Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

html/Zones.gen

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

html/Zones.gen

Unread postby pauloil » November 30th, 2010, 10:48 pm

avira can't get rid of html/Zones.gen

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:40:15 PM, on 11/30/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Common Files\AOL\1154488802\ee\AOLSoftware.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN\Toolbar\3.0.1125.0\msntask.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PlaySushi - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154488802\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [QwestTouchPointAgent] "C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe" /autostart
O4 - HKLM\..\Run: [Qwest Personal Digital Vault] "C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe" /m
O4 - HKLM\..\Run: [QuickCare] C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe /P QuickCare
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.4; .NET CLR 1.1.4322; MS-RTC EA 2; MS-RTC LM 8; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://pbskids.org/arthur/games/artstudio/paint.html"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - http://www.playsushi.com/About.ps?l=6&t=nFUdcHUm8 (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.cinemanow.com
O15 - Trusted Zone: *.intuit.com
O15 - Trusted Zone: http://*.turbotax.com
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/prof ... itStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/softwar ... launch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://join-test.webex.com/client/T27L ... eatgpc.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: SupportSoft Listener Service (sprtlisten) - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
O23 - Service: SupportSoft Sprocket Service (quickcare) (sprtsvc_quickcare) - SupportSoft, Inc. - C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: SupportSoft Repair Service (quickcare) (tgsrvc_quickcare) - SupportSoft, Inc. - C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

--
End of file - 17904 bytes

360Share Pro(remove only)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.1
Adobe Shockwave Player 11
AI RoboForm (All Users)
AirPort
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AnswerWorks 5.0 English Runtime
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 4
Avira AntiVir Premium
BlackBerry Desktop Software 6.0
BlackBerry Desktop Software 6.0
Bonjour
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 2.0
Canon MP620 series MP Drivers
Canon MP620 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Choice Guard
CinemaNow Media Manager
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Data Lifeguard Tools
Download Updater (AOL LLC)
EA Download Manager
ExtractNow
EZ Vinyl/Tape Converter 1.5.2.0 by MixMeister
First Step Guide
Gateway Drivers and Applications Recovery
GoodSync
Google Desktop
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Board Games 5 OEM
I.I.I. Home Inventory 3.08
ImageMixer VCD2
Inkjet Printer/Scanner Extended Survey Program
InstallMgr
Intel Audio Studio
InterActual Player
iTunes
Java(TM) 6 Update 22
Learn2 Player (Uninstall Only)
LiveUpdate 2.0 (Symantec Corporation)
Macromedia Flash Player
Malwarebytes' Anti-Malware
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Easy Assist v2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows Vista Upgrade Advisor
Microsoft Works
MobileMe Control Panel
MozyHome Remote Backup
MSN Toolbar
MSN Toolbar
MSVCRT
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Nero BurnRights
Nero OEM
NETGEAR WG311v3 PCI Adapter
Nikon Message Center
Norton Ghost 9.0
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Oracle JInitiator 1.3.1.13
Pando Media Booster
Password Agent Lite 2
Playsushi
PokerStars.net
PowerDVD
Pure Networks Port Magic
Quicken 2008
QuickTime
Qwest Installer
Qwest Personal Digital Vault™
Qwest QuickAssist Desktop Tools
Qwest Quickcare 2.7
RealPlayer
Registry Mechanic 7.0
Revo Uninstaller 1.90
Roll
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 3
Rosetta Stone DEMO 2.1.5.1S
Secunia PSI
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SigmaTel Audio
Sony USB Driver
Sound Blaster Live! Web 2K/XP
SPAMfighter
TeamViewer 4
Total Video Converter 3.11 070908
TurboTax 2008
TurboTax 2008 wiaiper
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 wiaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
TurboTax Premier 2007
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
Walgreens PhotoShow Express 4
WebEx
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm
Advertisement
Register to Remove

Re: html/Zones.gen

Unread postby MWR 3 day Mod » December 5th, 2010, 1:35 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: html/Zones.gen

Unread postby askey127 » December 8th, 2010, 5:14 pm

hi pauloil,
Sorry for the delay.
If you still need help and are not receiving it elsewhere, please proceed as follows:
-----------------------------------------------------------
There are some Issues with infections in relation to PunkBuster:
Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.
It is not a certainty that your computer can be cleaned without breaking or removing some of these programs, and this could result in not being able to play the associated games, or corruption of your system.
Since we are dedicated to causing No Harm, we won't normally work on machines with this type of program installed without explicit permission from the owner.
If you want to continue using the machine in this way, you should consider using imaging software like Norton Ghost or Acronis TrueImage, or Terabyte Image, which can put your entire C: drive back into an earlier state whenever the infections or malfunctions get too severe.

If you really want to clean this machine, I will help, but if you so choose, understand there is NO assurance you will be able to do games afterwards.

Best not to ever use a registry optimizer or cleaner; it could break your machine.

That "virus" descriptor "HTML.Zones" is one used when a file matches a suspicious pattern, but is not necessarily known to be a virus
It could be a false alarm. Let's see if we can figure out what is going on.
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis.
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O15 - Trusted Zone: http://*.cinemanow.com
O15 - Trusted Zone: *.intuit.com
O15 - Trusted Zone: http://*.turbotax.com
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Registry Mechanic 7.0

Take extra care in answering questions posed by any Uninstaller.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
Double click to run it.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.
------------------------------------------------------------
Run MalwareBytes' Anti-Malware
  • Start Malwarebytes' Anti-Malware.
  • Click on The Update tab. Choose Check for Updates.
  • If an update is found, it will download and install the latest version.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Once the program is running, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it shows any malware items, Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any log listed to open its contents.
  • Recent logs are named by time/date stamp in this format : mbam-log-2010-mm-dd(hour-min-sec).txt
.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more. Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

Use separate replies for your posts if you wish.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: html/Zones.gen

Unread postby pauloil » December 10th, 2010, 11:02 pm

here are the logs 2 hidden things now

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5290

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/10/2010 4:56:10 PM
mbam-log-2010-12-10 (16-56-10).txt

Scan type: Quick scan
Objects scanned: 167221
Time elapsed: 7 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Avira AntiVir Premium
Report file date: Friday, December 10, 2010 18:13

Scanning for 3138734 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : paul Hartmann
Serial number : 2204029793-PEPWE-0001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : FAMILYROOM

