8AC4-E44CC105F2F0}"
"{A6522AD4-344F-493D-95C8-097FCE154CA2}"="{AFFF198C-51DF-4CC3-B018-A04374470F67}"
"{ACF34CAF-6B7E-4948-B7D0-0159B91CD5A3}"="{AFFF198C-51DF-4CC3-B018-A04374470F67}"
"{1C09A06E-7839-401A-B875-3090CE29FDEA}"="{17EF6B9D-D3F0-43B9-B396-F3347C7D61F7}"
"{FAEC2551-F71A-4F00-86F9-1E2FB8C67403}"="{F1F9FDB9-DD2A-4A25-9876-9B27F6892353}"
"{0415DC78-85A9-49DC-9B81-62398CB57041}"="{F1F9FDB9-DD2A-4A25-9876-9B27F6892353}"
"{9A7D1D79-DE78-4C01-8600-FFC3A8042A91}"="{FC9E4F8A-111C-4201-AB7E-DCD1A172C8FC}"
"{12E32C8F-EB7F-460C-86B5-3EB54658357C}"="{912A5AD7-B700-4BB6-AF01-D2595DE1E1B3}"
"{E9C90F07-8662-4A02-BEE5-52B3D09564D2}"="{912A5AD7-B700-4BB6-AF01-D2595DE1E1B3}"
"{1AD8FC30-A34B-4AB1-BE17-BE6D71A5A748}"="{C9DE9539-064E-43A1-84B4-9FF1D93E2D32}"
"{6B2E84E9-F31C-41EC-9057-2F1B6F438CF2}"="{C9DE9539-064E-43A1-84B4-9FF1D93E2D32}"
"{538CC162-09D0-49CE-9999-C343ABF133C2}"="{F7ABFEEA-6B7B-4071-8EB7-D3F42FF37814}"
"{29FD1373-619E-4D0B-830A-06E1A16E7D2E}"="{C693BB16-AD3B-4CDB-BD04-1AD8DD8A18A7}"
"{4C69C2FA-72FE-4B0B-87F0-A41651A1C747}"="{F0BD8310-B95B-46B6-BA79-10866D87A177}"
"{C1A4A44D-8772-46CB-A99A-2689AE9F2492}"="{1700A072-4BC8-4DB8-ACFE-96E25FDBB32D}"
"{B1EC4AE6-8544-43CD-9556-4FA850E6E53B}"="{F0BD8310-B95B-46B6-BA79-10866D87A177}"
"{E6FC24BD-6584-450E-BE77-F8B48AC92245}"="{C693BB16-AD3B-4CDB-BD04-1AD8DD8A18A7}"
"{9D1B5001-364C-4C80-BA31-B078018F258E}"="{E06A47B5-FC3A-4D68-AF8E-CA1A5E391BCB}"
"{0C061882-A081-402E-8EEA-D327FAEDDD53}"="{6317FCC0-DA66-4FE8-BE17-926452CFB755}"
"{17C3C0C3-C169-4A10-ABE4-8D7492D5F565}"="{CE7490AA-7DF8-4F0F-8A13-99F6DEE154D6}"
"{47D15730-341E-485F-9C97-252B7CEC3B13}"="{362FF233-2807-4E02-ACB2-73E7C54D8008}"
"{23AEC6D0-9E4E-4F33-99D4-4B367861B717}"="{362FF233-2807-4E02-ACB2-73E7C54D8008}"
"{C97A97D7-7248-4A77-8615-3AA19A650C1A}"="{6317FCC0-DA66-4FE8-BE17-926452CFB755}"
"{B9D73179-3649-4EBE-B364-E969A30D9165}"="{B3A63B7D-6EB3-46FE-A022-2468057F5B73}"
"{85A9CFD9-D375-4C1D-9731-54B147698EE8}"="{DF2F84C4-1B1F-4145-88AA-1E7A8EFE35D4}"
"{7E97C6EE-ABD1-4BAF-AF8E-016D1EB32519}"="{947EAA02-5A8B-4FA1-AEDA-FE4B7D717D97}"
"{8F980EE4-2F9C-4B66-8536-D0EA994081CB}"="{947EAA02-5A8B-4FA1-AEDA-FE4B7D717D97}"
"{64F846BD-6EB0-4441-ACE4-C87605482F3A}"="{BC035A46-DFE7-45E6-8F32-3ED77AEAC5CD}"
"{A7F55D1C-98A5-444A-8D57-E47C90421942}"="{2ABDD67E-019C-4C8B-8442-4BDA01060029}"
"{F5893AAB-7AFB-4003-9CFD-ADB8968403FF}"="{2ABDD67E-019C-4C8B-8442-4BDA01060029}"
"{45297EE0-2A2F-4366-9EB9-64ADB26016D8}"="{2B0AA92B-AC1B-44FF-B725-6A72AF7AFC52}"
"{40672798-D005-4DAC-B1CB-B3A707E32497}"="{019A9326-3F5D-429B-9BFD-9DD0619FEB2D}"
"{67B4EC11-8052-4B77-977F-6655C276CADE}"="{E3E6D072-5573-429F-AD54-D02A71D51B90}"
"{CD2EE7D4-5E85-4F03-88D6-D80D9F59EB50}"="{0007C8BF-6D42-4D90-AA20-ED3C337EF3E5}"
"{EA008516-432C-487F-B398-BFE40F85AC29}"="{E3E6D072-5573-429F-AD54-D02A71D51B90}"
"{99319FE2-DCDD-491B-9668-C708AF79B7CB}"="{019A9326-3F5D-429B-9BFD-9DD0619FEB2D}"
"{0AAE6FE1-8287-46B8-BFEE-1BE2F4ED28BE}"="{35EBCB59-28C8-430E-9E9B-86CFED4A97B0}"
"{45A53D27-42C3-419A-8867-ACA136350DDB}"="{35EBCB59-28C8-430E-9E9B-86CFED4A97B0}"
"{3719C6D5-AC48-4E3D-AB0B-9FB4C3DBFAC6}"="{0C55BCFC-DECE-4F5E-88EF-839298D671BF}"
"{CD1A8723-C02B-49FA-BDAC-FF2CAC21C36D}"="{AD85EC12-F09C-4920-A1E4-4243C13B2D8D}"
"{63539E95-2BB0-4F7F-B429-915DD7DA897C}"="{DA65D6AB-E821-4311-B904-A4939E7A3018}"
"{E71878A4-2415-4D27-9073-942C3489E1FF}"="{DA65D6AB-E821-4311-B904-A4939E7A3018}"
"{65C3361D-27DF-4E3E-8775-89D7FBA7FBCF}"="{E24DB8FE-437B-45D5-8431-305C8038C5B1}"
"{BCD30C9A-40ED-4D2E-A73A-D113AD4EC89E}"="{EE089F88-B5E9-4337-9FBA-4D47A08C5248}"
"{65032204-9E31-4D36-9F2A-4F523EAAB4FD}"="{0BC7EF78-466D-49DF-9749-EC2F5F868AAA}"
"{2044C65D-5C2C-479D-BA67-35ECE280D082}"="{0BC7EF78-466D-49DF-9749-EC2F5F868AAA}"
"{81194EB1-7D27-4086-B23A-BB2050ED8151}"="{476BFD72-837D-4D60-BE35-B8E4B93C963A}"
"{060FD416-0E8B-4193-AAC6-C962976C3C51}"="{40F53C37-7183-40FD-99B7-D26A7D20FEE7}"
"{842DF0D7-93F6-47E8-9A63-962EA10951AF}"="{7C90A2A2-00CA-4F90-8B92-12689C9F1797}"
"{D7165859-FA7E-4799-9DBB-67925B50838D}"="{D02B940A-E99E-4EC2-A7D1-B9BCED56ABA3}"
"{4578AB4C-BFCF-4779-B832-A61B2D343C49}"="{D02B940A-E99E-4EC2-A7D1-B9BCED56ABA3}"