Version information:
BUILD.DAT : 10.0.0.603 36207 Bytes 4/19/2010 15:03:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/19/2010 10:34:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/19/2010 10:34:30
LUKE.DLL : 10.0.2.3 104296 Bytes 4/3/2010 03:17:22
LUKERES.DLL : 10.0.0.1 12648 Bytes 4/3/2010 03:17:22
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 23:36:40
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 23:36:45
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 18:09:48
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 17:17:49
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 13:25:42
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 01:17:46
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 15:44:20
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 07:36:43
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 13:05:56
VBASE009.VDF : 7.10.13.80 2265600 Bytes 11/2/2010 14:45:16
VBASE010.VDF : 7.10.13.81 2048 Bytes 11/2/2010 14:45:17
VBASE011.VDF : 7.10.13.82 2048 Bytes 11/2/2010 14:45:17
VBASE012.VDF : 7.10.13.83 2048 Bytes 11/2/2010 14:45:17
VBASE013.VDF : 7.10.13.116 147968 Bytes 11/4/2010 10:45:00
VBASE014.VDF : 7.10.13.147 146944 Bytes 11/7/2010 19:45:00
VBASE015.VDF : 7.10.13.180 123904 Bytes 11/9/2010 17:45:02
VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 17:45:01
VBASE017.VDF : 7.10.13.243 147456 Bytes 11/15/2010 15:25:31
VBASE018.VDF : 7.10.14.15 142848 Bytes 11/17/2010 11:25:31
VBASE019.VDF : 7.10.14.41 134144 Bytes 11/19/2010 13:25:32
VBASE020.VDF : 7.10.14.63 128000 Bytes 11/22/2010 15:25:32
VBASE021.VDF : 7.10.14.87 143872 Bytes 11/24/2010 15:25:32
VBASE022.VDF : 7.10.14.116 140800 Bytes 11/26/2010 17:20:08
VBASE023.VDF : 7.10.14.147 150528 Bytes 11/30/2010 18:07:41
VBASE024.VDF : 7.10.14.175 126464 Bytes 12/3/2010 12:07:24
VBASE025.VDF : 7.10.14.203 120320 Bytes 12/7/2010 10:07:23
VBASE026.VDF : 7.10.14.230 137216 Bytes 12/9/2010 10:07:27
VBASE027.VDF : 7.10.14.231 2048 Bytes 12/9/2010 10:07:27
VBASE028.VDF : 7.10.14.232 2048 Bytes 12/9/2010 10:07:27
VBASE029.VDF : 7.10.14.233 2048 Bytes 12/9/2010 10:07:27
VBASE030.VDF : 7.10.14.234 2048 Bytes 12/9/2010 10:07:27
VBASE031.VDF : 7.10.14.255 78848 Bytes 12/10/2010 18:07:38
Engineversion : 8.2.4.122
AEVDF.DLL : 8.1.2.1 106868 Bytes 7/29/2010 17:53:37
AESCRIPT.DLL : 8.1.3.48 1286524 Bytes 12/2/2010 16:07:41
AESCN.DLL : 8.1.7.2 127349 Bytes 11/22/2010 11:25:53
AESBX.DLL : 8.1.3.2 254324 Bytes 11/22/2010 11:25:59
AERDL.DLL : 8.1.9.2 635252 Bytes 9/21/2010 23:21:11
AEPACK.DLL : 8.2.4.1 512375 Bytes 12/2/2010 16:07:38
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 11/22/2010 11:25:52
AEHEUR.DLL : 8.1.2.54 3113335 Bytes 12/7/2010 18:07:48
AEHELP.DLL : 8.1.16.0 246136 Bytes 12/2/2010 16:07:27
AEGEN.DLL : 8.1.5.0 397685 Bytes 12/2/2010 16:07:27
AEEMU.DLL : 8.1.3.0 393589 Bytes 11/22/2010 11:25:34
AECORE.DLL : 8.1.19.0 196984 Bytes 12/2/2010 16:07:25
AEBB.DLL : 8.1.1.0 53618 Bytes 4/23/2010 15:21:19
AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/3/2010 03:17:05
AVPREF.DLL : 10.0.0.0 44904 Bytes 4/3/2010 03:17:13
AVREP.DLL : 10.0.0.8 62209 Bytes 4/3/2010 03:17:26
AVREG.DLL : 10.0.3.0 53096 Bytes 4/19/2010 08:34:07
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/19/2010 08:34:08
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/19/2010 10:34:29
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 4/3/2010 03:17:11
SQLITE3.DLL : 3.6.19.0 355688 Bytes 4/3/2010 03:17:24
AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/3/2010 03:17:13
NETNT.DLL : 10.0.0.0 11624 Bytes 4/3/2010 03:17:23
RCIMAGE.DLL : 10.0.0.32 2631528 Bytes 4/19/2010 10:34:29
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/19/2010 10:34:29

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, G:, H:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Friday, December 10, 2010 18:13

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mozyFilter\logfile
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'msdtc.exe' - '42' Module(s) have been scanned
Scan process 'dllhost.exe' - '64' Module(s) have been scanned
Scan process 'dllhost.exe' - '48' Module(s) have been scanned
Scan process 'vssvc.exe' - '51' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '75' Module(s) have been scanned
Scan process 'iPodService.exe' - '32' Module(s) have been scanned
Scan process 'WG311v3.exe' - '56' Module(s) have been scanned
Scan process 'mozystat.exe' - '34' Module(s) have been scanned
Scan process 'ctfmon.exe' - '30' Module(s) have been scanned
Scan process 'ISUSPM.exe' - '30' Module(s) have been scanned
Scan process 'RoboTaskBarIcon.exe' - '37' Module(s) have been scanned
Scan process 'jusched.exe' - '23' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '76' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '70' Module(s) have been scanned
Scan process 'QwestPersonalDigitalVault.exe' - '100' Module(s) have been scanned
Scan process 'QwestTouchPointAgent.exe' - '73' Module(s) have been scanned
Scan process 'APAgent.exe' - '41' Module(s) have been scanned
Scan process 'avgnt.exe' - '64' Module(s) have been scanned
Scan process 'BJMyPrt.exe' - '28' Module(s) have been scanned
Scan process 'AOLSoftware.exe' - '85' Module(s) have been scanned
Scan process 'CNMNSUT.EXE' - '32' Module(s) have been scanned
Scan process 'wuauclt.exe' - '38' Module(s) have been scanned
Scan process 'GhostTray.exe' - '42' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '32' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '30' Module(s) have been scanned
Scan process 'MSASCui.exe' - '38' Module(s) have been scanned
Scan process 'CTHELPER.EXE' - '39' Module(s) have been scanned
Scan process 'alg.exe' - '37' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '39' Module(s) have been scanned
Scan process 'avmailc.exe' - '32' Module(s) have been scanned
Scan process 'WMPNetwk.exe' - '56' Module(s) have been scanned
Scan process 'Explorer.EXE' - '105' Module(s) have been scanned
Scan process 'tgsrvc.exe' - '28' Module(s) have been scanned
Scan process 'devldr32.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '46' Module(s) have been scanned
Scan process 'sprtlisten.exe' - '34' Module(s) have been scanned
Scan process 'sfus.exe' - '45' Module(s) have been scanned
Scan process 'SeaPort.exe' - '48' Module(s) have been scanned
Scan process 'PRISMXL.SYS' - '15' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '28' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '32' Module(s) have been scanned
Scan process 'PQV2iSvc.exe' - '47' Module(s) have been scanned
Scan process 'mozybackup.exe' - '43' Module(s) have been scanned
Scan process 'jqs.exe' - '37' Module(s) have been scanned
Scan process 'IntuitUpdateService.exe' - '80' Module(s) have been scanned
Scan process 'avshadow.exe' - '28' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '18' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'GEARSec.exe' - '11' Module(s) have been scanned
Scan process 'CinemanowSvc.exe' - '16' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '36' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '36' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '57' Module(s) have been scanned
Scan process 'avguard.exe' - '75' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'sched.exe' - '47' Module(s) have been scanned
Scan process 'spoolsv.exe' - '83' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '176' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'lsass.exe' - '59' Module(s) have been scanned
Scan process 'services.exe' - '29' Module(s) have been scanned
Scan process 'winlogon.exe' - '86' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1864' files ).


Starting the file scan:

Begin scan in 'C:\' <DRV5_VOL1>
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'G:\' <DRV5_VOL2>
Begin scan in 'H:\'


End of the scan: Friday, December 10, 2010 19:17
Used time: 1:03:46 Hour(s)

The scan has been done completely.

14750 Scanned directories
542836 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
542836 Files not concerned
10278 Archives were scanned
0 Warnings
0 Notes
523106 Objects were scanned with rootkit scan
2 Hidden objects were found
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm

Re: html/Zones.gen

Unread postby askey127 » December 11th, 2010, 7:53 am

pauloil,
Looks good so far. Notice Avira did not pick up any of that "html/Zones.gen"
---------------------------------------------
Run a Scan with OTL
Please download OTL.exe by OldTimer and save it to your desktop.
  • Double click on the icon to run it.
  • Make sure all other windows are closed to let it run uninterrupted.
  • Copy the text from the code box below and paste it into the Custom Scans/Fixes box. Do not copy the word "Code:"
    Code: Select all
    netsvcs
    drivers32 
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg 
    %systemroot%\*.jpg 
    %systemroot%\*.png 
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.* 
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav 
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x 
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %PROGRAMFILES%\Internet Explorer\*.dat
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: html/Zones.gen

Unread postby pauloil » December 11th, 2010, 12:53 pm

OTL Extras logfile created on: 12/11/2010 8:01:34 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Eric\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 457.00 Gb Total Space | 393.57 Gb Free Space | 86.12% Space Free | Partition Type: NTFS
Drive D: | 3.69 Gb Total Space | 2.51 Gb Free Space | 68.05% Space Free | Partition Type: FAT32
Drive G: | 8.75 Gb Total Space | 8.73 Gb Free Space | 99.85% Space Free | Partition Type: FAT32
Drive H: | 70.82 Gb Total Space | 13.61 Gb Free Space | 19.22% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"58287:TCP" = 58287:TCP:*:Enabled:Pando Media Booster
"58287:UDP" = 58287:UDP:*:Enabled:Pando Media Booster
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
========== Authorized Applications List ==========
KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
"C:\Program Files\America Online 9.0b\waol.exe" = C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gateway\HPA\gwmenu.exe" = C:\Program Files\Gateway\HPA\gwmenu.exe:*:Enabled:HPA/SCCD/SRCD New Code -- (Gateway Computers)
"C:\Program Files\EA SPORTS\MVP Baseball 2005\mvp2005.exe" = C:\Program Files\EA SPORTS\MVP Baseball 2005\mvp2005.exe:*:Enabled:mvp2005 -- File not found
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
"C:\Program Files\America Online 9.0b\waol.exe" = C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Call of Duty Game of the Year Edition\CoDUOMP.exe" = C:\Program Files\Call of Duty Game of the Year Edition\CoDUOMP.exe:*:Enabled:CoDUOMP -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Wizet\MapleStory\Patcher.exe" = C:\Program Files\Wizet\MapleStory\Patcher.exe:*:Enabled:Patcher MFC ?? ???? -- File not found
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe:*:Enabled:AOL Services -- (AOL LLC)
"C:\Nexon\MapleStory\Patcher.exe" = C:\Nexon\MapleStory\Patcher.exe:*:Enabled:Patcher MFC ?? ???? -- File not found
"C:\Nexon\MapleStory\NewPatcher.exe" = C:\Nexon\MapleStory\NewPatcher.exe:*:Enabled:Patcher MFC ?? ???? -- File not found
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe" = C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe:*:Enabled:CinemaNow Media Manager -- (CinemaNow Inc.)
"C:\Program Files\TurboTax\Premier 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Premier 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Premier 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Premier 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\AirPort\APAgent.exe" = C:\Program Files\AirPort\APAgent.exe:*:Disabled:AirPort -- (Apple Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2E520590-7E0F-450F-A11B-CC2C02E550B1}" = TurboTax 2008 wiaiper
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37A66FA0-EAA2-012B-AD79-000000000000}" = TurboTax 2009 wiaiper
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3C759736-8347-4031-BB9C-D75ADFE6B101}" = Norton Ghost 9.0
"{3CEF833B-1C1E-E15E-9533-B65B4B8CEB20}" = MozyHome Remote Backup
"{3D008E41-F84D-4CC1-A8CF-B8419E51ACDF}" = Intel Audio Studio
"{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live! Web 2K/XP
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007
"{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{74487955-B85B-4040-A3B6-9EAC0A8AD198}" = AirPort
"{746FB02B-1D03-43B7-917A-E1341AB69A00}" = Qwest Personal Digital Vault™
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{962DE60D-D080-4E77-BD0C-F97A179C50B7}" = Microsoft Windows Vista Upgrade Advisor
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A63E18AC-B504-4045-AFE6-A279BBABB988}" = Qwest QuickAssist Desktop Tools
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}" = RollerCoaster Tycoon 2: Time Twister
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = Qwest Installer
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{D9C8DEF8-D07B-4164-BEF0-6D879A70C212}" = Microsoft Easy Assist v2
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F20B086F-FB4B-4788-AAC2-AFABA378AD1E}" = SPAMfighter
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"360Share Pro" = 360Share Pro(remove only)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2005
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AI RoboForm" = AI RoboForm (All Users)
"AOL Toolbar" = AOL Toolbar
"AOL Toolbar 5.0" =
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"Canon MP620 series User Registration" = Canon MP620 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ExtractNow_is1" = ExtractNow
"EZ Vinyl/Tape Converter by MixMeister_is1" = EZ Vinyl/Tape Converter 1.5.2.0 by MixMeister
"Gateway Drivers and Applications Recovery" = Gateway Drivers and Applications Recovery
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hoyle Board Games 5 OEM" = Hoyle Board Games 5 OEM
"I.I.I. Home Inventory" = I.I.I. Home Inventory 3.08
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"InterActual Player" = InterActual Player
"KartRider" = KartRider
"LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Oracle JInitiator 1.3.1.13" = Oracle JInitiator 1.3.1.13
"Password Agent Lite 2" = Password Agent Lite 2
"Playsushi" = Playsushi
"PokerStars.net" = PokerStars.net
"Port Magic" = Pure Networks Port Magic
"QwestQuickCare_is1" = Qwest Quickcare 2.7
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.90
"RollerCoaster Tycoon Setup" = Roll
"Rosetta Stone DEMO 2.1.5.1S" = Rosetta Stone DEMO 2.1.5.1S
"Secunia PSI" = Secunia PSI
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SPAMfighter" = SPAMfighter
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TeamViewer 4" = TeamViewer 4
"Total Video Converter 3.11_is1" = Total Video Converter 3.11 070908
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"TurboTax Premier 2007" = TurboTax Premier 2007
"ViewpointMediaPlayer" = Viewpoint Media Player
"Walgreens PhotoShow Express 4" = Walgreens PhotoShow Express 4
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/8/2010 10:00:32 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error - 12/8/2010 10:00:32 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2416447-X86\NDP1.1sp1-KB2416447-X86-msi.0.log.
Error - 12/8/2010 10:00:33 PM | Computer Name = FAMILYROOM | Source = NativeWrapper | ID = 5000
Description =
Error - 12/9/2010 10:00:35 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
Error - 12/9/2010 10:00:35 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2416447-X86\NDP1.1sp1-KB2416447-X86-msi.0.log.