"{96DCB54C-74BE-4E6F-A8FD-5460624A04CA}"="{0872CF1C-F5B3-4EF1-A86B-854938E9208A}"
"{EFB4DA93-AB4E-4185-AA52-13268EDB457B}"="{6CEB6F64-DCD0-489F-BBCE-B916796F7B49}"
"{F796C74C-C182-4EB2-AF0E-8BE4D7146F52}"="{213DA905-2868-4BCE-A01D-859436D2F8DA}"
"{733F5E51-FEE7-40B6-B8C6-2706621E3635}"="{213DA905-2868-4BCE-A01D-859436D2F8DA}"
"{98FDB9FF-7AA9-4C05-A8F7-7421813D8E20}"="{049FECBB-3AB5-488A-92EE-CE22FD0805A2}"
"{21A8BBBA-2B67-4D82-924A-485E36F4CE8B}"="{049FECBB-3AB5-488A-92EE-CE22FD0805A2}"
"{6032716C-0967-46BD-8AB8-38160BD2A109}"="{7EBB3D30-D5E2-4869-A055-DADC23541D04}"
"{141693A7-197A-4CE3-A81C-48BA04414F09}"="{EF7D13CB-4CDA-4D22-BCEC-3CCA19CF2E63}"
"{76C7E9A9-5016-4816-B84F-9BCEAF70A5A0}"="{3D1CF165-115A-4920-917F-37C1E632CC55}"
"{32046A9D-4FF4-4AF4-B728-F3E605B9006F}"="{E79A2CC9-C8D4-499C-B020-845014A788AD}"
"{D0C3EC87-81A1-4B23-A178-AFE74FC10412}"="{E79A2CC9-C8D4-499C-B020-845014A788AD}"
"{86491098-AE2E-4EC0-9EC5-9A179AF6F9D4}"="{78702EB3-2BF2-48CF-988F-66C48529D14D}"
"{31092FAC-8B60-4911-9B60-B0CA43D875D9}"="{7414233B-97C5-4149-B613-DA6C8EF6EAB8}"
"{72324082-633A-448D-86FA-9652EA37A00B}"="{A36CC76D-AA7F-4FB3-814B-560AF32DE00D}"
"{380E1C76-B555-43DF-9227-75CFE6F00821}"="{A36CC76D-AA7F-4FB3-814B-560AF32DE00D}"
"{3F86791A-038F-41A7-8F92-4FD77EA370B6}"="{4A85E6B6-EF0E-4B86-98E6-52F241CAE3B1}"
"{F4F105B4-AFCE-44A1-B100-4930BC105522}"="{69A59FD2-DDAD-4952-BACD-DCEABF8FE01F}"
"{4BC49A4B-27B7-42C0-A26F-2D0BEC864286}"="{E8476E2A-CBD2-4490-9CDF-6FEC9E7292EE}"
"{99D16E9F-8C1E-4EF2-BAB6-CCC4C296B58D}"="{E8476E2A-CBD2-4490-9CDF-6FEC9E7292EE}"
"{72E3D79E-A7E0-4918-B096-7048CE9C27FA}"="{CAB4A579-F842-4D61-80BD-E977135F8148}"
"{DA51CBB1-BE33-48BD-9830-598BA06AA162}"="{83267CEF-AE80-4F88-A231-C7D082761E0E}"
"{D70B7BAA-F812-4722-97BC-12C8CCC2C28A}"="{83267CEF-AE80-4F88-A231-C7D082761E0E}"
"{99079BA8-BBD8-4A91-8A72-D8F2FDA03F3F}"="{540D89DB-1D4B-42D2-BF6D-568893DC05B6}"
"{D2025B70-57BE-450B-AE88-0E7BDFFF36B4}"="{CC8D4491-B15C-4B5D-9E4F-9B18629495AB}"
"{7F75F690-10B2-46AD-89BC-F69C0F53499A}"="{CC8D4491-B15C-4B5D-9E4F-9B18629495AB}"
"{6B889403-B2BF-4F62-A97D-DB2E54BD9927}"="{FA425946-CE5A-47A0-B1AF-E434B4BE12AE}"
"{A35B49CF-586B-432B-BDFD-F86A689381BC}"="{31271B9A-8A02-46E2-82D2-2A2C48F5AE6D}"
"{25EA500D-DAE6-4720-A596-CBBD0413090A}"="{0AB481C9-B80A-4CDD-B284-C8DF84A81B2B}"
"{D738ED55-829B-4C64-BE07-E57D7D67FE15}"="{31271B9A-8A02-46E2-82D2-2A2C48F5AE6D}"
"{802E0237-22D6-4A1E-943C-AD8C322C03DA}"="{A6895D9E-ECC7-4A7D-BF4A-8B0F8DBC6CDF}"
"{9145A899-328A-47F7-BA40-80A2DCBF81DC}"="{5FAFD5DF-D815-480B-8A94-4EAF91DB16DC}"
"{E59B07D4-4DC1-4DE3-8BE4-C627D7FDE932}"="{F1DA788A-1977-4F90-84D4-20AE667C17CB}"
"{E3D03E3D-F5F0-445C-BE09-384C8DAE46D3}"="{5FAFD5DF-D815-480B-8A94-4EAF91DB16DC}"
"{405FA2E8-329F-4E94-8FE1-6DF42E829E90}"="{80A9280E-32A2-4076-A18B-77432F28D39C}"
"{A59C4985-2D80-4EDF-9378-DD35EEF876EC}"="{27C7061F-3412-441C-8D23-9A66CEDEE8FA}"
"{7BC333D9-A3DB-4DCE-A7FA-1EFD74C317E8}"="{1B486873-93AC-444F-989D-431FA73E034A}"
"{218095ED-CC14-4889-99E5-9CF34FB8B143}"="{1B486873-93AC-444F-989D-431FA73E034A}"
"{B24DC7E6-8302-4C87-A8AE-69A6EA7240E8}"="{1EE35DEC-5642-420E-BEBB-FF37F2E3A35D}"
"{B3C9D609-5A4A-4B19-A0EB-1F8D42E0A07E}"="{AD67A87A-9CC2-42C1-8D8D-93D50B885809}"
"{9614E561-76D6-4170-A07C-E91D8C9E7263}"="{31923B3C-54F5-4DBF-8F8A-ED42BA4BDD05}"
"{78B9BB84-018B-4E98-8163-C49E184264C5}"="{AD67A87A-9CC2-42C1-8D8D-93D50B885809}"
"{F74D1A26-7184-4860-B4AF-61DB5AC11581}"="{D8C80CC6-4DE3-4244-A210-D350E62B6121}"
"{5F67012B-0008-456B-A001-8A59208CED4F}"="{FCD2D189-170C-4173-85BD-7F7E6DFEF2DB}"
"{59E8D1A1-9AD0-4BB9-8695-D65C6EC45F64}"="{FCD2D189-170C-4173-85BD-7F7E6DFEF2DB}"
"{6416F6F3-137B-4306-BBC6-F4B5087DE943}"="{B9665550-EDA4-4265-8936-4BB1515C0123}"
"{66287DFF-B4D3-4864-9691-D517AA389153}"="{B86E81D3-85D0-48BB-A7B0-1D399F272F1D}"
"{E458896D-52C6-4FDD-B557-0D4A1B0D6349}"="{B86E81D3-85D0-48BB-A7B0-1D399F272F1D}"
"{EEF45D3B-4BCA-4599-AED3-3A8FE77DD56C}"="{BC70ECAD-4C5F-4C22-8123-AD37596373AA}"
"{0486EB87-45EA-4FDB-A942-5083F8978981}"="{3B34029C-EAA6-4057-A80C-EF88B70EA1FF}"
"{F9C03C2A-5DF4-42D3-98A8-F1D6F5CFBB86}"="{3B34029C-EAA6-4057-A80C-EF88B70EA1FF}"
"{60B1D13A-1211-4118-91E9-EA7AFDF05C00}"="{ADCF4E3D-B79D-46D3-8F06-902F4BD1DD82}"