Error - 12/9/2010 10:00:36 PM | Computer Name = FAMILYROOM | Source = NativeWrapper | ID = 5000
Description =

Error - 12/10/2010 11:12:03 AM | Computer Name = FAMILYROOM | Source = Norton Ghost 9.0 | ID = 100
Description = Description: An error occurred during a scheduled backup of drive
C:\. Error EA390719: Target disk full. Details: 0xEA390719 Source: Norton Ghost 9.0

Error - 12/10/2010 10:00:33 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error - 12/10/2010 10:00:34 PM | Computer Name = FAMILYROOM | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2416447-X86\NDP1.1sp1-KB2416447-X86-msi.0.log.

Error - 12/10/2010 10:00:35 PM | Computer Name = FAMILYROOM | Source = NativeWrapper | ID = 5000
Description =

[ OSession Events ]
Error - 2/12/2008 10:23:27 PM | Computer Name = FAMILYROOM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 86
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/26/2010 10:01:09 PM | Computer Name = FAMILYROOM | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).

Error - 11/27/2010 4:43:53 PM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 11/27/2010 4:43:53 PM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Xdrive Service service
to connect.

Error - 11/27/2010 4:43:53 PM | Computer Name = FAMILYROOM | Source = Service Control Manager | ID = 7000
Description = The Xdrive Service service failed to start due to the following error:
%%1053


< End of report >
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm

Re: html/Zones.gen

Unread postby pauloil » December 11th, 2010, 12:56 pm

I see remnants of mapleglobal as host, old game my child played and Xdrive, obsolete old backup service.

OTL logfile created on: 12/11/2010 8:01:34 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Eric\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 457.00 Gb Total Space | 393.57 Gb Free Space | 86.12% Space Free | Partition Type: NTFS
Drive D: | 3.69 Gb Total Space | 2.51 Gb Free Space | 68.05% Space Free | Partition Type: FAT32
Drive G: | 8.75 Gb Total Space | 8.73 Gb Free Space | 99.85% Space Free | Partition Type: FAT32
Drive H: | 70.82 Gb Total Space | 13.61 Gb Free Space | 19.22% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
PRC - [2010/07/06 13:14:43 | 000,045,992 | ---- | M] (Qwest Communications) -- C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/19 04:34:31 | 000,405,672 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010/04/19 04:34:30 | 000,337,064 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010/04/19 04:34:30 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/02 21:17:23 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/04/02 21:17:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/04/02 21:17:11 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/14 18:38:14 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/02/19 15:57:14 | 003,810,744 | ---- | M] () -- C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
PRC - [2010/01/16 12:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
PRC - [2010/01/16 12:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
PRC - [2010/01/16 12:30:02 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
PRC - [2009/12/18 12:58:34 | 001,064,808 | ---- | M] () -- C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
PRC - [2009/11/11 14:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2009/10/20 12:51:46 | 002,890,552 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/27 08:24:06 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe
PRC - [2009/01/30 18:14:34 | 000,125,304 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2008/10/24 08:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/06/24 12:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 19:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/01/22 11:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/01/08 11:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/11/21 16:51:20 | 001,507,328 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
PRC - [2007/05/21 08:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2006/11/03 18:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/10/23 06:50:35 | 000,046,640 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/11/04 07:44:53 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2004/11/10 11:03:50 | 001,126,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
PRC - [2004/11/10 10:44:30 | 001,273,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
PRC - [2004/11/10 09:41:20 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
PRC - [2002/07/02 16:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
PRC - [2001/09/14 00:56:00 | 000,026,112 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (SafeList) ==========

MOD - [2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/01/16 12:30:06 | 000,116,008 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprthook.dll
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe -- (Xdrive Service)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/19 04:34:31 | 000,405,672 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010/04/19 04:34:30 | 000,337,064 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010/04/19 04:34:30 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/02 21:17:23 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/16 12:31:40 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/01/16 12:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe -- (tgsrvc_quickcare) SupportSoft Repair Service (quickcare)
SRV - [2010/01/16 12:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe -- (sprtsvc_quickcare) SupportSoft Sprocket Service (quickcare)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/08/27 08:24:06 | 000,189,064 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2009/01/30 18:14:34 | 000,125,304 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2008/01/22 11:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/01/08 11:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/23 06:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/04 07:44:53 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2004/11/10 10:44:30 | 001,273,856 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe -- (Norton Ghost)
SRV - [2004/11/10 09:41:20 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgivEcp.Sys -- (DgivEcp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\athuw.sys -- (AR9271)
DRV - [2010/07/07 08:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/04/02 21:17:26 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/04/02 21:17:26 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 12:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/12 19:35:09 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/05/20 15:25:08 | 000,509,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/02/03 10:37:33 | 000,049,536 | R--- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2005/12/29 17:07:50 | 000,282,624 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/07/20 15:37:22 | 000,035,712 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/07/18 20:40:40 | 001,019,064 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/04/05 17:38:32 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/02/24 08:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/11/10 10:49:56 | 000,046,800 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQIMount.sys -- (PQIMount)
DRV - [2004/11/10 10:30:20 | 000,138,801 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PQV2i.sys -- (PQV2i)
DRV - [2004/06/11 03:59:44 | 000,056,576 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiHFF0C.sys -- (SaiHFF0C)
DRV - [2004/06/11 03:59:20 | 000,019,584 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\saiuFF0C.sys -- (SaiUFF0C)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/24 12:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 09:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 09:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 09:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 09:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 09:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 09:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/09/14 00:56:00 | 000,776,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1f.sys -- (emu10k) Creative SB Live! Value (WDM)
DRV - [2001/09/14 00:56:00 | 000,035,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfman.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/09/14 00:56:00 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlface.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
DRV - [2001/08/17 12:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 F8 8C 89 7B 48 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/15 21:31:16 | 000,000,000 | ---D | M]

[2009/10/10 17:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2007/05/24 14:54:24 | 000,000,082 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 gameguard.mapleglobal.com
O1 - Hosts: 127.0.0.1 gameguard.mapleglobal.com
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickCare] C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe ()
O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - File not found
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15015/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/prof ... itStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamespyarcade.com/softwar ... launch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://join-test.webex.com/client/T27L ... eatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15023/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/17 18:54:12 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell - "" = AutoRun
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell\AutoRun\command - "" = C:\WINDOWS\explorer.exe -- [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183528496136192)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/11 07:57:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
[2010/12/10 16:37:00 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\TFC.exe
[2010/12/05 21:12:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Eric\Recent
[2010/11/26 19:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric\Desktop\HostsXpert
[2005/11/27 12:08:54 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/11 08:06:11 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D6187263-0D9A-4E01-8BEC-185A736B10FD}.job
[2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
[2010/12/11 07:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/10 23:10:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/10 16:47:42 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/10 16:43:26 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/10 16:41:39 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 16:40:32 | 000,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/10 16:40:22 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/10 16:40:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/10 16:40:05 | 2145,026,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/10 16:37:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\TFC.exe
[2010/12/10 16:27:14 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.lnk
[2010/12/08 22:38:10 | 000,010,178 | ---- | M] () -- C:\Documents and Settings\Eric\Application Data\wklnhst.dat
[2010/12/05 13:01:23 | 001,355,722 | ---- | M] () -- C:\Documents and Settings\Eric\My Documents\kelseyh.JPG
[2010/12/03 18:14:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\Internet.lnk
[2010/12/01 07:23:27 | 000,056,295 | ---- | M] () -- C:\VETlog.dmp
[2010/11/30 22:12:42 | 000,005,654 | ---- | M] () -- C:\WINDOWS\mozy.blk
[2010/11/30 22:12:42 | 000,001,276 | ---- | M] () -- C:\WINDOWS\mozy.flt
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/27 16:31:01 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/27 08:36:03 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\Revo Uninstaller.lnk
[2010/11/26 19:38:38 | 000,353,485 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HostsXpert.zip
[2010/11/26 15:16:57 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.msi
[2010/11/24 22:20:49 | 000,000,064 | ---- | M] () -- C:\WINDOWS\webica.ini
[2010/11/13 18:55:30 | 000,442,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/13 18:55:30 | 000,071,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2010/12/05 13:01:23 | 001,355,722 | ---- | C] () -- C:\Documents and Settings\Eric\My Documents\kelseyh.JPG
[2010/12/03 18:14:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\Internet.lnk
[2010/11/27 16:31:01 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/26 19:38:36 | 000,353,485 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HostsXpert.zip
[2010/11/26 15:17:56 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.lnk
[2010/11/26 15:16:55 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.msi
[2010/11/21 21:44:01 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/05 20:40:42 | 000,961,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/22 17:42:06 | 000,000,539 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\Rim.Desktop.Exception.log
[2010/08/22 12:28:44 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\Rim.Desktop.HttpServerSetup.log
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/01/21 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/01/03 16:45:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Resources
[2008/01/03 16:45:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Profiles
[2007/12/28 08:49:25 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2007/12/27 16:04:43 | 000,000,210 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/12/17 18:44:48 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/10/11 12:13:38 | 000,004,466 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/26 11:50:40 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/08/03 20:52:54 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\photoshow_express_setup.txt
[2006/10/23 17:24:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/10/07 12:57:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/09/24 07:30:39 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Eric\Local Settings\Application Data\fusioncache.dat
[2006/07/16 09:40:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2006/07/16 09:40:17 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2006/07/16 09:38:56 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2006/07/16 09:38:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/07/16 09:38:45 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2006/07/15 11:07:19 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/21 21:07:40 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/05/08 21:06:58 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2006/04/16 06:33:49 | 000,000,075 | ---- | C] () -- C:\WINDOWS\SSAW.INI
[2006/02/13 17:54:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\CIV.INI
[2006/02/13 17:53:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/12/11 15:51:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2005/12/08 19:21:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\webica.ini
[2005/12/03 18:37:42 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/12/03 18:37:42 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/12/03 18:37:42 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/11/25 14:06:01 | 000,002,385 | ---- | C] () -- C:\Program Files\launch.asp
[2005/11/23 16:39:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/23 08:27:45 | 000,000,869 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2005/11/20 22:03:36 | 000,010,178 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\wklnhst.dat
[2005/11/16 19:40:10 | 000,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2005/11/16 19:38:54 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2005/11/14 21:57:17 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Eric\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/11 18:14:37 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/11/04 07:16:13 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004/05/27 04:35:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/05/26 13:31:01 | 000,001,236 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/05/26 13:31:01 | 000,000,491 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/05/26 07:14:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/06/13 18:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/12/23 21:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/01/23 18:04:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/01/21 21:49:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/01/22 21:58:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/12/01 20:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/01/21 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2009/02/23 15:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CinemaNow
[2008/11/15 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/05/25 16:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync
[2008/11/15 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/11/15 20:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/11/15 20:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/04/26 12:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/05/16 11:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2009/11/08 16:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2008/11/15 20:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/08/03 20:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/11/15 20:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/11/15 20:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/16 09:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/24 21:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/26 14:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/25 17:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Blackberry Desktop
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/11 07:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\GoodSync
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\HotSync
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\ICAClient
[2008/12/29 14:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\IsolatedStorage
[2008/11/15 20:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Leadertech
[2008/11/15 20:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\LimeWire
[2009/01/09 18:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\OfficeUpdate12
[2010/08/22 17:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Research In Motion
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\RIM Palm&PPC Upgrade Wizard
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\SampleView
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Simple Star
[2008/12/13 12:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Snapfish
[2009/10/03 06:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\SPAMfighter
[2009/01/20 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\TeamViewer
[2008/11/15 20:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Template
[2008/11/15 20:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Viewpoint
[2009/03/26 10:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Walgreens
[2010/03/29 14:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\webex
[2008/11/15 20:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Xdrive
[2010/12/10 16:43:26 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/11 08:06:11 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D6187263-0D9A-4E01-8BEC-185A736B10FD}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/12/04 10:23:48 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2005/12/05 22:13:47 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2005/12/05 22:13:47 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2005/11/04 07:42:42 | 000,000,172 | ---- | M] () -- C:\audio.log
[2007/12/17 18:54:12 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/29 13:43:58 | 000,000,093 | ---- | M] () -- C:\BIOSID.TXT
[2010/04/25 21:02:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2004/05/26 14:25:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/05/02 12:31:22 | 000,000,055 | ---- | M] () -- C:\DVDPATH.TXT
[2007/03/01 20:03:23 | 000,000,393 | ---- | M] () -- C:\Epoc-AUCredentials-Palm.log
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2010/12/10 16:43:54 | 000,002,282 | ---- | M] () -- C:\Facilitator.log
[2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/05/25 15:47:16 | 000,000,200 | ---- | M] () -- C:\GthugginIsGREAT.txt
[2010/12/10 16:40:05 | 2145,026,048 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2004/05/26 14:25:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/08/17 19:19:47 | 000,010,949 | ---- | M] () -- C:\medschool.docx
[2004/05/26 14:25:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/01/02 19:20:04 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/10 16:40:04 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009/04/26 12:15:02 | 000,000,204 | ---- | M] () -- C:\Plugins
[2005/06/12 09:34:01 | 000,000,256 | ---- | M] () -- C:\SmartInstaller.log
[2005/10/31 09:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2010/12/01 07:23:27 | 000,056,295 | ---- | M] () -- C:\VETlog.dmp
[2010/12/01 07:23:27 | 009,030,148 | ---- | M] () -- C:\VETlog.txt
[2009/01/20 22:22:45 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/05/26 14:24:58 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/10/09 05:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9D.DLL
[2008/10/09 05:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9D.DLL
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/12/22 14:43:24 | 000,082,256 | ---- | M] (Microsoft Corporation.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2006/05/30 16:58:34 | 000,311,296 | ---- | M] (Simple Star, Inc.) -- C:\WINDOWS\Walgreens PhotoShow.scr
[2009/02/06 18:03:18 | 000,307,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/05/10 17:57:16 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\Eric\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2005/11/25 14:06:09 | 000,002,385 | ---- | M] () -- C:\Program Files\launch.asp