"{E24C0B83-6430-47A7-9A7B-6A701B6BE858}"="{C4A20312-4DF9-4F75-82AE-E58212705194}"
"{2B71D7EE-4CBC-4FCC-8C2C-A4AC14A1FB4C}"="{C4A20312-4DF9-4F75-82AE-E58212705194}"
"{3F1551CC-4760-4A7C-B958-A7E0BA71DFCD}"="{F5CD8E58-EDB7-40D3-A6C4-E5C3A39FE8EB}"
"{A1615DE3-FE1E-4877-9469-6C9349E0F987}"="{95877741-3D54-41DD-AC0C-4D7DC5536073}"
"{2DD5A06F-A65D-441B-991B-F8BBB48F1215}"="{95877741-3D54-41DD-AC0C-4D7DC5536073}"
"{D074FC68-5EA2-4C6F-95A4-7E7D1FCEAC07}"="{F05D84DF-A39E-4A63-9851-C050A2741B3B}"
"{62DB2AD9-4A6A-45EC-956D-CF21DABB6510}"="{6CD7B555-E734-4A08-A405-661D493ACD50}"
"{D56E1065-3AB8-440B-8ACC-1607350F54A7}"="{D3647F80-DAFA-4D52-8E7C-B3830FB29EBA}"
"{A2188A35-D70C-40E1-98D5-D2A3105C1937}"="{D3647F80-DAFA-4D52-8E7C-B3830FB29EBA}"
"{790BAA31-042B-46B2-82A1-8351D029D01E}"="{CA552C25-6C8A-4B89-BD18-E15ABD9A7A0D}"
"{456A505D-95C9-43C9-8F80-1D76A48F2968}"="{3DA1BB7E-16D5-456F-921B-14506AA4801A}"
"{702F1BE1-5743-4799-B48F-468860118347}"="{C6142F1C-6700-4285-AACD-75460E011AD8}"
"{C63D9836-A18E-4DDF-892B-B49DF234280E}"="{C6142F1C-6700-4285-AACD-75460E011AD8}"
"{7817A2B7-4344-4FDE-B73F-0B6735E9198F}"="{3ED3D105-AE21-4239-8580-E4F17E05ABC8}"
"{FC8B4735-0565-40D6-A95C-90B8CF789FB8}"="{3ED3D105-AE21-4239-8580-E4F17E05ABC8}"
"{2D4A30F8-2206-4680-B0E6-FF7ECA89B133}"="{7F5A48F3-EF08-459A-ADAB-CFC1361DE676}"
"{8B483EE0-424A-4DEE-BE1A-4FAAE4322388}"="{7F5A48F3-EF08-459A-ADAB-CFC1361DE676}"
"{E27BF9E2-4167-46AB-BCEE-8CC9928FCF7D}"="{3A0D0488-98D8-4B90-96A9-61CFEAEC74B7}"
"{BE208E4D-E54B-4FB0-AEF2-669D97E48290}"="{3A0D0488-98D8-4B90-96A9-61CFEAEC74B7}"
"{828FC422-7820-44EC-A8AC-8CB85E6D8F2D}"="{67143093-AA32-4D1E-B2F9-B09F4C482836}"
"{5921FDC9-8DC2-427A-ABB8-A19D8B12D8DB}"="{CDB9E30B-C735-4B46-85D9-BC901F0CE7EC}"
"{BAA7EE63-C1FC-4BEB-9556-AAB47AA9907C}"="{2B70C6CE-0B3E-4798-9A0E-2739096695FF}"
"{39A84DB0-C3D0-4108-9C0A-7DCCECB7909C}"="{2B70C6CE-0B3E-4798-9A0E-2739096695FF}"
"{00C930C8-BDE0-4385-9152-710CCFC36310}"="{2FFAF49D-728C-43C7-9553-6A170AE83501}"
"{45404933-07F4-4018-903F-9D8F657317AB}"="{2FFAF49D-728C-43C7-9553-6A170AE83501}"
"{562DD3C5-78C0-42CD-9A72-C53C4FC2EA12}"="{79FF9686-5647-49CB-8894-7C072D9DFF92}"
"{4DCF4C2E-3C51-4940-86D6-478B7318E113}"="{33EF58A4-DADD-4D2C-AF5B-E333B0272452}"
"{54E62B05-58C0-4210-9E04-C80BFADF22DC}"="{33EF58A4-DADD-4D2C-AF5B-E333B0272452}"
"{6B9799F2-2DCA-4904-8815-885832CA56B3}"="{D985D8A9-D171-480D-BEC7-CFEC1D17CF6F}"
"{63EFB789-8C54-4D29-BFAA-1DB5D62071C4}"="{D985D8A9-D171-480D-BEC7-CFEC1D17CF6F}"
"{6BF149A5-545B-4408-90A2-264DC41D7757}"="{AC26EC0D-26DD-4BE6-AE71-228AF5E795CE}"
"{91A581CD-8E2F-48C6-9318-8E9F88F38EAF}"="{1BD3FFEE-2625-448F-9A8C-79B355B9CC7E}"
"{FD4ACC6D-F7CA-4688-A9B0-AA104A020236}"="{1BD3FFEE-2625-448F-9A8C-79B355B9CC7E}"
"{F78B9899-4706-42CC-B683-F32CB369523E}"="{97F3BDED-4FFF-4450-844E-01F26BDA4131}"
"{446F82CE-EE26-4175-BBE6-2FFB8C07CD70}"="{8AAD365E-B87D-47D6-B9E3-DC9D5F890332}"
"{D12427F3-CE75-4D97-8284-953F4772D248}"="{8AAD365E-B87D-47D6-B9E3-DC9D5F890332}"
"{0A361B80-3FBF-4A5D-90D6-FD9A1BACDF8D}"="{27C96B01-09BE-4E32-99F3-C22DB2BAC3EC}"
"{555143D0-7104-404F-B48F-D9BB02C7AA88}"="{2E97F4C5-4380-42EA-A75C-1DBEE8687C44}"
"{AFA2BF53-EE8F-4856-B081-35F310D8B351}"="{2728906F-EBA8-42E1-8832-AD60D652D7BB}"
"{5A540FA3-2B2C-4219-BF2B-D57531F64478}"="{2728906F-EBA8-42E1-8832-AD60D652D7BB}"
"{D68C82BE-66F8-4421-AD97-62C9CEE97703}"="{176C1456-4E78-4EF1-8D14-B86FC796F367}"
"{78B36DB9-E549-496A-920C-889242C85697}"="{0767A3E3-EA48-4950-A2C4-6AE6FB2622E9}"
"{597D6C09-2939-48CD-B1F6-7133103C179C}"="{0F70F440-7622-4253-85D2-6BC27B70480D}"
"{AE89E38B-6DBE-4053-A7FF-2BDD9024A5BE}"="{0767A3E3-EA48-4950-A2C4-6AE6FB2622E9}"
"{9A2AC5EA-AEB8-4739-BC36-D47B788DE345}"="{13A54885-FA74-49CC-B79C-613C9B07A6D8}"
"{7C8F85BB-0EAD-4CF6-B23F-361678FA1DC8}"="{A1D005A3-F59A-4B24-B30B-0ACEAEA8319F}"
"{A74B0DC2-FA35-4AAF-85BB-DE3A362471F2}"="{A1D005A3-F59A-4B24-B30B-0ACEAEA8319F}"
"{A0F617E8-07D2-4B6C-992E-65597D9CA438}"="{8838570A-DB07-4474-A27E-93919DD09E7F}"
"{6FDEAD34-E502-436E-8536-004528302F9E}"="{8F2A4155-5CCD-4BBB-B107-21F69DCAAF5E}"
"{3C3FA589-2EDC-42BB-ACBB-D95686AA96FF}"="{8F2A4155-5CCD-4BBB-B107-21F69DCAAF5E}"
"{D8744430-22E0-41A7-A040-848FFB568BB6}"="{228E5B79-503F-413E-99F8-1D56150D6A32}"
"{AD9B45EB-7FE6-4173-B1A4-04DD4A89E027}"="{CD68FAAD-7244-4024-A66D-9F67E355DD03}"
"{0BE3CD42-3004-41B8-BA6B-BCC71AB2F639}"="{CD68FAAD-7244-4024-A66D-9F67E355DD03}"
"{8DCC33A6-E918-464B-9072-7262A0A7A036}"="{5E745C93-3E7F-4ED8-9EF3-12B1BEE416FE}"
"{5D102B75-4AE7-43D3-97A6-102390F2D58C}"="{5E745C93-3E7F-4ED8-9EF3-12B1BEE416FE}"
"{837F07E6-F62A-40EF-A8F0-D6B280C66F5E}"="{EAFD7A7C-C2AD-47AA-B9AC-3B3D2C8C9F3D}"
"{F5F342BF-F8F5-4B4B-8E45-FA08CFB8925A}"="{1624442B-1402-482D-A86E-49A2CA1F616B}"
"{4788FE6D-1BF1-4412-BAE8-8EBED55BB5A3}"="{1624442B-1402-482D-A86E-49A2CA1F616B}"
"{F4ABD4F2-2410-4C10-B86D-DF808A0BBAD1}"="{848F66E6-2DF0-4C6F-AF9C-D2BDD94E48FE}"
"{2FAE970B-EA62-4DD1-8927-8FF430672644}"="{DA9D401B-5453-400B-9F29-3687B6BB4631}"
"{518E4A02-48C9-4351-9DFB-D3101B3FDAD8}"="{DA9D401B-5453-400B-9F29-3687B6BB4631}"
"{EF41E6FB-810B-436C-8941-352710216505}"="{CF861977-15E9-4BC2-A4FE-DBD5B36817D2}"
"{CAAA4BC7-A253-4BED-9ED9-CC2D0E849DAA}"="{8807E36D-A82E-4BC5-BA1F-5F61A7F73AF5}"
"{D6843473-ED97-47EE-9C8A-62C3245E92D5}"="{8807E36D-A82E-4BC5-BA1F-5F61A7F73AF5}"
"{D4424352-CF57-45FD-A96C-B69F2728B1AC}"="{F46F159D-9B30-49F2-881F-57CFF2556066}"
"{7154A47C-738C-4279-813F-9B098ECF7377}"="{0B833DAA-B935-4196-AB92-BFE7ECC7B92D}"
"{AB261A51-F2E9-4697-A489-596AE8D58109}"="{81692DED-1285-47BE-BC04-D7BED69F97B4}"
"{C0AA8CA2-5BE8-4B03-8BB4-3B354D86BB2B}"="{2C3346F8-EA75-4517-8733-411423BF6BED}"
"{727E6292-F825-4DF7-879F-E807CE932575}"="{61DA3583-25A1-429C-914C-93530B3F7EEF}"
"{0DA737FD-DFFE-49A6-950C-B28D34533459}"="{4A121F6F-1AD7-40EC-A762-2CED10A24158}"
"{3E3A15C9-FB40-46A9-A862-5C39EBF85E30}"="{6D449ADF-58F0-4CAE-A12E-9982C9E52D36}"
"{55AF7800-7B15-4779-9637-2F24FBE610C1}"="{6D449ADF-58F0-4CAE-A12E-9982C9E52D36}"
"{05E6EBEF-967C-4F49-8AF8-7F36DE82D9E1}"="{35F89E31-B66B-43D5-8709-10EB06279C30}"
"{AFA0D00A-FEF4-4DE1-B4B4-2D6505258AD4}"="{1016D81A-FCC8-4EF7-AA6C-E6FEEBA4CEFA}"
"{1A5356DB-110E-4305-8AFE-5F686422C7CB}"="{1016D81A-FCC8-4EF7-AA6C-E6FEEBA4CEFA}"
"{1950201E-9867-469B-ABD1-8092AE9264C3}"="{91EFC23D-E7D0-4F01-AD40-0B68F3577A15}"
"{1CA71049-93F6-4B8D-BBFA-952FF97826E2}"="{0B77A563-29D2-4673-82A2-5ABF766C6D17}"
"{8067C410-7309-408E-B89A-05C80C469654}"="{C9D7BCC9-677A-4EF2-85F4-C732163144F4}"
"{F95394EC-9C4F-4EC9-A8B2-019880C1EEC4}"="{C9D7BCC9-677A-4EF2-85F4-C732163144F4}"
"{3B8A0483-FD06-4FF1-91BE-1CEA23A83454}"="{6E773B2C-0034-4180-BE55-093C54B1A8B1}"
"{FA83043C-D883-4C1F-90EA-3E8BC7200FD3}"="{36255248-033A-4E77-BD9C-5CD2BF752FBF}"
"{BC7DD456-23E2-489A-B009-3582B1E62E9E}"="{36255248-033A-4E77-BD9C-5CD2BF752FBF}"
"{9C7E5BA8-EED8-4F89-8B57-DCE1C53746D1}"="{3565A3B0-DF19-4068-83B8-A470AE84B8B2}"
"{35D871C6-72E4-4899-BCDE-CAF71F24BA68}"="{6678E39D-9341-40C2-9CF4-5AEE52D0ED30}"
"{46FEA3A8-074B-4B37-80C6-B93F63E5762C}"="{993F7581-5BC7-4946-87FD-B0CAFE3D6DB5}"
"{33161DC9-759E-4CCE-8245-636B2FA0FA2D}"="{993F7581-5BC7-4946-87FD-B0CAFE3D6DB5}"
"{E3CCA8D8-A468-4302-992D-8729B60AA89B}"="{10A3F5A1-1476-4DCB-AF91-7D32A28B8A4A}"
"{FA0EDBF0-EC1F-4E36-B629-116AB63DBAD6}"="{10A3F5A1-1476-4DCB-AF91-7D32A28B8A4A}"
"{24020F7C-A310-4482-9103-F7605723E48C}"="{8CDF5DFD-0278-40DF-81F2-4285AB9C30CA}"
"{D5BFBE69-0A78-4833-AF07-CB73AEC7A505}"="{C54A2373-3C4C-44A6-A2F2-F2B7250275AA}"
"{92459EEF-BC1B-4521-A45C-24D0B83EB973}"="{C54A2373-3C4C-44A6-A2F2-F2B7250275AA}"
"{6D15ACCD-B150-4458-ABC2-BB01B4213BAA}"="{9C7B63FE-FE06-4ACA-916A-9037511CAD24}"
"{D1AEE0EA-4D6E-4E05-A374-244BE55DBE4D}"="{D9C6CA28-0C0B-4D4F-AE88-AE017B1D0877}"
"{62CA4714-4BDC-4400-A085-90511CC8D48D}"="{D9C6CA28-0C0B-4D4F-AE88-AE017B1D0877}"
"{51C9BB50-DD7B-479D-B375-C07BC07173B4}"="{E67340AC-B1B5-47C9-B36F-73E2CA712CE6}"
"{07CADD03-7B44-41E1-AB01-0AAFA253ACAC}"="{E67340AC-B1B5-47C9-B36F-73E2CA712CE6}"
"{8AA0889C-304A-4CE6-9A60-7B067C615CDC}"="{60A330C8-2229-44F9-AE3A-1F5771A2BACA}"
"{E5AC9915-7B2B-4B30-A874-EAE1C71D5ED6}"="{243BA644-1997-4D56-A69D-7CA162D6B514}"
"{BA5E89D0-5C3A-430A-98ED-80C51A4F02DF}"="{243BA644-1997-4D56-A69D-7CA162D6B514}"
"{66B22231-800A-4F98-A7F6-6D6F338843DF}"="{A812D63E-6EBC-4E93-8CA1-FF9462A5E400}"
"{FC86BA91-12FB-4D20-B615-3B02D738AEE2}"="{5DD8D4F5-87A4-4D88-A67E-FBD70F6EB71A}"