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/05/26 07:13:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/05/26 07:13:06 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/05/26 07:13:06 | 000,864,256 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/01/02 19:24:35 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/06/02 18:37:16 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Eric\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/05/26 14:33:19 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Eric\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2009/01/04 10:47:13 | 005,147,893 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\Eric\Desktop\343620_intl_i386_zip.exe
[2009/02/15 20:02:41 | 221,792,528 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\470_b050_english.exe
[2005/11/27 12:07:51 | 004,657,796 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\7512042.exe
[2010/11/27 16:33:31 | 012,674,968 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Eric\Desktop\AdobeAIRInstaller.exe
[2009/01/22 18:24:29 | 002,151,720 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Eric\Desktop\BonjourSetup.exe
[2010/10/10 20:55:00 | 003,430,224 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Eric\Desktop\ccsetup236.exe
[2009/02/23 15:30:18 | 007,566,624 | ---- | M] (CinemaNow, Inc. ) -- C:\Documents and Settings\Eric\Desktop\cinemanow.exe
[2010/03/11 20:25:28 | 242,743,296 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\dotnetfx35.exe
[2006/07/30 10:06:04 | 024,451,404 | ---- | M] (Creative Technology Ltd) -- C:\Documents and Settings\Eric\Desktop\LiveDrvUni-Pack(ENG).exe
[2009/03/23 12:09:17 | 009,626,864 | ---- | M] (Mozy, Inc.) -- C:\Documents and Settings\Eric\Desktop\mozy-1_12_0_7-4821.exe
[2009/01/23 17:58:31 | 020,014,408 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\mp620svstns102en.exe
[2010/03/11 20:05:29 | 000,359,656 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\msicuu2.exe
[2010/03/11 20:16:37 | 008,981,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\NDP20SP2-KB958481-x86.exe
[2010/03/11 20:27:40 | 007,256,928 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\NDP30SP2-KB958483-x86.exe
[2010/03/11 20:28:24 | 001,424,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\NDP35SP1-KB958484-x86.exe
[2008/12/23 22:33:45 | 006,210,064 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\office2007-kb946691-fullfile-x86-glb.exe
[2008/12/23 22:38:46 | 009,797,704 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\office2007-kb951550-fullfile-x86-glb.exe
[2008/12/30 20:57:26 | 015,750,216 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\office2007-kb951944-fullfile-x86-glb.exe
[2009/01/02 15:58:09 | 228,852,088 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Eric\Desktop\office2007sp1-kb936982-fullfile-en-us.exe
[2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
[2010/10/11 19:09:14 | 000,755,552 | ---- | M] (Secunia) -- C:\Documents and Settings\Eric\Desktop\PSISetup.exe
[2010/11/27 16:24:52 | 034,452,784 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Eric\Desktop\QuickTimeInstaller.exe
[2010/12/10 16:37:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-11 02:00:40

========== Files - Unicode (All) ==========
[2009/02/23 16:48:42 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\Documents\TV?Movies) -- C:\Documents and Settings\All Users\Documents\TVMovies
[2009/01/03 10:14:59 | 000,000,000 | ---D | C](C:\Documents and Settings\All Users\Documents\TV?Movies) -- C:\Documents and Settings\All Users\Documents\TVMovies

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Eric\Desktop\LiveDrvUni-Pack(ENG).exe:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\XmasX3hohoho.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surftwo.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfkids.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfing.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfereric.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfbig.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\St.Pats2009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ssurfereric.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\sendfriends.jpeg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\SCMSAE-NewsNov2007.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Scan1_0001_001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\QDATAOFXLOG.DAT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\PROMISSORYNOTEHartmann.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\PaulHartmann_1915086.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\NewTimeSheet-2pg10lines.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\mothersday.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\March2009CentralIssue.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\LucyHartmanSeptember08Budget.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\LucyHartmann.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Labs11_25_08.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\K9E0ZZB!_3N%60-8HDWK]V2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\july07.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\January2007Newsletter.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\I-SpyChristmas.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\HARTMANN Ella AFFIDAVIT for distribution of property.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Happy2009.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\GEmoney.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\EnrollmentReminder.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\DSCN1007.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\DHSWORKERSCOMP012008ElectionForm.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\CSI info.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\CopyofQSOEducationResources.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\concertcw.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Brian'shang-up.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Blowing+Rings.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Beerchastra.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ballots2008ISTA.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ATT00001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ATI082.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\A.poell.word.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\A.poell.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\8C4DC74297C463CCF889C39C67FC6AE.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\7F594CC7768E762CED4213EE6038EBD3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2RXVU2,98Y3_XBLV7Y!D6_.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009OCTBUDGET.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009BUDGETFORSESSION.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009_04180022.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2008Revenue.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\20080813122950693.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\20080716160818623.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\043_43.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\01Track1.wma:Roxio EMC Stream

< End of report >
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm

Re: html/Zones.gen

Unread postby askey127 » December 11th, 2010, 3:42 pm

pauloil,
I don't see much wrong with your machine.
----------------------------------------------
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    [2008/11/15 20:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\LimeWire
    [2005/10/31 09:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\LimeWire\LimeWire.exe" =-
    