"{CF7A426A-43DD-40FD-9EA8-8B6AA5646A25}"="{DDB1B265-3757-47F6-8507-B39545F851ED}"
"{B2E95801-8C59-4957-AD5D-EDDD11317F76}"="{DDB1B265-3757-47F6-8507-B39545F851ED}"
"{C08C4B62-20B4-429B-A45E-8487A917C164}"="{D027963A-336C-479C-B747-8301BBF2B5DD}"
"{C32C9B52-C2FD-4DC7-A788-E5C0E4D9F10E}"="{EA4F0F4D-5040-470C-B21F-799D79E6327A}"
"{29C5A268-376A-431C-92B1-4C4B81363525}"="{90ECD25C-2204-4664-87A4-EF5050DD8D2B}"
"{E2CE6939-04DA-4B90-9B15-D22F6DCB6E08}"="{8E133189-B015-4A5A-8F16-15F5F9124EB8}"
"{9271455F-D9CE-4843-8123-AC0DDCF86B78}"="{B6F42D70-68BB-447A-B99D-2937324DA103}"
"{6DB32BFB-D05F-4703-8607-872119C3502B}"="{B6F42D70-68BB-447A-B99D-2937324DA103}"
"{BEFE4AEB-C8E0-44BE-827D-5F1E03289816}"="{CE368D82-2303-4985-A853-C561ABF81825}"
"{996CEBBA-485C-49EB-A65D-2B9E06CC5A95}"="{F1F18CF8-542A-43D6-9F33-45B3FBCDC807}"
"{F17493CA-56C5-4E26-8CBB-9036B4308640}"="{7216328A-2BCC-4AED-B718-957C0BDE9C42}"
"{CD45CED7-7DC5-463F-915A-E4882FD37287}"="{7216328A-2BCC-4AED-B718-957C0BDE9C42}"
"{E0B37171-CA63-4054-91DE-09A3B0B174DD}"="{74956129-42D3-4AE2-99B8-7B1E2C6CF64B}"
"{CB77C531-A46F-4515-B631-2EAB87AF2762}"="{95349DD5-626D-48CA-BA21-DDD208EB4816}"
"{25E399F5-9546-4357-9D81-AF1EE4C7C058}"="{95349DD5-626D-48CA-BA21-DDD208EB4816}"
"{AA5A1050-41DD-4234-94E0-3245A15DAD54}"="{1A5FAF38-37DB-43DE-A37D-B70C68377854}"
"{E3895AAA-7C29-4BD9-A93F-50199F6A3404}"="{297F17FC-D230-4F68-8FC0-939C23E1A938}"
"{753BA65A-3487-442C-880E-8C4034B8C7F3}"="{3804A418-74C2-4E0E-B741-83A813342F46}"
"{C3302FD5-211A-478C-A3D5-0CD59BAE8913}"="{297F17FC-D230-4F68-8FC0-939C23E1A938}"
"{D516E3DD-472E-42D3-8C37-23018A84CF68}"="{57089B37-0B5E-4574-8446-57E13B1C305A}"
"{DF4ABB50-E007-42E8-803C-E3C7F39C5AEE}"="{A9D7A5C8-4391-4712-94ED-D0E31B4E08E3}"
"{50C0509C-630B-4BC8-831B-A6C8DAB0C2A8}"="{64D18C4A-B242-4E8E-8649-DC06DF5D90D4}"
"{971971DF-68FF-4699-A4E2-2716C6B9261A}"="{64D18C4A-B242-4E8E-8649-DC06DF5D90D4}"
"{1079B0DB-50E2-4F9C-847A-A4821C76502F}"="{8374CFBF-46D0-495B-8987-8F10BD4CAFD6}"
"{68779547-A2D1-48CD-A21B-9FEC9EB744C9}"="{FDA4D4FC-4016-4B4A-8B62-C6F08AAB1C3E}"
"{45917345-EA68-4A82-9F1E-1F21A7C5F48B}"="{9C1BDFCA-44E5-4403-8CAF-143B3C8E5910}"
"{88756034-4D7A-4C95-B904-86E752EF2753}"="{9C1BDFCA-44E5-4403-8CAF-143B3C8E5910}"
"{2C0050E6-F6E8-412B-B5EA-97BF02F59836}"="{964A3DD7-21F6-4F36-8047-CEBC9DA27991}"
"{C5565C5C-CB3A-48CA-94DC-2004D09E18D1}"="{938AA879-0D49-465E-9814-AA951E4D1D08}"
"{84238243-BFDA-4CAD-A3D7-B147AFD9938F}"="{02718068-DF33-4E94-8104-3EC3067474E8}"
"{F82AFEB0-9332-4884-886E-AD52FDE74A13}"="{E96D42E5-4FD4-4274-B3ED-2745D687702A}"
"{830E2EA9-2C90-41B1-81D8-C9BFD6E7511F}"="{E96D42E5-4FD4-4274-B3ED-2745D687702A}"
"{8DD0123C-E161-4B3C-A263-9EDDC7D31F83}"="{946E64EB-A825-4277-A627-77652D0E42A9}"
"{62259CD1-C29C-4D11-B89B-784E5A7379E6}"="{27587C71-7AD4-4092-BD4E-BB846F24ECAF}"
"{A679CE89-4CA5-4D55-832B-2492F488EE42}"="{738F7FBF-38F4-4F96-BD9B-657B94E0B26D}"
"{2A464B23-2A33-4146-A27B-BE39134BF62E}"="{738F7FBF-38F4-4F96-BD9B-657B94E0B26D}"
"{2972A8E7-9166-451F-A62B-582702578A06}"="{B225B03E-48E0-41E1-8C98-916581EFC494}"
"{F6F469F6-E91E-4CD4-B1B0-CC789F41A4D4}"="{E1EC27DB-43C0-4D62-91CA-34965CE09EB3}"
"{20C77521-2E5D-4C2D-A144-F071A27784CE}"="{7B461608-8119-4AAE-AF04-73419FE2F8A8}"
"{E29E762C-121D-4613-A789-B96B48E05CA3}"="{7B461608-8119-4AAE-AF04-73419FE2F8A8}"
"{21F6C57E-FC2B-454C-861D-BA6A08CD5320}"="{3058AC4E-5F9B-4471-BC75-E6F0FC8D3DDF}"
"{8D035583-08E0-4749-B2AB-CD1567C8FF77}"="{A121F465-7AEB-41DC-A3BA-324A80870ADA}"
"{10F48FC9-070E-495E-8EDF-E4126013684F}"="{A121F465-7AEB-41DC-A3BA-324A80870ADA}"
"{56440417-BBF7-4931-A0BA-F1B53478AA47}"="{C14FB996-0DBC-44E8-BB42-21D2C78CFAD3}"
"{D72E9239-B509-42C6-AE0D-252A1142C8A7}"="{005B23DB-CFFA-4845-910B-534611D439E6}"
"{C3DD9E00-C1CD-41FD-8C4E-A220509D503D}"="{005B23DB-CFFA-4845-910B-534611D439E6}"
"{EC15EF19-1461-4ED8-A3F4-EB8E7C638119}"="{E4E76CC2-5E49-4344-B982-D700D09EE66A}"
"{E305F173-03D1-4E0D-B7EC-4B086FF2150B}"="{7328CB1B-3BF8-45AB-8568-97EAC42112C0}"
"{111F4ACC-3524-42CA-B761-BD43BDB5AC05}"="{7328CB1B-3BF8-45AB-8568-97EAC42112C0}"
"{C7FDBD16-6718-47EB-B7CE-0F0C29AD04D4}"="{00A01DF3-BBB0-4F61-A7C7-610EC7B70ECC}"
"{299367B4-EB6C-4F46-B230-08090ADD72CE}"="{5A196A3C-733C-410D-9853-FB38F36299B3}"
"{0E5A1177-CFE4-463E-B2D4-47B4C9AD24C4}"="{5A196A3C-733C-410D-9853-FB38F36299B3}"
"{0F1CAF32-8445-4029-A09A-BE59ED7D8D8B}"="{BE309617-4925-47C1-9F9D-AF9D6E907363}"
"{0EDC81AC-556E-4C77-BB8F-4B4807ECEE51}"="{98E57AAD-3391-4C0B-82B1-D2BD17B8A277}"
"{574863CB-DD9A-490B-BB34-63485B3E5AF9}"="{98E57AAD-3391-4C0B-82B1-D2BD17B8A277}"
"{8C276026-1674-4909-A41C-9AA275F3213A}"="{ED0EC107-5E7E-4E60-A20E-D90C161A097F}"
"{B1D53E45-C895-434D-A6D1-92A113607D58}"="{CD6A41AB-C04A-4D51-9E2E-3B03FC424E74}"
"{6D026444-679E-4093-A002-E057CE974E4A}"="{CD6A41AB-C04A-4D51-9E2E-3B03FC424E74}"
"{175C169D-9330-45DE-9415-561D53D01E96}"="{6FA61BE8-C644-4324-96FB-BE9909362DA4}"
"{3D2655BC-1A51-4A86-90AB-6988D1F04F47}"="{AFAE354D-1A8C-4988-9444-EAB3A05F0C4B}"
"{5AC81FED-2671-47EB-ADD0-D6F2AF14ED37}"="{C665734F-7D1D-446C-963E-236DB9BE7E42}"
"{19A55220-467B-48F9-8894-D098FB45388C}"="{C665734F-7D1D-446C-963E-236DB9BE7E42}"
"{B476BA53-7F74-4CEC-B1EB-059802250CB5}"="{19A6D82C-9969-491B-BEAD-AC8479A872A5}"
"{A18E4D65-C71E-4C68-9179-D8726235C473}"="{CB2F6AC9-E4EE-4747-9B30-C88DB0BD4CE6}"
"{F4AACF03-BE6A-4242-8876-4109CB89D51D}"="{182FBA13-4169-4E52-9929-552B6319B0FE}"
"{5286CAA6-DDE1-4995-B071-3E31DD40BE59}"="{182FBA13-4169-4E52-9929-552B6319B0FE}"
"{1B461E51-4179-4881-B57A-175AA55048E0}"="{2633DBAD-415E-4649-8027-986283666A9D}"
"{2C579D59-8319-4425-A081-980D70C1C45A}"="{2633DBAD-415E-4649-8027-986283666A9D}"
"{A7A3B4F0-7CAE-4A33-8750-BE9F42978967}"="{65B827CC-5E3B-4F65-AAF5-41E6E1145644}"
"{9CE2377F-6F91-424F-9B77-140782C1D84E}"="{0B1E92EC-963E-4A32-A72D-E58FE1D5A289}"
"{ADEB654E-BC71-4232-AC4D-9AFC74932036}"="{4265BD86-205A-420F-8730-082E20069E8B}"
"{6D08D627-8603-4432-BDB1-282456CC8166}"="{7FD4BE33-6A1F-4AD1-8E43-CDF7B7E639BE}"
"{E819E357-CF9F-4737-89EB-2430A4DA859E}"="{4265BD86-205A-420F-8730-082E20069E8B}"
"{CE77DB29-1367-4CD9-AE14-8408350226EF}"="{0B1E92EC-963E-4A32-A72D-E58FE1D5A289}"
"{D23992D4-A1EB-4CB5-9182-CA41979F466E}"="{8FA5771A-3C8F-4E8C-B7F1-EE8B2DE061B2}"
"{473609D1-5415-4DA0-8EB5-838A7EDD8314}"="{8A7A95EF-E079-45B4-BCCA-E1DD6E419A47}"
"{212E3036-D0E8-4551-9861-EF988B2F87AB}"="{8A7A95EF-E079-45B4-BCCA-E1DD6E419A47}"
"{FD1EF1E2-F3DC-4332-A3B7-6F83116B1050}"="{2DECA091-16FA-4180-866D-74A666382B9E}"
"{79FB0781-A4FA-4DC4-9D3C-A6A02FCF49D3}"="{62DF5DA8-6038-4281-95A4-1F28438ADF5C}"
"{C35B5422-6D9E-4708-A790-AEB9AAD171B4}"="{62DF5DA8-6038-4281-95A4-1F28438ADF5C}"
"{7F723B37-8A9A-49A9-8FB9-4445F720A3D0}"="{85192259-AFEF-4310-8B41-1EFF83FFB91A}"
"{43D94F02-EEF8-45D5-B553-F36EACC717B2}"="{2D23FE71-A114-4B5F-9EB2-71E89C0AB005}"
"{11D723A8-6B33-4F6F-A1E1-9F10923A04E7}"="{2D23FE71-A114-4B5F-9EB2-71E89C0AB005}"
"{2E241A32-9EB4-4CA3-92B5-D1EDCB43792B}"="{F24E1394-3738-4EFF-9D74-CDC970E6E2D1}"
"{F65ABF23-8048-4CE9-9DD1-DBAD0ED18424}"="{6DF101A7-FF61-4255-9C77-27A175EC8E15}"
"{16C1F53D-161B-41A4-86EE-71BED1851AE0}"="{6DF101A7-FF61-4255-9C77-27A175EC8E15}"
"{A0ABDEAB-4C90-414E-8C51-B99E4ECFC1A7}"="{1510F973-D671-411C-98F5-A9628A416A77}"
"{8AFAD9E2-AA1B-4389-B499-EF4DA5118CBF}"="{1510F973-D671-411C-98F5-A9628A416A77}"
"{8B0BD6A1-1169-43DF-812D-779B549EA51B}"="{E830CF16-EA23-414A-BA8E-A4F5F45B8A27}"
"{66DCED2E-4EF8-4ABD-AE18-791E47A6735A}"="{9E39C0C1-788E-4CF7-B768-CC8A7F1CFB9F}"
"{57E55B2D-E340-47A6-8907-BE604700E647}"="{9E39C0C1-788E-4CF7-B768-CC8A7F1CFB9F}"
"{B513EC7C-62A0-46A3-9F6A-4F5472AE6A90}"="{4FC52FFC-1959-4D02-A487-033CD8B7D7BA}"
"{8AA0333D-543D-4872-8CBE-97A0D7D9ED6C}"="{FF4DBF44-1EB4-4309-A281-E790E2F03AA6}"
"{AB4571C0-F83F-4153-BD96-269CF1C9FF63}"="{FF4DBF44-1EB4-4309-A281-E790E2F03AA6}"
"{C45B0CB9-8555-4F3C-9981-CBABB4B5A101}"="{F6E08A64-53BB-4515-98D5-344E90B65E7B}"
"{75115133-D4C7-4626-A36A-3D952732B35F}"="{EF7141C1-1574-4DB2-9B86-28441203B203}"
"{1617F6D9-0CC2-4F23-9178-45E014538663}"="{EF7141C1-1574-4DB2-9B86-28441203B203}"
"{8C715E28-A787-469E-AC44-BE5D8954BBD8}"="{BAB357F6-AABF-4E0F-8941-3060DBD7AC10}"
"{13A7E613-933E-448B-9625-93BEE135BFC7}"="{BAB357F6-AABF-4E0F-8941-3060DBD7AC10}"
"{671F47F3-A03D-4A28-BE3E-A24A327B31A5}"="{4BB297F0-E9CB-484C-8877-EA986BA7A320}"
"{B5EB40A7-5C8F-4DB3-B6F2-1E13FA8C5C3C}"="{4BB297F0-E9CB-484C-8877-EA986BA7A320}"