    :Files
    C:\Documents and Settings\Eric\Application Data\LimeWire
    C:\StubInstaller.exe
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Let me know how it behaves.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: html/Zones.gen

Unread postby pauloil » December 11th, 2010, 4:30 pm

OTL logfile created on: 12/11/2010 2:23:09 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Eric\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 457.00 Gb Total Space | 400.09 Gb Free Space | 87.55% Space Free | Partition Type: NTFS
Drive D: | 3.69 Gb Total Space | 2.51 Gb Free Space | 68.05% Space Free | Partition Type: FAT32
Drive G: | 8.75 Gb Total Space | 8.74 Gb Free Space | 99.88% Space Free | Partition Type: FAT32
Drive H: | 70.82 Gb Total Space | 70.75 Gb Free Space | 99.90% Space Free | Partition Type: NTFS

Computer Name: FAMILYROOM | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
PRC - [2010/07/06 13:14:43 | 000,045,992 | ---- | M] (Qwest Communications) -- C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/19 04:34:31 | 000,405,672 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010/04/19 04:34:30 | 000,337,064 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010/04/19 04:34:30 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/02 21:17:23 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/04/02 21:17:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/04/02 21:17:11 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/14 18:38:14 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/01/16 12:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
PRC - [2010/01/16 12:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
PRC - [2010/01/16 12:30:02 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
PRC - [2009/12/18 12:58:34 | 001,064,808 | ---- | M] () -- C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
PRC - [2009/11/11 14:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2009/10/20 12:51:46 | 002,890,552 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/27 08:24:06 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\SPAMfighter\sfus.exe
PRC - [2009/01/30 18:14:34 | 000,125,304 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2008/10/24 08:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/06/24 12:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 19:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/01/22 11:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/01/08 11:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/11/21 16:51:20 | 001,507,328 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
PRC - [2007/05/21 08:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2006/11/03 18:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/10/23 06:50:37 | 000,071,216 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
PRC - [2006/10/23 06:50:35 | 000,046,640 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/11/04 07:44:53 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2004/11/10 11:03:50 | 001,126,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
PRC - [2004/11/10 10:44:30 | 001,273,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
PRC - [2004/11/10 09:41:20 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
PRC - [2002/07/02 16:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
PRC - [2001/09/14 00:56:00 | 000,026,112 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (SafeList) ==========

MOD - [2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/01/16 12:30:06 | 000,116,008 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprthook.dll
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2006/05/31 17:53:05 | 000,010,312 | ---- | M] (America Online) -- C:\Program Files\Common Files\AOL\ACS\WLHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe -- (Xdrive Service)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/19 04:34:31 | 000,405,672 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010/04/19 04:34:30 | 000,337,064 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010/04/19 04:34:30 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/02 21:17:23 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/16 12:31:40 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/01/16 12:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe -- (tgsrvc_quickcare) SupportSoft Repair Service (quickcare)
SRV - [2010/01/16 12:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe -- (sprtsvc_quickcare) SupportSoft Sprocket Service (quickcare)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/08/27 08:24:06 | 000,189,064 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2009/01/30 18:14:34 | 000,125,304 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2008/01/22 11:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/01/08 11:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/23 06:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/04 07:44:53 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2004/11/10 10:44:30 | 001,273,856 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe -- (Norton Ghost)
SRV - [2004/11/10 09:41:20 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgivEcp.Sys -- (DgivEcp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\athuw.sys -- (AR9271)
DRV - [2010/07/07 08:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/04/02 21:17:26 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/04/02 21:17:26 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 12:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/12 19:35:09 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/05/20 15:25:08 | 000,509,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/02/03 10:37:33 | 000,049,536 | R--- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2005/12/29 17:07:50 | 000,282,624 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/07/20 15:37:22 | 000,035,712 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/07/18 20:40:40 | 001,019,064 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/04/05 17:38:32 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/02/24 08:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/11/10 10:49:56 | 000,046,800 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQIMount.sys -- (PQIMount)
DRV - [2004/11/10 10:30:20 | 000,138,801 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PQV2i.sys -- (PQV2i)
DRV - [2004/06/11 03:59:44 | 000,056,576 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiHFF0C.sys -- (SaiHFF0C)
DRV - [2004/06/11 03:59:20 | 000,019,584 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\saiuFF0C.sys -- (SaiUFF0C)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/24 12:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 09:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 09:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 09:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 09:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 09:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 09:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/09/14 00:56:00 | 000,776,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1f.sys -- (emu10k) Creative SB Live! Value (WDM)
DRV - [2001/09/14 00:56:00 | 000,035,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfman.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/09/14 00:56:00 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlface.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
DRV - [2001/08/17 12:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 F8 8C 89 7B 48 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/15 21:31:16 | 000,000,000 | ---D | M]