"{31DE53B0-76F3-468D-A7BD-98AA58F0D69B}"="{28C2291D-77E3-4F1B-B8F1-2B014EE17371}"
"{3883F52A-F3DC-46F5-8DCA-F2A5B6EBE620}"="{28C2291D-77E3-4F1B-B8F1-2B014EE17371}"
"{BFB15ADF-B43F-4ECE-B65D-1A793F77BC9E}"="{B83E0A5E-2D16-4223-945D-47302CF13FD6}"
"{A87AFF07-A579-430F-B966-433DE5788473}"="{710B1909-84CF-4610-AFC1-425064AC9B80}"
"{DCFAF5FE-1519-4B62-9590-B22CD882951C}"="{710B1909-84CF-4610-AFC1-425064AC9B80}"
"{7AAC1AFC-A56E-4476-86FF-7BAEBAACF142}"="{E311A3B9-5CD9-48F4-BB0D-055655EBA764}"
"{3F51CF14-25F1-44A3-87F1-C1D290C2A67B}"="{FFD91E50-E154-4E33-97F9-47E66B84C6BB}"
"{3C8E7CF7-DCC6-4C0E-A7AB-FA9994D92FE0}"="{FFD91E50-E154-4E33-97F9-47E66B84C6BB}"
"{0E76B742-AE60-4914-8BAB-58227713278A}"="{B9CEE913-06CD-4AEB-91BC-4DED53E668D3}"
"{240635E0-F5DE-44DA-A3DB-DE51C23B6B88}"="{C48578F2-C331-4ED0-8B7F-3D8233FC75AA}"
"{9FF70A96-470B-4714-BF6D-FD6ED1CD1C33}"="{C48578F2-C331-4ED0-8B7F-3D8233FC75AA}"
"{02C5C8EC-AB84-4229-84AD-302154AA652B}"="{38E62684-85DB-47E8-B0EC-3A45D5F8BE17}"
"{EF424B59-2147-476E-9906-AC91BACC7097}"="{38E62684-85DB-47E8-B0EC-3A45D5F8BE17}"
"{14E92BF3-1DF9-42E7-82D3-6BDDBF8892EA}"="{A6D591EA-19C9-4C74-B6EC-F350E88EF326}"
"{4CD38B44-4ED8-47FE-879E-8F18F5DE010E}"="{A6D591EA-19C9-4C74-B6EC-F350E88EF326}"
"{229D89F9-1F30-4334-AFCB-3735C29F23C3}"="{61323AB7-4366-4F19-B829-557EF95C9229}"
"{91DDFD58-145E-4D10-BAE7-953B8DBE0F09}"="{61323AB7-4366-4F19-B829-557EF95C9229}"
"{81BEA433-F192-4351-B98D-96B073762F2D}"="{0C8F87CD-B6EE-45A3-8BE2-65505D8709AF}"
"{BE7DC417-E6FC-4C66-AE6C-6E39E9071074}"="{0C8F87CD-B6EE-45A3-8BE2-65505D8709AF}"
"{176933C1-6CC4-4027-B453-5CE80642557B}"="{07641EAE-F577-44DA-83DA-6818978F0E38}"
"{581D5D22-CF13-4DBF-B4C1-77A1E825FB14}"="{07641EAE-F577-44DA-83DA-6818978F0E38}"
"{2D6CDFD0-3385-4A92-9E70-4C03486EDB07}"="{F0B7083F-5E57-4B91-9E49-0C43E0F23C79}"
"{ECA4AD6D-E316-4FAC-9E8E-1897F5395481}"="{F0B7083F-5E57-4B91-9E49-0C43E0F23C79}"
"{B471B540-7AF0-4DD6-9E71-12C1ED49DB11}"="{F0C588D8-7946-450E-9CF6-B7FD002D14BF}"
"{BBC02470-A6DD-4537-B92F-116460D9A479}"="{94016C7E-1CB3-4D84-BADA-C1C8CF379781}"
"{CC9C7897-31AA-4254-8FA3-133C07F9EBD3}"="{94016C7E-1CB3-4D84-BADA-C1C8CF379781}"
"{D17195BF-A937-4C59-BC53-76CDE4FF345C}"="{0D72BC11-0D67-4124-88B9-150E93169DCF}"
"{66AB13F1-D24B-48FC-843C-D587ABB70938}"="{7CCB68E9-D4B9-4112-828F-69E87B91C0BC}"
"{9C6B8AEF-D4E9-4611-B7DB-5DFF851C3583}"="{7CCB68E9-D4B9-4112-828F-69E87B91C0BC}"
"{EC57BE0A-0962-4BB3-966C-D60ADAF86262}"="{A0D2F04A-FD28-4090-A619-50202FACB06F}"
"{9949DC2F-749D-4252-9CCB-A74FA9A8E352}"="{17CBABFC-C499-4206-9AF0-8AE3985B072C}"
"{AE66E2F4-0ED2-43D5-A488-B347FD68ED67}"="{D2E677D8-F33A-453A-9B3E-E0D9A55B818B}"
"{E96D7000-B5C0-46ED-9BC6-E85C71A0BE9E}"="{D2E677D8-F33A-453A-9B3E-E0D9A55B818B}"
"{A78309F0-89DB-4411-A860-F910F2213945}"="{1EC53364-4DD6-42FD-9E82-11998828FB7C}"
"{06096970-E62A-43FE-8FD9-EF6A7A5CB59B}"="{E68EA312-16EF-4BF9-A06D-53C683A4E23C}"
"{CE559A56-5F0C-4D22-A793-34EAE77E6343}"="{E68EA312-16EF-4BF9-A06D-53C683A4E23C}"
"{4D6584B2-E382-4C8A-BEB9-5EBAE28FBFE2}"="{413BF8D2-396A-4FB4-B89D-F4FA83A97613}"
"{F061E9B2-428A-40C3-9131-78BAB04DFE8C}"="{413BF8D2-396A-4FB4-B89D-F4FA83A97613}"
"{DB24E637-C51F-42C7-B7D9-0478FB2F48DA}"="{3129248D-396C-49BF-AF57-BE3C92DAA180}"
"{A63892B5-F926-43F8-8203-228A5DD4529E}"="{D3D997F1-C9C3-49EB-BC6A-2A5469DA57B3}"
"{855A8D5E-77B7-4D6D-B4A3-962B83B2755E}"="{D3D997F1-C9C3-49EB-BC6A-2A5469DA57B3}"
"{B9B55215-AEEC-4C9A-ACE3-3CA1BFF60C95}"="{F71D31E0-A961-432A-91D6-22EF2D643748}"
"{3619C465-3105-4910-BE66-A9C77432FBBD}"="{E86072E8-BB78-4D30-9EBB-D5A41C837820}"
"{58AE3862-F054-435F-9FAA-541FFADABE96}"="{6DE8DB59-266C-41C6-95FB-1F5AC6AC6B93}"
"{0BF7F0A6-A5BE-42AA-A167-ADBDB9F68B9A}"="{E86072E8-BB78-4D30-9EBB-D5A41C837820}"
"{C6A4CE3C-70D9-4E46-B37B-436C52211E6A}"="{561E3E77-E900-4F24-B6D4-52087DA81B13}"
"{F3DF742D-2A1C-4BDA-8F98-98F442BEC616}"="{BD911DF5-983E-45B2-9DEF-8C2F313E13FB}"
"{7AECB9D6-D795-4857-AE86-A3D8003D3DA0}"="{BD911DF5-983E-45B2-9DEF-8C2F313E13FB}"
"{B3C3F0CD-68EC-4C05-9D51-B9984310B009}"="{E6CA8E6F-99AC-41EB-BE6F-106289989986}"
"{5266BA4C-9301-4299-BE13-19836075F234}"="{7A872822-EA7A-456D-93FB-C4E6B7BEF0DC}"
"{CCBD77F6-BD21-4920-8CA3-DEAD32DD5CA9}"="{7A872822-EA7A-456D-93FB-C4E6B7BEF0DC}"
"{A8491567-D169-4789-9A8C-2655D99AF2FC}"="{3A46B192-3C60-4644-9115-C98C7A764DC7}"
"{34641162-4FA9-4B99-A827-7E02365FE411}"="{D8B94211-4A07-4686-A198-86808247F93F}"
"{267DB875-A104-4874-A24D-A435DBBAAFBB}"="{D8B94211-4A07-4686-A198-86808247F93F}"
"{8AE085ED-636A-443E-89D2-BE61FFB937F7}"="{4E4D0E60-E053-4DF0-ADA0-475B062A3138}"
"{4F49D4DB-D656-4D92-A6D9-6A6C82B3F6E4}"="{4E4D0E60-E053-4DF0-ADA0-475B062A3138}"
"{F8DE7F62-BDE5-41C3-A978-718036EBF957}"="{20D7D45A-4287-4964-BF07-A7D6AE45750C}"
"{1B5E9299-534C-43F1-A90F-7991A4D84E4C}"="{32B4EDD7-215C-4E96-A15E-8470D2C27ED1}"
"{39BF7783-19DC-4018-93C0-6AD08BA46CC1}"="{BA84F2F9-275C-4A85-BAD2-343BE8516DF4}"
"{7D3CB09F-35D8-44EF-8F19-94BB4AAB2DB1}"="{BA84F2F9-275C-4A85-BAD2-343BE8516DF4}"
"{E219D7A4-D889-4CB2-B5D7-7983320F0AA5}"="{32B4EDD7-215C-4E96-A15E-8470D2C27ED1}"
"{74830C4A-DE85-490C-AF0B-6A43141927FC}"="{9117F612-735E-49A9-BEAE-FE32C6C66F6B}"
"{32D72F71-705E-493F-811E-3A02804F3811}"="{9117F612-735E-49A9-BEAE-FE32C6C66F6B}"
"{618F0B79-6A53-4779-94E3-A80324D4B72C}"="{9B2C5251-1011-4AA9-BF17-4D8B10269801}"
"{0FE285DD-0D2B-423E-AA8C-B0117F599ACF}"="{9B2C5251-1011-4AA9-BF17-4D8B10269801}"
"{C33A2647-EE04-4B5F-AD29-C637AF48F6D1}"="{4DBABA6C-9CA9-4A4E-BF78-C9718195D689}"
"{08ED0D8E-7607-42EB-9792-304ABCE94615}"="{4DBABA6C-9CA9-4A4E-BF78-C9718195D689}"
"{29A4BF99-2492-4671-B7D7-728C4F8799C9}"="{2DF8BD57-2E43-48FA-B1FF-0157958C1F2B}"
"{FAD4271A-BF0E-405C-A4CE-079617603073}"="{2DF8BD57-2E43-48FA-B1FF-0157958C1F2B}"
"{0FDE8F92-CAD8-485F-98A0-17EFACBD3C33}"="{9EF9719B-89A5-4FC1-977E-13337E5BA8CD}"
"{53ECAC0E-3D11-41CC-AFB4-236AE4C4ABE5}"="{5E937DA7-C0E1-41CB-93B2-D3B4C05574E8}"
"{3FDF17EF-4AE5-433E-B75B-D3B39CEF9B0D}"="{97DD878E-B861-4FA1-BFD8-87A266AF5509}"
"{0B5E58DD-974B-40DA-AE21-E25BABE5D674}"="{97DD878E-B861-4FA1-BFD8-87A266AF5509}"
"{077AD046-39E5-4DAB-9932-D6ED1A974035}"="{2B90FD8A-3078-4B57-9476-9613B79B34C2}"
"{48C8715B-AFC4-4699-B81E-BA7D4D87846C}"="{E24E72D7-9D5A-42D1-9237-CA24E08520E6}"
"{1FA0A2B4-4AEA-484D-84F7-9FDD702DA6F7}"="{E24E72D7-9D5A-42D1-9237-CA24E08520E6}"
"{392EC68B-956E-4C46-B81B-A67C63C47E33}"="{2B90FD8A-3078-4B57-9476-9613B79B34C2}"
"{E890F6FD-9082-4836-A1BA-ECC9925C2C83}"="{D70EEF20-0133-4F43-B653-B0B7561F02C8}"
"{6678C914-EF41-4788-9BDB-4B663761207E}"="{2ED81F9F-CE69-4AE0-B32D-2451A08FF896}"
"{1E907950-B3A8-4157-830F-EE66E4C01FF9}"="{2ED81F9F-CE69-4AE0-B32D-2451A08FF896}"
"{C37F49F0-CE85-483A-B83D-105A6DD79028}"="{D13BBA41-57F2-4754-A9FC-C9E051BA6D00}"
"{EA62404C-8573-4DF4-8B13-3A71E22FE4B3}"="{D13BBA41-57F2-4754-A9FC-C9E051BA6D00}"
"{6CE814AA-477D-43FD-B6A7-8D0DA49E35F4}"="{5D641F5D-B133-4AE3-9E28-1A6CA4B8AA92}"
"{45EC257B-F62D-40C5-BA84-3956C1C24316}"="{AB0FA501-6646-40BA-B74E-99D92BC33FA7}"
"{3DCABE81-00E5-4AB9-A9CA-B1015DF7C29B}"="{5D641F5D-B133-4AE3-9E28-1A6CA4B8AA92}"
"ccSvcHst_ccSetMgr"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"SNDServiceRequestChannel"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"SNDLocationChannel"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"ccSettingsService"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"ccSvcHst_ccEvtMgr"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"ccEvtCli"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"{DD5A4547-2B2A-4D06-A6A8-C321AE004EEC}"="{6781EB29-863C-49AE-B40D-4B9420EE7467}"
"{95E662B6-BC35-4D6D-9634-4D37D5EDD42C}"="{DFA76C39-A369-44FD-A8B9-2F4AFF4F3FD5}"
"{13031466-D711-40E5-A640-CD27DE178E0D}"="{5CF26F43-BB5D-4D0F-90B9-33D59C6F58AB}"
"{881DEB9F-FF02-45F8-A34F-C831F89B4566}"="{DFA76C39-A369-44FD-A8B9-2F4AFF4F3FD5}"
"{5B5C3F1D-D0E7-4292-BB4C-89F95F6CA32D}"="{5CF26F43-BB5D-4D0F-90B9-33D59C6F58AB}"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-01-03 10:57:39
ComboFix-quarantined-files.txt 2011-01-03 15:57

Pre-Run: 111,188,090,880 bytes free
Post-Run: 112,869,961,728 bytes free

- - End Of File - - 4610E7EB6A2C3E58E5B293E2AAE0E676
 
Has Combofix been run before my request for you to run it? Reason I ask is because the log says it has been run twice.
There should be a combofix.txt file in C:\qoobox if you can post it.

How is the PC now?
 
Status
Not open for further replies.
Back