[2009/10/10 17:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2007/05/24 14:54:24 | 000,000,082 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 gameguard.mapleglobal.com
O1 - Hosts: 127.0.0.1 gameguard.mapleglobal.com
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154488802\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickCare] C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe ()
O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - File not found
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15015/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/prof ... itStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamespyarcade.com/softwar ... launch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://join-test.webex.com/client/T27L ... eatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15023/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/17 18:54:12 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell - "" = AutoRun
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55cb3e62-d6a6-11dd-989b-001320bd3fee}\Shell\AutoRun\command - "" = C:\WINDOWS\explorer.exe -- [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/11 14:15:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/11 09:04:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Eric\Recent
[2010/12/11 07:57:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
[2010/12/10 16:37:00 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\TFC.exe
[2010/11/26 19:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric\Desktop\HostsXpert
[2005/11/27 12:08:54 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/11 14:20:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/11 14:19:13 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/11 14:18:59 | 000,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/11 14:17:27 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/11 14:17:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/11 14:17:12 | 2145,026,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/11 14:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/11 08:22:48 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D6187263-0D9A-4E01-8BEC-185A736B10FD}.job
[2010/12/11 07:57:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.exe
[2010/12/10 23:10:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/10 16:47:42 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/10 16:37:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\TFC.exe
[2010/12/10 16:27:14 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.lnk
[2010/12/08 22:38:10 | 000,010,178 | ---- | M] () -- C:\Documents and Settings\Eric\Application Data\wklnhst.dat
[2010/12/05 13:01:23 | 001,355,722 | ---- | M] () -- C:\Documents and Settings\Eric\My Documents\kelseyh.JPG
[2010/12/03 18:14:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\Internet.lnk
[2010/12/01 07:23:27 | 000,056,295 | ---- | M] () -- C:\VETlog.dmp
[2010/11/30 22:12:42 | 000,005,654 | ---- | M] () -- C:\WINDOWS\mozy.blk
[2010/11/30 22:12:42 | 000,001,276 | ---- | M] () -- C:\WINDOWS\mozy.flt
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/27 16:31:01 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/27 08:36:03 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\Revo Uninstaller.lnk
[2010/11/26 19:38:38 | 000,353,485 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HostsXpert.zip
[2010/11/26 15:16:57 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.msi
[2010/11/24 22:20:49 | 000,000,064 | ---- | M] () -- C:\WINDOWS\webica.ini
[2010/11/13 18:55:30 | 000,442,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/13 18:55:30 | 000,071,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2010/12/05 13:01:23 | 001,355,722 | ---- | C] () -- C:\Documents and Settings\Eric\My Documents\kelseyh.JPG
[2010/12/03 18:14:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\Internet.lnk
[2010/11/27 16:31:01 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/26 19:38:36 | 000,353,485 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HostsXpert.zip
[2010/11/26 15:17:56 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.lnk
[2010/11/26 15:16:55 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Eric\Desktop\HiJackThis.msi
[2010/11/21 21:44:01 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/05 20:40:42 | 000,961,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/22 17:42:06 | 000,000,539 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\Rim.Desktop.Exception.log
[2010/08/22 12:28:44 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\Rim.Desktop.HttpServerSetup.log
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/01/21 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/01/03 16:45:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Resources
[2008/01/03 16:45:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Profiles
[2007/12/28 08:49:25 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2007/12/27 16:04:43 | 000,000,210 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/12/17 18:44:48 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/10/11 12:13:38 | 000,004,466 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/26 11:50:40 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/08/03 20:52:54 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\photoshow_express_setup.txt
[2006/10/23 17:24:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/10/07 12:57:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/09/24 07:30:39 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Eric\Local Settings\Application Data\fusioncache.dat
[2006/07/16 09:40:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2006/07/16 09:40:17 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2006/07/16 09:38:56 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2006/07/16 09:38:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/07/16 09:38:45 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2006/07/15 11:07:19 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/21 21:07:40 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/05/08 21:06:58 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2006/04/16 06:33:49 | 000,000,075 | ---- | C] () -- C:\WINDOWS\SSAW.INI
[2006/02/13 17:54:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\CIV.INI
[2006/02/13 17:53:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/12/11 15:51:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2005/12/08 19:21:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\webica.ini
[2005/12/03 18:37:42 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/12/03 18:37:42 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/12/03 18:37:42 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/11/25 14:06:01 | 000,002,385 | ---- | C] () -- C:\Program Files\launch.asp
[2005/11/23 16:39:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/23 08:27:45 | 000,000,869 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2005/11/20 22:03:36 | 000,010,178 | ---- | C] () -- C:\Documents and Settings\Eric\Application Data\wklnhst.dat
[2005/11/16 19:40:10 | 000,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2005/11/16 19:38:54 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2005/11/14 21:57:17 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Eric\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/11 18:14:37 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/11/04 07:16:13 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2004/05/27 04:35:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/05/26 13:31:01 | 000,001,236 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/05/26 13:31:01 | 000,000,491 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/05/26 07:14:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/06/13 18:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008/12/23 21:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/01/23 18:04:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/01/21 21:49:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/01/22 21:58:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/12/01 20:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/01/21 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2009/02/23 15:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CinemaNow
[2008/11/15 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/05/25 16:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync
[2008/11/15 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/11/15 20:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2008/11/15 20:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/04/26 12:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/05/16 11:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2009/11/08 16:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2008/11/15 20:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/08/03 20:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/11/15 20:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/11/15 20:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/16 09:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/24 21:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/26 14:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/25 17:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Blackberry Desktop
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/11 07:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\GoodSync
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\HotSync
[2008/11/15 20:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\ICAClient
[2008/12/29 14:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\IsolatedStorage
[2008/11/15 20:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Leadertech
[2009/01/09 18:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\OfficeUpdate12
[2010/08/22 17:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Research In Motion
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\RIM Palm&PPC Upgrade Wizard
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\SampleView
[2008/11/15 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Simple Star
[2008/12/13 12:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Snapfish
[2009/10/03 06:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\SPAMfighter
[2009/01/20 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\TeamViewer
[2008/11/15 20:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Template
[2008/11/15 20:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Viewpoint
[2009/03/26 10:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\Walgreens
[2010/03/29 14:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric\Application Data\webex
[2010/12/11 14:20:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/11 08:22:48 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D6187263-0D9A-4E01-8BEC-185A736B10FD}.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/02/23 16:48:42 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\Documents\TV?Movies) -- C:\Documents and Settings\All Users\Documents\TVMovies
[2009/01/03 10:14:59 | 000,000,000 | ---D | C](C:\Documents and Settings\All Users\Documents\TV?Movies) -- C:\Documents and Settings\All Users\Documents\TVMovies

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Eric\Desktop\LiveDrvUni-Pack(ENG).exe:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\XmasX3hohoho.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surftwo.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfkids.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfing.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfereric.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\surfbig.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\St.Pats2009.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ssurfereric.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\sendfriends.jpeg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\SCMSAE-NewsNov2007.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Scan1_0001_001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\QDATAOFXLOG.DAT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\PROMISSORYNOTEHartmann.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\PaulHartmann_1915086.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\NewTimeSheet-2pg10lines.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\mothersday.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\March2009CentralIssue.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\LucyHartmanSeptember08Budget.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\LucyHartmann.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Labs11_25_08.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\K9E0ZZB!_3N%60-8HDWK]V2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\july07.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\January2007Newsletter.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\I-SpyChristmas.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\HARTMANN Ella AFFIDAVIT for distribution of property.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Happy2009.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\GEmoney.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\EnrollmentReminder.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\DSCN1007.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\DHSWORKERSCOMP012008ElectionForm.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\CSI info.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\CopyofQSOEducationResources.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\concertcw.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Brian'shang-up.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Blowing+Rings.wmv:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\Beerchastra.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ballots2008ISTA.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ATT00001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\ATI082.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\A.poell.word.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\A.poell.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\8C4DC74297C463CCF889C39C67FC6AE.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\7F594CC7768E762CED4213EE6038EBD3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2RXVU2,98Y3_XBLV7Y!D6_.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009OCTBUDGET.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009BUDGETFORSESSION.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2009_04180022.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\2008Revenue.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\20080813122950693.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\20080716160818623.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\043_43.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Eric\My Documents\01Track1.wma:Roxio EMC Stream

< End of report >
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm

Re: html/Zones.gen

Unread postby askey127 » December 11th, 2010, 4:49 pm

Is the machine behaving in a satisfactory manner?
Based on the scans we have done so far, it looks OK to me.

I would remove cinemanow and Intuit from Internet Explorer trusted sites. (Tools> Internet Options > Security tab > Trusted Sites)
You should never have more than Microsoft and/or your Internet Provider in the trusted zone.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: html/Zones.gen

Unread postby pauloil » December 12th, 2010, 1:03 pm

thanks for the review and advise! all seems ok and I will do full backup of C:
pauloil
Active Member
 
Posts: 9
Joined: November 25th, 2010, 2:49 pm

Re: html/Zones.gen

Unread postby askey127 » December 15th, 2010, 11:25 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 297 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware